Recent vulnerabilities

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2025-68545	9.1 (3.1)	WordPress Nika theme <= 1.2.14 - Local File Inclusion …	thembay	Nika	2026-02-20T15:46:40.615Z	2026-02-27T17:02:45.502Z
CVE-2026-27700	8.2 (3.1)	Hono is Vulnerable to Authentication Bypass by IP Spoo…	honojs	hono	2026-02-25T15:01:44.681Z	2026-02-27T17:01:28.403Z
CVE-2026-27701	8.8 (4.0)	LiveCodes vulnerable to JavaScript Injection via untru…	live-codes	livecodes	2026-02-25T15:06:17.617Z	2026-02-27T17:00:20.183Z
CVE-2025-67979	9.9 (3.1)	WordPress WPForms Google Sheet Connector plugin <= 4.0…	WesternDeal	WPForms Google Sheet Connector	2026-02-20T15:46:30.861Z	2026-02-27T17:00:03.047Z
CVE-2025-60183	5.9 (3.1)	WordPress Silencesoft RSS Reader Plugin <= 0.6 - Cross…	silence	Silencesoft RSS Reader	2026-02-20T15:46:27.695Z	2026-02-27T16:57:57.144Z
CVE-2026-28207	6.6 (3.1)	Zen-C Vulnerable to Command Injection via Malicious Ou…	z-libs	Zen-C	2026-02-26T22:17:58.898Z	2026-02-27T16:57:44.054Z
CVE-2024-56208	6.5 (3.1)	WordPress NewsMash theme <= 1.0.71 - Cross Site Script…	desertthemes	NewsMash	2026-02-20T15:46:26.166Z	2026-02-27T16:57:10.460Z
CVE-2024-52387	5.9 (3.1)	WordPress Master Addons plugin <= 2.0.9.9.4 - Cross S…	Liton Arefin	Master Addons for Elementor	2026-02-20T15:46:25.639Z	2026-02-27T16:56:21.816Z
CVE-2024-50555	6.5 (3.1)	WordPress Elementor Website Builder plugin <= 3.29.0 -…	Elementor	Elementor Website Builder	2026-02-20T15:46:25.284Z	2026-02-27T16:55:35.487Z
CVE-2021-4456	6.5 (3.1)	Net::CIDR versions before 0.24 for Perl mishandle lead…	MRSAM	Net::CIDR	2026-02-27T00:16:36.383Z	2026-02-27T16:53:23.671Z
CVE-2026-3188	5.3 (4.0) 4.3 (3.1) 4.3 (3.0)	feiyuchuixue sz-boot-parent API templates path traversal	feiyuchuixue	sz-boot-parent	2026-02-25T15:32:09.025Z	2026-02-27T16:52:23.121Z
CVE-2025-5198	5 (3.1)	Stackrox: xss in stackrox			2025-05-27T20:51:34.287Z	2026-02-27T16:41:01.549Z
CVE-2024-5692	6.5 (3.1)	On Windows 10, when using the 'Save As' functiona…	Mozilla	Firefox	2024-06-11T12:40:13.370Z	2026-02-27T16:40:12.748Z
CVE-2025-4374	6.5 (3.1)	Quay: incorrect privilege assignment	Project Quay	quay	2025-05-06T14:49:28.660Z	2026-02-27T16:40:01.768Z
CVE-2026-1585	8.4 (4.0) 6.7 (3.1)	An unquoted Windows service executable path vulne…	Canon Inc.	IJ Scan Utility	2026-02-26T23:39:13.778Z	2026-02-27T16:38:57.696Z
CVE-2025-7777	6.5 (3.1)	Mirror-registry: host header injection in mirror-registry	Red Hat	mirror registry for Red Hat OpenShift	2025-08-20T11:38:59.459Z	2026-02-27T16:38:55.806Z
CVE-2025-2241	8.2 (3.1)	Hive: exposure of vcenter credentials via clusterprovi…			2025-03-17T16:27:20.598Z	2026-02-27T16:35:25.002Z
CVE-2025-3528	8.2 (3.1)	Mirror-registry: local privilege escalation due to inc…			2025-05-09T11:58:24.957Z	2026-02-27T16:29:37.084Z
CVE-2026-27518	5.1 (4.0) 4.3 (3.1)	Binardat 10G08-0800GSM Network Switch CSRF	Binardat Ltd.	10G08-0800GSM Network Switch	2026-02-24T15:06:39.513Z	2026-02-27T16:27:58.158Z
CVE-2026-27519	8.7 (4.0) 7.5 (3.1)	Binardat 10G08-0800GSM Network Switch Hard-coded RC4 E…	Binardat Ltd.	10G08-0800GSM Network Switch	2026-02-24T15:07:10.410Z	2026-02-27T16:27:19.626Z
CVE-2026-27830	8.9 (4.0)	c3p0 vulnerable to Remote Code Execution via unsafe de…	swaldman	c3p0	2026-02-26T00:45:18.222Z	2026-02-27T16:25:52.917Z
CVE-2026-27074	6.5 (3.1)	WordPress Shortcoder plugin <= 6.5.1 - Cross Site Scri…	vaakash	Shortcoder	2026-02-19T08:27:11.377Z	2026-02-27T16:24:12.439Z
CVE-2026-25389	5.3 (3.1)	WordPress EventPrime plugin <= 4.2.8.3 - Sensitive Dat…	Metagauss	EventPrime	2026-02-19T08:27:02.493Z	2026-02-27T16:23:27.069Z
CVE-2026-25331	6.5 (3.1)	WordPress WP Activity Log plugin <= 5.5.4 - Cross Site…	Melapress	WP Activity Log	2026-02-19T08:26:57.085Z	2026-02-27T16:22:19.799Z
CVE-2026-25305	6.5 (3.1)	WordPress XStore theme <= 9.6.4 - Cross Site Scripting…	8theme	XStore	2026-02-19T08:26:52.704Z	2026-02-27T16:21:31.717Z
CVE-2026-3071	8.4 (3.1)	Deserialization of untrusted data in the Language…	Flair	Flair	2026-02-26T14:56:39.524Z	2026-02-27T16:21:29.889Z
CVE-2026-25006	5.3 (3.1)	WordPress XStore theme <= 9.6.4 - Arbitrary Shortcode …	8theme	XStore	2026-02-19T08:26:52.080Z	2026-02-27T16:20:40.970Z
CVE-2026-26077	6.5 (3.1)	Discourse doesn't ensure webhooks require a token	discourse	discourse	2026-02-26T14:58:13.971Z	2026-02-27T16:19:00.984Z
CVE-2026-21660	6.9 (4.0)	Johnson Controls-Frick Quantum HD-Hardcoded Email Cred…	Johnson Controls	Frick Controls Quantum HD	2026-02-27T09:18:49.186Z	2026-02-27T16:17:45.915Z
CVE-2026-26078	7.5 (3.1)	Discourse has authentication bypass vulnerability in t…	discourse	discourse	2026-02-26T15:00:47.130Z	2026-02-27T16:17:41.410Z

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2025-67979	9.9 (3.1)	WordPress WPForms Google Sheet Connector plugin <= 4.0…	WesternDeal	WPForms Google Sheet Connector	2026-02-20T15:46:30.861Z	2026-02-27T17:00:03.047Z
CVE-2025-60183	5.9 (3.1)	WordPress Silencesoft RSS Reader Plugin <= 0.6 - Cross…	silence	Silencesoft RSS Reader	2026-02-20T15:46:27.695Z	2026-02-27T16:57:57.144Z
CVE-2025-5318	8.1 (3.1)	Libssh: out-of-bounds read in sftp_handle()			2025-06-24T14:10:07.188Z	2026-02-27T17:05:15.158Z
CVE-2026-27904	7.5 (3.1)	minimatch ReDoS: nested *() extglobs generate catastro…	isaacs	minimatch	2026-02-26T01:07:42.693Z	2026-02-26T19:21:39.006Z
CVE-2024-56208	6.5 (3.1)	WordPress NewsMash theme <= 1.0.71 - Cross Site Script…	desertthemes	NewsMash	2026-02-20T15:46:26.166Z	2026-02-27T16:57:10.460Z
CVE-2024-52387	5.9 (3.1)	WordPress Master Addons plugin <= 2.0.9.9.4 - Cross S…	Liton Arefin	Master Addons for Elementor	2026-02-20T15:46:25.639Z	2026-02-27T16:56:21.816Z
CVE-2024-50555	6.5 (3.1)	WordPress Elementor Website Builder plugin <= 3.29.0 -…	Elementor	Elementor Website Builder	2026-02-20T15:46:25.284Z	2026-02-27T16:55:35.487Z
CVE-2023-52356	7.5 (3.1)	Libtiff: segment fault in libtiff in tiffreadrgbatile…			2024-01-25T20:03:40.971Z	2026-02-27T17:05:04.387Z
CVE-2023-52355	7.5 (3.1)	Libtiff: tiffrasterscanlinesize64 produce too-big size…			2024-01-25T20:03:35.031Z	2026-02-27T17:05:04.306Z
CVE-2021-4456	6.5 (3.1)	Net::CIDR versions before 0.24 for Perl mishandle lead…	MRSAM	Net::CIDR	2026-02-27T00:16:36.383Z	2026-02-27T16:53:23.671Z
CVE-2026-27942	2.7 (4.0)	fast-xml-parser has stack overflow in XMLBuilder with …	NaturalIntelligence	fast-xml-parser	2026-02-26T01:22:11.383Z	2026-02-26T15:49:35.449Z
CVE-2026-27970	7.6 (4.0)	Angular i18n vulnerable to Cross-Site Scripting (XSS)	angular	angular	2026-02-26T02:03:43.811Z	2026-02-26T14:47:38.387Z
CVE-2026-26093	8.7 (4.0)	Improper Neutralization of Special Elements used in a …	Owl	opds	2026-02-20T16:49:30.090Z	2026-02-20T23:04:14.340Z
CVE-2026-27963	4.8 (3.1)	Audiobookshelf has Stored XSS in Tooltip.vue via Audio…	advplyr	audiobookshelf	2026-02-26T02:08:21.298Z	2026-02-26T14:43:59.379Z
CVE-2026-26095	8.5 (4.0)	Incorrect Permission Assignment for Critical Resource …	Owl	opds	2026-02-20T16:51:57.085Z	2026-02-20T23:04:03.576Z
CVE-2026-26096	8.5 (4.0)	Incorrect Permission Assignment for Critical Resource …	Owl	opds	2026-02-20T16:52:36.398Z	2026-02-20T23:03:54.574Z
CVE-2026-26097	8.4 (4.0)	Uncontrolled Search Path Element in Owl opds	Owl	opds	2026-02-20T16:53:08.555Z	2026-02-20T23:03:43.825Z
CVE-2026-26098	8.4 (4.0)	Uncontrolled Search Path Element in Owl opds	Owl	opds	2026-02-20T16:54:09.124Z	2026-02-20T23:03:35.006Z
CVE-2026-26099	8.4 (4.0)	Uncontrolled Search Path Element in Owl opds	Owl	opds	2026-02-20T16:54:46.895Z	2026-02-20T23:03:24.179Z
CVE-2026-27457	4.3 (3.1)	Weblate: Missing access control for the AddonViewSet A…	WeblateOrg	weblate	2026-02-26T21:56:03.220Z	2026-02-26T21:56:03.220Z
CVE-2026-27638	5.7 (4.0)	ActualBudget missing authorization in sync endpoints a…	actualbudget	actual	2026-02-26T22:14:21.481Z	2026-02-26T22:14:21.481Z
CVE-2026-26100	6.8 (4.0)	Incorrect Permission Assignment for Critical Resource …	Owl	opds	2026-02-20T16:55:22.769Z	2026-02-20T23:03:13.913Z
CVE-2026-26101	8.5 (4.0)	Incorrect Permission Assignment for Critical Resource …	Owl	opds	2026-02-20T16:55:50.430Z	2026-02-20T23:03:04.976Z
CVE-2026-26102	8.5 (4.0)	Incorrect Permission Assignment for Critical Resource …	Owl	opds	2026-02-20T16:56:18.873Z	2026-02-20T23:02:51.636Z
CVE-2026-28370	9.1 (3.1)	In the query parser in OpenStack Vitrage before 1…	OpenStack	Vitrage	2026-02-27T04:56:25.453Z	2026-02-27T15:47:53.604Z
CVE-2026-28225	5.3 (3.1)	Manyfold has IDOR in ModelFilesController	manyfold3d	manyfold	2026-02-26T22:40:17.996Z	2026-02-27T18:33:16.833Z
CVE-2026-26271	5.5 (4.0)	Buffer Overread in FreeRDP Icon Processing	FreeRDP	FreeRDP	2026-02-25T20:40:19.377Z	2026-02-26T15:50:49.130Z
CVE-2025-15571	4.8 (4.0) 3.3 (3.1) 3.3 (3.0)	ckolivas lrzip stream.c ucompthread null pointer dereference	ckolivas	lrzip	2026-02-10T14:32:08.345Z	2026-02-23T09:56:32.516Z
CVE-2026-3261	6.9 (4.0) 7.3 (3.1) 7.3 (3.0)	itsourcecode School Management System Setting index.ph…	itsourcecode	School Management System	2026-02-26T21:02:08.434Z	2026-02-27T15:44:41.552Z
CVE-2025-14103	4.3 (3.1)	Missing Authorization in GitLab	GitLab	GitLab	2026-02-25T19:33:35.698Z	2026-02-25T20:52:22.958Z

ID	Description	Published	Updated
fkie_cve-2026-27904	minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp obje…	2026-02-26T02:16:21.760	2026-02-27T17:16:23.773
fkie_cve-2024-56208	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2026-02-20T16:22:00.987	2026-02-27T17:16:23.510
fkie_cve-2024-52387	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2026-02-20T16:22:00.710	2026-02-27T17:16:23.320
fkie_cve-2024-50555	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2026-02-20T16:22:00.427	2026-02-27T17:16:23.117
fkie_cve-2023-52356	A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff …	2024-01-25T20:15:39.063	2026-02-27T17:16:21.270
fkie_cve-2023-52355	An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file t…	2024-01-25T20:15:38.353	2026-02-27T17:16:20.137
fkie_cve-2021-4456	Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may hav…	2026-02-27T01:16:13.553	2026-02-27T17:16:19.903
fkie_cve-2026-27942	fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object w…	2026-02-26T02:16:22.357	2026-02-27T17:14:16.193
fkie_cve-2026-27970	Angular is a development platform for building mobile and desktop web applications using TypeScript…	2026-02-26T02:16:24.353	2026-02-27T17:11:53.417
fkie_cve-2026-26093	Improper Neutralization of Special Elements used in a Command ('Command Injection') in Owl opds 2.2…	2026-02-20T17:25:53.847	2026-02-27T17:08:38.730
fkie_cve-2026-27963	Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting (XSS) v…	2026-02-26T03:16:04.687	2026-02-27T17:08:05.327
fkie_cve-2026-26095	Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation …	2026-02-20T17:25:54.007	2026-02-27T17:07:55.077
fkie_cve-2026-26096	Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation …	2026-02-20T17:25:54.163	2026-02-27T17:07:25.007
fkie_cve-2026-26097	Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration F…	2026-02-20T17:25:54.337	2026-02-27T17:06:35.040
fkie_cve-2026-26098	Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration F…	2026-02-20T17:25:54.497	2026-02-27T17:05:50.910
fkie_cve-2026-26099	Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration F…	2026-02-20T17:25:54.650	2026-02-27T17:05:25.823
fkie_cve-2026-27457	Weblate is a web based localization tool. Prior to version 5.16.1, the REST API's `AddonViewSet` (`…	2026-02-26T22:20:48.133	2026-02-27T17:05:12.150
fkie_cve-2026-27638	Actual is a local-first personal finance tool. Prior to version 26.2.1, in multi-user mode (OpenID)…	2026-02-26T23:16:34.807	2026-02-27T17:03:28.260
fkie_cve-2026-26100	Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation …	2026-02-20T17:25:54.820	2026-02-27T17:01:39.930
fkie_cve-2026-26101	Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation …	2026-02-20T17:25:54.967	2026-02-27T17:00:38.157
fkie_cve-2026-26102	Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation …	2026-02-20T17:25:55.120	2026-02-27T17:00:09.890
fkie_cve-2026-28370	In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed …	2026-02-27T05:18:20.757	2026-02-27T16:58:27.747
fkie_cve-2026-28225	Manyfold is an open source, self-hosted web application for managing a collection of 3d models, par…	2026-02-26T23:16:36.413	2026-02-27T16:55:07.943
fkie_cve-2026-26271	FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a buffer …	2026-02-25T21:16:42.713	2026-02-27T16:46:56.747
fkie_cve-2025-15571	A security vulnerability has been detected in ckolivas lrzip up to 0.651. This vulnerability affect…	2026-02-10T15:16:04.443	2026-02-27T16:24:20.170
fkie_cve-2026-3261	A flaw has been found in itsourcecode School Management System 1.0. This impacts an unknown functio…	2026-02-26T22:20:51.757	2026-02-27T16:20:51.510
fkie_cve-2025-14103	GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.7.5, 18.8…	2026-02-25T20:20:07.867	2026-02-27T16:18:36.960
fkie_cve-2025-3525	GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.0 before 18.7.5, 18.8 …	2026-02-25T20:21:29.250	2026-02-27T16:17:46.153
fkie_cve-2026-3304	Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior …	2026-02-27T16:16:26.380	2026-02-27T16:16:26.380
fkie_cve-2026-3277	The OpenID Connect (OIDC) authentication configuration in PowerShell Universal before 2026.1.3 sto…	2026-02-27T16:16:26.260	2026-02-27T16:16:26.260

ID	Severity	Description	Published	Updated
ghsa-m43j-vx3f-qc3c	6.3 (3.1) 5.3 (4.0)	A vulnerability was found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250…	2026-02-27T00:31:45Z	2026-02-27T00:31:45Z
ghsa-jqg2-vwg3-wvhv	6.3 (3.1) 2.1 (4.0)	A vulnerability was determined in go2ismail Free-CRM up to b83c40a90726d5e58f0cc680ffdcaa28a03fb5d1…	2026-02-27T00:31:45Z	2026-02-27T00:31:45Z
ghsa-hq42-5rxw-2578	6.3 (3.1) 2.1 (4.0)	A vulnerability has been found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.…	2026-02-27T00:31:45Z	2026-02-27T00:31:45Z
ghsa-98hq-gxg8-fchj	4.8 (3.1) 4.8 (4.0)	GetSimpleCMS Community Edition (CE) version 3.3.16 contains a stored cross-site scripting (XSS) vul…	2026-02-25T00:31:22Z	2026-02-27T00:31:45Z
ghsa-926q-p427-pgcj	9.4 (3.1)	WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthori…	2026-02-27T00:31:45Z	2026-02-27T00:31:45Z
ghsa-792m-47fm-p6pr	6.5 (3.1)	Charging station authentication identifiers are publicly accessible via web-based mapping platforms.	2026-02-27T00:31:45Z	2026-02-27T00:31:45Z
ghsa-6h58-g32m-9g69	7.3 (3.1) 5.5 (4.0)	A flaw has been found in itsourcecode School Management System 1.0. This impacts an unknown functio…	2026-02-27T00:31:45Z	2026-02-27T00:31:45Z
ghsa-627v-rfr6-xm8w	9.4 (3.1)	WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthori…	2026-02-27T00:31:45Z	2026-02-27T00:31:45Z
ghsa-576v-vjm2-9m8r	6.5 (3.1)	Charging station authentication identifiers are publicly accessible via web-based mapping platforms.	2026-02-27T00:31:45Z	2026-02-27T00:31:45Z
ghsa-2wp6-xhp6-g2gw	7.5 (3.1)	The WebSocket Application Programming Interface lacks restrictions on the number of authentication…	2026-02-27T00:31:45Z	2026-02-27T00:31:45Z
ghsa-24q2-h758-fvwc	6.5 (3.1)	Charging station authentication identifiers are publicly accessible via web-based mapping platforms.	2026-02-27T00:31:45Z	2026-02-27T00:31:45Z
ghsa-xgmj-j94q-46cv	6.5 (3.1)	Missing Authorization vulnerability in tychesoftwares Print Invoice & Delivery Notes for WooCommerc…	2026-02-20T18:31:39Z	2026-02-27T00:31:44Z
ghsa-q6f4-2qxx-8cww	7.5 (3.1)	A heap buffer overflow in the processRequest function of Open TFTP Server MultiThreaded v1.7 allows…	2026-02-12T21:31:27Z	2026-02-27T00:31:44Z
ghsa-pw8j-97jq-cw6g	9.8 (3.1) 9.3 (4.0)	Calero VeraSMART versions prior to 2022 R1 use static ASP.NET/IIS machineKey values configured for …	2026-02-13T21:31:40Z	2026-02-27T00:31:44Z
ghsa-m4w4-g5c5-j4f4	9.8 (3.1) 10.0 (4.0)	Calero VeraSMART versions prior to 2022 R1 expose an unauthenticated .NET Remoting HTTP service on …	2026-02-13T21:31:40Z	2026-02-27T00:31:44Z
ghsa-cxch-rc9p-q6hq	7.8 (3.1) 8.5 (4.0)	Calero VeraSMART versions prior to 2026 R1 contain hardcoded static AES encryption keys within Vera…	2026-02-13T21:31:40Z	2026-02-27T00:31:44Z
ghsa-cqp7-wf4c-3xgc	6.8 (3.1)	Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject maliciou…	2026-02-12T09:30:59Z	2026-02-27T00:31:44Z
ghsa-chqg-r72f-gcgr	6.5 (3.1)	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mit…	2026-02-20T18:31:39Z	2026-02-27T00:31:44Z
ghsa-c96q-rf2r-2xj8	5.3 (3.1)	A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter (libavfilter/af_fir…	2026-02-18T21:31:23Z	2026-02-27T00:31:44Z
ghsa-2g52-f4rf-8vm9	3.3 (3.1)	A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnn_backend_tf.c source file…	2026-02-18T21:31:23Z	2026-02-27T00:31:44Z
ghsa-w4ch-7p82-3m56	5.5 (3.1)	In the Linux kernel, the following vulnerability has been resolved: net: fix memory leak in skb_se…	2026-01-23T18:31:28Z	2026-02-27T00:31:43Z
ghsa-jgfq-mgxg-4qwm	8.1 (3.1)	The dashboard permissions API does not verify the target dashboard scope and only checks the dashbo…	2026-01-27T09:30:29Z	2026-02-27T00:31:43Z
ghsa-9w9c-6cc9-mc59	5.3 (3.1) 6.9 (4.0)	Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability …	2026-01-02T18:30:33Z	2026-02-27T00:31:42Z
ghsa-8g8j-r87h-p36x	8.4 (4.0)	Vitess users with backup storage access can gain unauthorized access to production deployment envir…	2026-02-26T22:50:37Z	2026-02-26T22:50:37Z
ghsa-xjhr-fm27-4hmx	4.8 (3.1)	OpenFUN Richie Observable Timing Discrepancy in its sync_course_run_from_request function	2026-02-25T18:31:38Z	2026-02-26T22:50:20Z
ghsa-465p-v42x-3fmj	4.9 (3.1)	Sealed Secrets for Kubernetes: Rotate API Allows Scope Widening from Strict/Namespace-Wide to Clust…	2026-02-26T22:49:14Z	2026-02-26T22:49:14Z
ghsa-gj6x-q8rh-wj6x	7.1 (4.0)	Curio exposes database credentials to users with network access through verbose HTTP error responses	2026-02-26T22:48:00Z	2026-02-26T22:48:00Z
ghsa-38c7-23hj-2wgq	4.0 (3.1) 6.3 (4.0)	n8n has Webhook Forgery on Zendesk Trigger Node	2026-02-26T22:47:06Z	2026-02-26T22:47:06Z
ghsa-fvfv-ppw4-7h2w	3.7 (3.1) 6.3 (4.0)	n8n has a Guardrail Node Bypass	2026-02-26T22:46:42Z	2026-02-26T22:46:43Z
ghsa-jh8h-6c9q-7gmw	4.8 (3.1) 6.3 (4.0)	n8n has an Authentication Bypass in its Chat Trigger Node	2026-02-26T22:45:41Z	2026-02-26T22:45:41Z

ID	Severity	Description	Package	Published	Updated
pysec-2012-37		The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), …	nova	2012-06-21T15:55:00Z	2024-11-21T14:22:55.891133Z
pysec-2012-36		Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security…	nova	2012-06-07T19:55:00Z	2024-11-21T14:22:55.825436Z
pysec-2023-287	4.3 (3.1)	Nautobot is a Network Source of Truth and Network Automation Platform built as a web appl…	nautobot	2023-12-22T17:15:00+00:00	2024-11-21T14:22:55.764934+00:00
pysec-2023-286	5.3 (3.1)	Nautobot is a Network Source of Truth and Network Automation Platform built as a web appl…	nautobot	2023-12-12T23:15:00+00:00	2024-11-21T14:22:55.664554+00:00
pysec-2023-285	5.4 (3.1)	Nautobot is a Network Source of Truth and Network Automation Platform built as a web appl…	nautobot	2023-11-22T16:15:00+00:00	2024-11-21T14:22:55.567982+00:00
pysec-2023-288	6.5 (3.1)	The Nautobot Device Onboarding plugin uses the netmiko and NAPALM libraries to simplify t…	nautobot-device-onboarding	2023-11-21T23:15:00+00:00	2024-11-21T14:22:55.475794+00:00
pysec-2022-43141	7.5 (3.1)	MotionEye v0.42.1 and below allows attackers to access sensitive information via a GET re…	motioneye	2022-03-24T17:15:00+00:00	2024-11-21T14:22:55.422153+00:00
pysec-2023-284	6.5 (3.1)	Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4.	modoboa	2023-01-23T14:15:00+00:00	2024-11-21T14:22:55.160710+00:00
pysec-2023-283	4.3 (3.1)	Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4.	modoboa	2023-01-19T18:15:00+00:00	2024-11-21T14:22:55.105976+00:00
pysec-2023-282	6.5 (3.1)	Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4.	modoboa	2023-01-19T09:15:00+00:00	2024-11-21T14:22:55.051300+00:00
pysec-2023-281	8.8 (3.1)	Improper Neutralization of Special Elements Used in a Template Engine in GitHub repositor…	mlflow	2023-12-12T04:15:00+00:00	2024-11-21T14:22:54.938745+00:00
pysec-2023-280	7.8 (3.1)	OS Command Injection in GitHub repository mlflow/mlflow prior to 2.6.0.	mlflow	2023-08-01T01:15:00+00:00	2024-11-21T14:22:54.880705+00:00
pysec-2023-279	9.1 (3.1)	MindsDB is a SQL Server for artificial intelligence. Prior to version 23.11.4.1, the `put…	mindsdb	2023-12-22T21:15:00+00:00	2024-11-21T14:22:54.549778+00:00
pysec-2023-277	5.3 (3.1)	MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1…	mindsdb	2023-12-11T19:15:00+00:00	2024-11-21T14:22:54.391272+00:00
pysec-2014-110		Multiple cross-site scripting (XSS) vulnerabilities in apps/common/templates/calculate_fo…	mayan-edms	2014-05-27T13:55:00Z	2024-11-21T14:22:54.240407Z
pysec-2022-43137	5.5 (3.1)	LIEF commit 365a16a was discovered to contain a reachable assertion abort via the compone…	lief	2022-09-13T21:15:00+00:00	2024-11-21T14:22:53.842904+00:00
pysec-2024-128	6.1 (3.1)	Label Studio, an open source data labeling tool had a remote import feature allowed users…	label-studio	2024-01-24T00:15:00+00:00	2024-11-21T14:22:53.406222+00:00
pysec-2023-275	7.5 (3.1)	Label Studio is an open source data labeling tool. In all current versions of Label Studi…	label-studio	2023-11-13T21:15:00+00:00	2024-11-21T14:22:53.350760+00:00
pysec-2024-127	5.3 (3.1)	Label Studio is a popular open source data labeling tool. The vulnerability affects all v…	label-studio	2024-01-31T17:15:00+00:00	2024-11-21T14:22:53.294472+00:00
pysec-2024-126	5.4 (3.1)	Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have…	label-studio	2024-01-23T23:15:00+00:00	2024-11-21T14:22:53.235341+00:00
pysec-2023-274	8.8 (3.1)	Label Studio is a multi-type data labeling and annotation tool with standardized output f…	label-studio	2023-11-09T15:15:00+00:00	2024-11-21T14:22:53.173192+00:00
pysec-2017-144	7.5 (3.1)	Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around bla…	koji	2017-10-06T17:29:00Z	2024-11-21T14:22:53.117821Z
pysec-2023-273	8.8 (3.1)	Kiwi TCMS is an open source test management system. In kiwitcms/Kiwi v12.2 and prior and …	kiwitcms	2023-04-24T22:15:00+00:00	2024-11-21T14:22:53.063160+00:00
pysec-2013-40		OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs …	keystone	2013-05-21T18:55:00Z	2024-11-21T14:22:52.515884Z
pysec-2012-35		OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not properly handle EC2 tokens…	keystone	2012-12-18T01:55:00Z	2024-11-21T14:22:52.404569Z
pysec-2012-34		OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenS…	keystone	2012-07-31T10:45:00Z	2024-11-21T14:22:52.344123Z
pysec-2018-151	8.8 (3.1)	An issue was discovered in Project Jupyter JupyterHub OAuthenticator 0.6.x before 0.6.2 a…	jupyterhub	2018-02-18T03:29:00Z	2024-11-21T14:22:52.286953Z
pysec-2023-272	4.3 (3.1)	The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints…	jupyter-server	2023-12-04T21:15:00+00:00	2024-11-21T14:22:52.227754+00:00
pysec-2018-150	7.5 (3.1)	Hyperledger Iroha versions v1.0_beta and v1.0.0_beta-1 are vulnerable to transaction and …	iroha	2018-06-01T19:29:00Z	2024-11-21T14:22:52.162008Z
pysec-2014-104		FreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA is enabled, allows remote att…	ipa	2014-11-19T18:59:00Z	2024-11-21T14:22:52.00819Z

ID	Description	Type

ID	Description	Updated
gsd-2024-4165	A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.17(9502)…	2024-04-26T05:02:17.438286Z
gsd-2024-4179	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.438004Z
gsd-2024-4197	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.437306Z
gsd-2024-4188	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.437066Z
gsd-2024-4171	A vulnerability classified as critical has been found in Tenda W30E 1.0/1.0.1.25. Affecte…	2024-04-26T05:02:17.434975Z
gsd-2024-4221	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.433755Z
gsd-2024-4210	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.431459Z
gsd-2024-4200	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.430960Z
gsd-2024-4204	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.429356Z
gsd-2024-4175	Unicode transformation vulnerability in Hyperion affecting version 2.0.15. This vulnerabi…	2024-04-26T05:02:17.424356Z
gsd-2024-4225	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.423760Z
gsd-2024-4223	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.423284Z
gsd-2024-4206	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.423074Z
gsd-2024-4199	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.422865Z
gsd-2024-4177	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.421751Z
gsd-2024-4198	Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 fail to fully vali…	2024-04-26T05:02:17.420758Z
gsd-2024-4164	A vulnerability, which was classified as critical, has been found in Tenda G3 15.11.0.17(…	2024-04-26T05:02:17.419490Z
gsd-2024-4180	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.418368Z
gsd-2024-4190	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.415072Z
gsd-2024-4211	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.414864Z
gsd-2024-4216	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.414356Z
gsd-2024-4224	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.414154Z
gsd-2024-4194	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.413687Z
gsd-2024-4169	A vulnerability was found in Tenda 4G300 1.01.42. It has been declared as critical. This …	2024-04-26T05:02:17.413039Z
gsd-2024-4167	A vulnerability was found in Tenda 4G300 1.01.42 and classified as critical. Affected by …	2024-04-26T05:02:17.405786Z
gsd-2024-4202	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.405198Z
gsd-2024-4209	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.403437Z
gsd-2024-4201	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.401052Z
gsd-2024-4181	The format of the source doesn't require a description, click on the link for more details.	2024-04-26T05:02:17.398953Z
gsd-2024-4168	A vulnerability was found in Tenda 4G300 1.01.42. It has been classified as critical. Thi…	2024-04-26T05:02:17.398024Z

ID	Description	Published	Updated
mal-2026-792	Malicious code in @meli-lint/eslint-config-base (npm)	2026-02-06T11:10:47Z	2026-02-06T16:19:56Z
mal-2026-791	Malicious code in @hashicorp-internal/vault-reporting (npm)	2026-02-06T11:10:46Z	2026-02-06T16:19:56Z
mal-2026-788	Malicious code in @sporting-life/sportinglife-betslip-sdk (npm)	2026-02-06T03:57:32Z	2026-02-06T16:19:56Z
mal-2026-787	Malicious code in @sporting-life/sportinglife-be (npm)	2026-02-06T04:07:15Z	2026-02-06T16:19:56Z
mal-2026-786	Malicious code in @rsgweb/locale-tools (npm)	2026-02-06T03:46:00Z	2026-02-06T16:19:56Z
mal-2026-808	Malicious code in carcent (PyPI)	2026-02-06T15:23:01Z	2026-02-06T15:23:01Z
mal-2026-803	Malicious code in moveworks-pipeline-test (PyPI)	2026-02-06T11:36:06Z	2026-02-06T11:36:06Z
mal-2026-790	Malicious code in p7zip-full (PyPI)	2026-02-06T09:30:38Z	2026-02-06T09:30:38Z
mal-2025-47509	Malicious code in syf-api-legacy (npm)	2025-09-22T04:00:48Z	2026-02-06T07:35:22Z
mal-2025-4581	Malicious code in syf-api (npm)	2025-05-26T06:27:11Z	2026-02-06T07:35:22Z
mal-2026-730	Malicious code in zappr (npm)	2026-02-04T05:14:29Z	2026-02-06T03:05:28Z
mal-2026-729	Malicious code in zalando-consent-api (npm)	2026-02-04T05:14:29Z	2026-02-06T03:05:28Z
mal-2026-771	Malicious code in test-npm-style (npm)	2026-02-05T19:06:12Z	2026-02-06T03:05:27Z
mal-2026-770	Malicious code in xpack-per-user (npm)	2026-02-05T18:36:26Z	2026-02-06T03:05:27Z
mal-2026-748	Malicious code in web3-chain-sync (npm)	2026-02-04T23:44:24Z	2026-02-06T03:05:27Z
mal-2026-734	Malicious code in xpack-subscription-test (npm)	2026-02-04T09:40:53Z	2026-02-06T03:05:27Z
mal-2026-728	Malicious code in z-shop-ui (npm)	2026-02-04T05:14:29Z	2026-02-06T03:05:27Z
mal-2026-727	Malicious code in z-shop-js-env (npm)	2026-02-04T05:14:29Z	2026-02-06T03:05:27Z
mal-2026-726	Malicious code in z-shop-event-bus (npm)	2026-02-04T05:14:29Z	2026-02-06T03:05:27Z
mal-2026-695	Malicious code in tsconfig-stitch (npm)	2026-02-03T07:48:27Z	2026-02-06T03:05:27Z
mal-2026-694	Malicious code in tarax (npm)	2026-02-03T07:42:06Z	2026-02-06T03:05:27Z
mal-2026-669	Malicious code in vite-ui-components (npm)	2026-02-03T03:42:39Z	2026-02-06T03:05:27Z
mal-2026-668	Malicious code in typescript-react-apollo (npm)	2026-02-03T03:57:51Z	2026-02-06T03:05:27Z
mal-2026-667	Malicious code in typed-document-node (npm)	2026-02-03T03:57:51Z	2026-02-06T03:05:27Z
mal-2026-666	Malicious code in transform-react-display-name (npm)	2026-02-03T03:57:51Z	2026-02-06T03:05:27Z
mal-2026-665	Malicious code in transform-exponentiation-operator (npm)	2026-02-03T03:57:51Z	2026-02-06T03:05:27Z
mal-2026-664	Malicious code in transform-es2015-modules-amd (npm)	2026-02-03T03:57:51Z	2026-02-06T03:05:27Z
mal-2026-663	Malicious code in transform-async-generator-functions (npm)	2026-02-03T03:57:51Z	2026-02-06T03:05:27Z
mal-2026-758	Malicious code in tailwindcss-forms-starter (npm)	2026-02-05T02:03:44Z	2026-02-06T03:05:26Z
mal-2026-754	Malicious code in tailwindcss-animation-modern (npm)	2026-02-05T01:06:23Z	2026-02-06T03:05:26Z

ID	Description	Published	Updated
wid-sec-w-2025-2230	Python (CPython Zipfile Module): Schwachstelle ermöglicht Manipulation von Dateien	2025-10-07T22:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2212	OpenSSH: Mehrere Schwachstellen ermöglichen Codeausführung	2025-10-06T22:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-1470	Python (CPython): Schwachstelle ermöglicht Denial of Service	2025-07-07T22:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-0128	Apache CXF: Schwachstelle ermöglicht Denial of Service	2025-01-20T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2024-1531	QEMU: Schwachstelle ermöglicht Denial of Service	2024-07-04T22:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2022-0770	IBM DB2: Mehrere Schwachstellen	2020-04-23T22:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2026-0026	HCL BigFix: Mehrere Schwachstellen	2026-01-06T23:00:00.000+00:00	2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2867	HPE OneView: Schwachstelle ermöglicht Codeausführung	2025-12-16T23:00:00.000+00:00	2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2759	IBM WebSphere Application Server: Schwachstelle ermöglicht Cross-Site Scripting	2025-12-08T23:00:00.000+00:00	2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2386	Unbound: Schwachstelle ermöglicht Manipulation von Dateien	2025-10-22T22:00:00.000+00:00	2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-1334	Apache Commons FileUpload: Schwachstelle ermöglicht Denial of Service	2025-06-16T22:00:00.000+00:00	2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-0813	Oracle MySQL: Mehrere Schwachstellen	2025-04-15T22:00:00.000+00:00	2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-0507	MariaDB: Mehrere Schwachstellen ermöglichen Denial of Service	2025-03-09T23:00:00.000+00:00	2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-0167	Oracle MySQL: Mehrere Schwachstellen	2025-01-21T23:00:00.000+00:00	2026-01-07T23:00:00.000+00:00
wid-sec-w-2026-0033	Greenshot: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit Benutzerrechten	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0032	Microsoft GitHub Enterprise Server: Schwachstelle ermöglicht Darstellen falscher Informationen	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0031	Coolify: Mehrere Schwachstellen	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0029	QNAP Qfiling: Schwachstelle ermöglicht Offenlegung von Informationen	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0028	Joomla: Mehrere Schwachstellen ermöglichen Cross-Site Scripting	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0027	Dell Secure Connect Gateway: Schwachstelle ermöglicht Privilegieneskalation	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0025	n8n: Schwachstelle ermöglicht Codeausführung	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0024	D-LINK Router: Schwachstelle ermöglicht Codeausführung	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0023	Microsoft GitHub Enterprise Server: Schwachstelle ermöglicht Cross-Site Scripting	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0021	Red Hat Enterprise Linux (npm expr-eval): Schwachstelle ermöglicht Codeausführung	2026-01-06T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2026-0010	Samsung Exynos: Mehrere Schwachstellen	2026-01-04T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2025-2938	Arista EOS: Schwachstelle ermöglicht Denial of Service	2025-12-30T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2025-2807	TianoCore EDK2: Schwachstelle ermöglicht Offenlegung von Informationen	2025-12-09T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2025-2488	Red Hat Enterprise Linux (SSSD, libsoup): Mehrere Schwachstellen	2025-11-04T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2025-2466	QEMU e1000 Network Devices: Schwachstelle ermöglicht Denial of Service	2025-11-02T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2025-2392	Internet Systems Consortium BIND: Mehrere Schwachstellen	2025-10-22T22:00:00.000+00:00	2026-01-06T23:00:00.000+00:00

ID	Description	Published	Updated
ncsc-2025-0118	Kwetsbaarheden verholpen in Adobe Framemaker	2025-04-09T08:14:16.645915Z	2025-04-09T08:14:16.645915Z
ncsc-2025-0117	Kwetsbaarheden verholpen in Adobe Animate	2025-04-09T08:12:45.041685Z	2025-04-09T08:12:45.041685Z
ncsc-2025-0116	Kwetsbaarheid verholpen in Adobe Photoshop	2025-04-09T08:09:40.474635Z	2025-04-09T08:09:40.474635Z
ncsc-2025-0115	Kwetsbaarheden verholpen in Adobe ColdFusion	2025-04-09T08:08:15.866613Z	2025-04-09T08:08:15.866613Z
ncsc-2025-0114	Kwetsbaarheden verholpen in Adobe After Effects	2025-04-09T08:05:51.653949Z	2025-04-09T08:05:51.653949Z
ncsc-2025-0113	Kwetsbaarheid verholpen in FortiSwitch	2025-04-09T06:49:51.895137Z	2025-04-09T06:49:51.895137Z
ncsc-2025-0112	Kwetsbaarheden verholpen in Microsoft Windows	2025-04-08T18:57:53.660384Z	2025-04-08T18:57:53.660384Z
ncsc-2025-0111	Kwetsbaarheid verholpen in Microsoft Dynamics	2025-04-08T18:56:16.386532Z	2025-04-08T18:56:16.386532Z
ncsc-2025-0110	Kwetsbaarheden verholpen in Microsoft Developer Tools	2025-04-08T18:54:30.631706Z	2025-04-08T18:54:30.631706Z
ncsc-2025-0109	Kwetsbaarheden verholpen in Microsoft Azure	2025-04-08T18:53:20.624247Z	2025-04-08T18:53:20.624247Z
ncsc-2025-0108	Kwetsbaarheid verholpen in Microsoft System Center	2025-04-08T18:52:22.999321Z	2025-04-08T18:52:22.999321Z
ncsc-2025-0107	Kwetsbaarheden verholpen in Microsoft Office	2025-04-08T18:50:53.931519Z	2025-04-08T18:50:53.931519Z
ncsc-2025-0106	Kwetsbaarheden verholpen in Siemens producten	2025-04-08T13:57:11.959816Z	2025-04-08T13:57:11.959816Z
ncsc-2025-0101	Kwetsbaarheid verholpen in CrushFTP	2025-04-01T07:47:50.425419Z	2025-04-07T14:03:59.372671Z
ncsc-2025-0105	Kwetsbaarheid verholpen in Ivanti Connect Secure, Policy Secure en ZTA Gateways	2025-04-03T14:19:37.560619Z	2025-04-03T14:19:37.560619Z
ncsc-2025-0104	Kwetsbaarheid verholpen in Cisco Enterprise Chat and Email	2025-04-03T08:04:22.928655Z	2025-04-03T08:04:22.928655Z
ncsc-2025-0103	Kwetsbaarheden verholpen in Apple iOS en iPadOS	2025-04-01T08:42:27.059536Z	2025-04-01T08:42:27.059536Z
ncsc-2025-0102	Kwetsbaarheden verholpen in Apple macOS	2025-04-01T08:41:09.934597Z	2025-04-01T08:41:09.934597Z
ncsc-2025-0100	Kwetsbaarheden verholpen in GitLab EE/CE	2025-03-27T14:49:34.316050Z	2025-03-27T14:49:34.316050Z
ncsc-2025-0095	Kwetsbaarheden verholpen in Kubernetes Ingress NGINX Controller	2025-03-25T07:13:08.093318Z	2025-03-27T14:41:30.387171Z
ncsc-2025-0099	Kwetsbaarheden verholpen in Splunk Enterprise en Splunk Cloud Platform	2025-03-27T09:18:30.331072Z	2025-03-27T09:18:30.331072Z
ncsc-2025-0098	Kwetsbaarheid verholpen in Google Chrome	2025-03-26T12:45:59.434386Z	2025-03-26T12:45:59.434386Z
ncsc-2025-0097	Kwetsbaarheid verholpen in NetApp SnapCenter	2025-03-25T08:41:39.996819Z	2025-03-25T08:41:39.996819Z
ncsc-2025-0096	Kwetsbaarheid verholpen in Next.js	2025-03-25T08:38:53.524904Z	2025-03-25T08:38:53.524904Z
ncsc-2025-0094	Kwetsbaarheid verholpen in Veeam Backup & Replication	2025-03-20T14:10:16.806777Z	2025-03-20T14:10:16.806777Z
ncsc-2025-0093	Kwetsbaarheid verholpen in IBM InfoSphere Information Server	2025-03-20T13:17:45.897480Z	2025-03-20T13:17:45.897480Z
ncsc-2025-0092	Kwetsbaarheden verholpen in IBM AIX	2025-03-20T13:13:43.163579Z	2025-03-20T13:13:43.163579Z
ncsc-2025-0091	Kwetsbaarheid verholpen in Synology DiskStation Manager	2025-03-19T15:03:23.414509Z	2025-03-19T15:03:23.414509Z
ncsc-2025-0090	Kwetsbaarheid verholpen in Synology Replication Service en Synology Unified Controller	2025-03-19T15:02:46.122619Z	2025-03-19T15:02:46.122619Z
ncsc-2025-0089	Kwetsbaarheid verholpen in Apache Tomcat	2025-03-17T18:36:12.978021Z	2025-03-17T18:36:12.978021Z

ID	Description	Published	Updated

ID	Description	Published	Updated
ssa-476715	SSA-476715: Two Vulnerabilities in Automation License Manager	2023-01-10T00:00:00Z	2023-03-14T00:00:00Z
ssa-419740	SSA-419740: Multiple Third-Party Component Vulnerabilities in RUGGEDCOM and SCALANCE Products before V7.2	2023-03-14T00:00:00Z	2023-03-14T00:00:00Z
ssa-324955	SSA-324955: SAD DNS Attack in Linux Based Products	2021-05-11T00:00:00Z	2023-03-14T00:00:00Z
ssa-320629	SSA-320629: Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.3	2023-03-14T00:00:00Z	2023-03-14T00:00:00Z
ssa-260625	SSA-260625: Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.2	2023-03-14T00:00:00Z	2023-03-14T00:00:00Z
ssa-953464	SSA-953464: Multiple Vulnerabilites in Siemens Brownfield Connectivity - Client before V2.15	2023-02-14T00:00:00Z	2023-02-14T00:00:00Z
ssa-836777	SSA-836777: JT File Parsing Vulnerabilities in JT Open, JT Utilities and Parasolid	2023-02-14T00:00:00Z	2023-02-14T00:00:00Z
ssa-744259	SSA-744259: Golang Vulnerabilities in Brownfield Connectivity - Gateway before V1.10.1	2023-02-14T00:00:00Z	2023-02-14T00:00:00Z
ssa-658793	SSA-658793: Command Injection Vulnerability in SiPass integrated AC5102 / ACC-G2 and ACC-AP	2023-02-14T00:00:00Z	2023-02-14T00:00:00Z
ssa-617755	SSA-617755: Denial of Service Vulnerability in the SNMP Agent of SCALANCE X-200IRT Products	2023-02-14T00:00:00Z	2023-02-14T00:00:00Z
ssa-568428	SSA-568428: Weak Key Protection Vulnerability in SINUMERIK ONE and SINUMERIK MC	2022-11-08T00:00:00Z	2023-02-14T00:00:00Z
ssa-565356	SSA-565356: X_T File Parsing Vulnerabilities in Simcenter Femap before V2023.1	2023-02-14T00:00:00Z	2023-02-14T00:00:00Z
ssa-506569	SSA-506569: Multiple Vulnerabilities in SCALANCE W1750D	2022-11-08T00:00:00Z	2023-02-14T00:00:00Z
ssa-313313	SSA-313313: Denial of Service Vulnerability in the FTP Server of Nucleus RTOS	2022-10-11T00:00:00Z	2023-02-14T00:00:00Z
ssa-252808	SSA-252808: XPath Constraint Vulnerability in Mendix Runtime	2023-02-14T00:00:00Z	2023-02-14T00:00:00Z
ssa-997779	SSA-997779: File Parsing Vulnerability in Solid Edge before V2023 MP1	2023-01-10T00:00:00Z	2023-01-10T00:00:00Z
ssa-936212	SSA-936212: JT File Parsing Vulnerabilities in JT Open, JT Utilities and Solid Edge	2023-01-10T00:00:00Z	2023-01-10T00:00:00Z
ssa-547714	SSA-547714: Argument Injection Vulnerability in SIMATIC WinCC OA Ultralight Client	2022-12-13T00:00:00Z	2023-01-10T00:00:00Z
ssa-496604	SSA-496604: Cross-Site Scripting Vulnerability in Mendix SAML Module	2023-01-10T00:00:00Z	2023-01-10T00:00:00Z
ssa-431678	SSA-431678: Denial of Service Vulnerability in SIMATIC S7 CPU Families	2020-02-11T00:00:00Z	2023-01-10T00:00:00Z
ssa-332410	SSA-332410: Multiple Vulnerabilities in SINEC INS before V1.0 SP2 Update 1	2023-01-10T00:00:00Z	2023-01-10T00:00:00Z
ssa-210822	SSA-210822: Improper Access Control Vulnerability in Mendix Workflow Commons Module	2022-12-13T00:00:00Z	2023-01-10T00:00:00Z
ssa-849072	SSA-849072: Several Vulnerabilities in SICAM PAS before V8.06	2022-12-13T00:00:00Z	2022-12-13T00:00:00Z
ssa-678983	SSA-678983: Vulnerabilities in Industrial PCs and CNC devices using Intel CPUs (November 2020)	2021-05-11T00:00:00Z	2022-12-13T00:00:00Z
ssa-638652	SSA-638652: Authentication Bypass Vulnerability in Mendix SAML Module	2022-09-13T00:00:00Z	2022-12-13T00:00:00Z
ssa-480829	SSA-480829: Cross-Site Scripting Vulnerabilities in SCALANCE X Switches	2018-06-12T00:00:00Z	2022-12-13T00:00:00Z
ssa-436469	SSA-436469: TCP Vulnerability in APOGEE/TALON Field Panels	2022-12-13T00:00:00Z	2022-12-13T00:00:00Z
ssa-412672	SSA-412672: Multiple OpenSSL and OpenSSH Vulnerabilities in SCALANCE X-200RNA Switch Devices before V3.2.7	2022-12-13T00:00:00Z	2022-12-13T00:00:00Z
ssa-363821	SSA-363821: Multiple Vulnerabilities in SCALANCE X-200RNA Switch Devices before V3.2.7	2022-12-13T00:00:00Z	2022-12-13T00:00:00Z
ssa-360681	SSA-360681: Datalogics File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go	2022-12-13T00:00:00Z	2022-12-13T00:00:00Z

ID	Description	Published	Updated
rhsa-2025:0840	Red Hat Security Advisory: OpenShift Container Platform 4.14.46 security update	2025-02-06T05:05:41+00:00	2026-02-17T09:18:22+00:00
rhsa-2025:0783	Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.6 Bug fix update	2025-01-28T20:26:27+00:00	2026-02-17T09:18:22+00:00
rhsa-2025:0839	Red Hat Security Advisory: OpenShift Container Platform 4.14.46 security update	2025-02-06T01:36:17+00:00	2026-02-17T09:18:21+00:00
rhsa-2025:0832	Red Hat Security Advisory: OpenShift Container Platform 4.12.72 bug fix and security update	2025-02-06T00:45:40+00:00	2026-02-17T09:18:20+00:00
rhsa-2025:0831	Red Hat Security Advisory: OpenShift Container Platform 4.12.72 security and extras update	2025-02-06T00:36:22+00:00	2026-02-17T09:18:20+00:00
rhsa-2025:0827	Red Hat Security Advisory: OpenShift Container Platform 4.16.33 security and extras update	2025-02-06T01:28:28+00:00	2026-02-17T09:18:18+00:00
rhsa-2025:0821	Red Hat Security Advisory: RHSA: Submariner 0.17.5 - bug and security fixes	2025-01-29T20:29:11+00:00	2026-02-17T09:18:18+00:00
rhsa-2025:0785	Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.11.5 bug fixes and container updates	2025-01-28T23:59:02+00:00	2026-02-17T09:18:18+00:00
rhsa-2025:0778	Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.6.5 security updates and bug fixes	2025-01-28T20:56:08+00:00	2026-02-17T09:18:15+00:00
rhsa-2025:0775	Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.3 Bug Fix Update	2025-01-28T19:16:43+00:00	2026-02-17T09:18:15+00:00
rhsa-2025:0754	Red Hat Security Advisory: Red Hat OpenShift Builds 1.2	2025-01-28T06:43:08+00:00	2026-02-17T09:18:14+00:00
rhsa-2025:0723	Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.7.3 security updates and bug fixes	2025-01-27T21:50:16+00:00	2026-02-17T09:18:14+00:00
rhsa-2025:0715	Red Hat Security Advisory: Red Hat OpenShift Builds 1.1	2025-01-27T17:03:08+00:00	2026-02-17T09:18:13+00:00
rhsa-2025:0679	Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.10.7 bug fixes and container updates	2025-01-23T23:30:43+00:00	2026-02-17T09:18:12+00:00
rhsa-2025:0678	Red Hat Security Advisory: RHSA: Submariner 0.16.8 - bug and security fixes	2025-01-23T20:25:51+00:00	2026-02-17T09:18:12+00:00
rhsa-2025:0676	Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.5.8 security updates and bug fixes	2025-01-23T20:15:51+00:00	2026-02-17T09:18:11+00:00
rhsa-2025:0654	Red Hat Security Advisory: OpenShift Container Platform 4.17.14 bug fix and security update	2025-01-28T04:28:50+00:00	2026-02-17T09:18:11+00:00
rhsa-2025:0653	Red Hat Security Advisory: OpenShift Container Platform 4.17.14 security and extras update	2025-01-28T00:55:21+00:00	2026-02-17T09:18:09+00:00
rhsa-2025:0650	Red Hat Security Advisory: OpenShift Container Platform 4.16.32 bug fix and security update	2025-01-29T00:56:20+00:00	2026-02-17T09:18:09+00:00
rhsa-2025:0649	Red Hat Security Advisory: OpenShift Container Platform 4.16.32 security and extras update	2025-01-29T00:29:19+00:00	2026-02-17T09:18:09+00:00
rhsa-2025:0646	Red Hat Security Advisory: OpenShift Container Platform 4.15.44 security update	2025-01-29T19:06:58+00:00	2026-02-17T09:18:07+00:00
rhsa-2025:0645	Red Hat Security Advisory: OpenShift Container Platform 4.15.44 security update	2025-01-29T16:41:46+00:00	2026-02-17T09:18:07+00:00
rhsa-2025:0577	Red Hat Security Advisory: Red Hat multicluster global hub 1.3.2 enhancements and container updates	2025-01-22T01:32:21+00:00	2026-02-17T09:18:06+00:00
rhsa-2025:0576	Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.9.6 bug fixes and container updates	2025-01-22T03:22:29+00:00	2026-02-17T09:18:06+00:00
rhsa-2025:0560	Red Hat Security Advisory: Red Hat Multicluster GlobalHub 1.2.1 bug fixes and container updates	2025-01-21T21:22:09+00:00	2026-02-17T09:18:05+00:00
rhsa-2025:0552	Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.4.7 security updates and bug fixes	2025-01-21T23:12:13+00:00	2026-02-17T09:18:04+00:00
rhsa-2025:0536	Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.15.0	2025-01-21T16:57:37+00:00	2026-02-17T09:18:04+00:00
rhsa-2025:0535	Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.15.0	2025-01-21T16:56:55+00:00	2026-02-17T09:18:04+00:00
rhsa-2025:0522	Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Jaeger) 3.4 release	2025-01-21T15:04:18+00:00	2026-02-17T09:18:03+00:00
rhsa-2025:0485	Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.15.0	2025-01-21T05:59:40+00:00	2026-02-17T09:18:02+00:00

ID	Description	Published	Updated
va-25-239-01	Agiloft multiple vulnerabilities	2025-08-26T00:00:00Z	2025-08-26T00:00:00Z
icsma-25-233-01	FUJIFILM Healthcare Americas Synapse Mobility	2025-08-21T06:00:00.000000Z	2025-08-21T06:00:00.000000Z
icsa-25-217-02	Tigo Energy Cloud Connect Advanced (Update A)	2025-08-05T06:00:00.000000Z	2025-08-19T06:00:00.000000Z
icsa-25-226-30	Rockwell Automation FactoryTalk Action Manager	2025-08-14T06:00:00.000000Z	2025-08-15T06:00:00.000000Z
icsa-25-226-29	Rockwell Automation Studio 5000 Logix Designer	2025-08-14T06:00:00.000000Z	2025-08-14T06:00:00.000000Z
icsa-25-226-28	Rockwell Automation ControlLogix Ethernet Modules	2025-08-14T06:00:00.000000Z	2025-08-14T06:00:00.000000Z
icsa-25-226-27	Rockwell Automation ArmorBlock 5000 I/O - Webserver	2025-08-14T06:00:00.000000Z	2025-08-14T06:00:00.000000Z
icsa-25-226-25	Rockwell Automation Micro800	2025-08-14T06:00:00.000000Z	2025-08-14T06:00:00.000000Z
icsa-25-226-24	Rockwell FactoryTalk Linx	2025-08-14T06:00:00.000000Z	2025-08-14T06:00:00.000000Z
icsa-25-226-23	Rockwell Automation FactoryTalk Viewpoint	2025-08-14T06:00:00.000000Z	2025-08-14T06:00:00.000000Z
icsa-25-231-01	Siemens Desigo CC Product Family and SENTRON Powermanager	2025-08-14T00:00:00.000000Z	2025-08-14T00:00:00.000000Z
icsma-25-224-01	Santesoft Sante PACS Server	2025-08-12T06:00:00.000000Z	2025-08-12T06:00:00.000000Z
icsa-25-224-04	AVEVA PI Integrator	2025-08-12T06:00:00.000000Z	2025-08-12T06:00:00.000000Z
icsa-25-224-01	Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share	2025-08-12T06:00:00.000000Z	2025-08-12T06:00:00.000000Z
icsa-24-263-04	MegaSys Computer Technologies Telenium Online Web Application (Update A)	2024-09-19T06:00:00.000000Z	2025-08-12T06:00:00.000000Z
icsa-25-254-09	Schneider Electric Modicon M340, BMXNOE0100, and BMXNOE0110	2024-06-11T00:00:00.000000Z	2025-08-12T04:00:00.000000Z
icsa-25-240-03	Schneider Electric Saitel DR & Saitel DP Remote Terminal Unit	2025-08-12T04:00:00.000000Z	2025-08-12T04:00:00.000000Z
icsa-25-238-03	Schneider Electric Modicon M340 Controller and Communication Modules	2025-08-12T04:00:00.000000Z	2025-08-12T04:00:00.000000Z
icsa-25-035-06	Schneider Electric Modicon M340 and BMXNOE0100/0110, BMXNOR0200H	2025-01-14T00:00:00.000000Z	2025-08-12T04:00:00.000000Z
icsa-25-226-21	Siemens BFCClient	2025-08-12T00:00:00.000000Z	2025-08-12T00:00:00.000000Z
icsa-25-226-20	Siemens RUGGEDCOM ROX II	2025-08-12T00:00:00.000000Z	2025-08-12T00:00:00.000000Z
icsa-25-226-19	Siemens SINUMERIK	2025-08-12T00:00:00.000000Z	2025-08-12T00:00:00.000000Z
icsa-25-226-17	Siemens SINEC Traffic Analyzer	2025-08-12T00:00:00.000000Z	2025-08-12T00:00:00.000000Z
icsa-25-226-16	Siemens SICAM Q100/Q200	2025-08-12T00:00:00.000000Z	2025-08-12T00:00:00.000000Z
icsa-25-226-14	Siemens RUGGEDCOM ROX II	2025-08-12T00:00:00.000000Z	2025-08-12T00:00:00.000000Z
icsa-25-226-13	Siemens SIMATIC RTLS Locating Manager	2025-08-12T00:00:00.000000Z	2025-08-12T00:00:00.000000Z
icsa-25-226-12	Siemens SIPROTEC 4 and SIPROTEC 4 Compact	2025-08-12T00:00:00.000000Z	2025-08-12T00:00:00.000000Z
icsa-25-226-10	Siemens SIPROTEC 5	2025-08-12T00:00:00.000000Z	2025-08-12T00:00:00.000000Z
icsa-25-226-08	Siemens RUGGEDCOM CROSSBOW Station Access Controller	2025-08-12T00:00:00.000000Z	2025-08-12T00:00:00.000000Z
icsa-25-226-06	Siemens Opcenter Quality	2025-08-12T00:00:00.000000Z	2025-08-12T00:00:00.000000Z

ID	Description	Published	Updated
cisco-sa-nso-hcc-priv-esc-owbwcs5d	Cisco Crosswork Network Services Orchestrator Privilege Escalation Vulnerability	2024-05-15T16:00:00+00:00	2024-05-15T16:00:00+00:00
cisco-sa-cnfd-rwpesc-zaoufyx8	ConfD CLI Privilege Escalation and Arbitrary File Read and Write Vulnerabilities	2024-05-15T16:00:00+00:00	2024-05-15T16:00:00+00:00
cisco-sa-appd-netvisdos-9znbsjtk	Cisco AppDynamics Network Visibility Service Denial of Service Vulnerability	2024-05-15T16:00:00+00:00	2024-05-15T16:00:00+00:00
cisco-sa-ipphone-multi-vulns-cxahcvs	Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Vulnerabilities	2024-05-01T16:00:00+00:00	2024-05-01T16:00:00+00:00
cisco-sa-asaftd-websrvs-dos-x8gnucd2	Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services Denial of Service Vulnerability	2024-04-24T16:00:00+00:00	2024-04-24T16:00:00+00:00
cisco-sa-asaftd-persist-rce-flsnxf4h	Cisco Adaptive Security Appliance and Firepower Threat Defense Software Persistent Local Code Execution Vulnerability	2024-04-24T16:00:00+00:00	2024-04-24T16:00:00+00:00
cisco-sa-asaftd-cmd-inj-zjv8wysm	Cisco Adaptive Security Appliance and Firepower Threat Defense Software Command Injection Vulnerability	2024-04-24T16:00:00+00:00	2024-04-24T16:00:00+00:00
cisco-sa-snmp-uwbxfqww	Cisco IOS and IOS XE Software SNMP Extended Named Access Control List Bypass Vulnerability	2024-04-17T16:00:00+00:00	2024-04-17T16:00:00+00:00
cisco-sa-ios-dos-hq4d3tzg	Cisco IOS Software for Catalyst 6000 Series Switches Denial of Service Vulnerability	2024-03-27T16:00:00+00:00	2024-04-04T15:31:55+00:00
cisco-sa-tms-xss-kgw4dx9y	Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability	2024-04-03T16:00:00+00:00	2024-04-03T16:00:00+00:00
cisco-sa-sbiz-rv-xss-oqertup	Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Cross-Site Scripting Vulnerability	2024-04-03T16:00:00+00:00	2024-04-03T16:00:00+00:00
cisco-sa-ndru-pesc-kz2pqlzh	Cisco Nexus Dashboard Privilege Escalation Vulnerability	2024-04-03T16:00:00+00:00	2024-04-03T16:00:00+00:00
cisco-sa-ndo-upav-yrqsccsp	Cisco Nexus Dashboard Orchestrator Unauthorized Policy Actions Vulnerability	2024-04-03T16:00:00+00:00	2024-04-03T16:00:00+00:00
cisco-sa-ndidv-lmxdvaf2	Cisco Nexus Dashboard Information Disclosure Vulnerability	2024-04-03T16:00:00+00:00	2024-04-03T16:00:00+00:00
cisco-sa-ndfccsrf-temzefj9	Cisco Nexus Dashboard and Nexus Dashboard Hosted Services Cross-Site Request Forgery Vulnerability	2024-04-03T16:00:00+00:00	2024-04-03T16:00:00+00:00
cisco-sa-ndfc-dir-trav-ssn3aydw	Cisco Nexus Dashboard Fabric Controller Plug and Play Arbitrary File Read Vulnerability	2024-04-03T16:00:00+00:00	2024-04-03T16:00:00+00:00
cisco-sa-ise-ssrf-ftsth5oz	Cisco Identity Services Engine Server-Side Request Forgery Vulnerability	2024-04-03T16:00:00+00:00	2024-04-03T16:00:00+00:00
cisco-sa-ise-csrf-nfakxrp5	Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability	2024-04-03T16:00:00+00:00	2024-04-03T16:00:00+00:00
cisco-sa-ece-xss-csqxgxfm	Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerability	2024-04-03T16:00:00+00:00	2024-04-03T16:00:00+00:00
cisco-sa-cucm-imps-xss-quwkd9yf	Cisco Unified Communications Manager IM & Presence Service Cross-Site Scripting Vulnerability	2024-04-03T16:00:00+00:00	2024-04-03T16:00:00+00:00
cisco-sa-cem-csrf-sucmnjfr	Cisco Emergency Responder Cross-Site Request Forgery and Directory Traversal Vulnerabilities	2024-04-03T16:00:00+00:00	2024-04-03T16:00:00+00:00
cisco-sa-iosxe-utd-cmd-jbl8kvht	Cisco IOS XE Software Unified Threat Defense Command Injection Vulnerability	2024-03-27T16:00:00+00:00	2024-04-02T20:11:04+00:00
cisco-sa-wlc-mdns-dos-4hv6pbgf	Cisco IOS XE Software for Wireless LAN Controllers Multicast DNS Denial of Service Vulnerability	2024-03-27T16:00:00+00:00	2024-03-27T16:00:00+00:00
cisco-sa-lisp-3gyxs3qp	Cisco IOS and IOS XE Software Locator ID Separation Protocol Denial of Service Vulnerability	2024-03-27T16:00:00+00:00	2024-03-27T16:00:00+00:00
cisco-sa-isis-sgjyouhx	Cisco IOS and IOS XE Software Intermediate System-to-Intermediate System Denial of Service Vulnerability	2024-03-27T16:00:00+00:00	2024-03-27T16:00:00+00:00
cisco-sa-iosxe-wlc-privesc-rjsmrmpk	Cisco IOS XE Software for Wireless LAN Controllers Privilege Escalation Vulnerability	2024-03-27T16:00:00+00:00	2024-03-27T16:00:00+00:00
cisco-sa-iosxe-priv-esc-seax6nlx	Cisco IOS XE Software Privilege Escalation Vulnerability	2024-03-27T16:00:00+00:00	2024-03-27T16:00:00+00:00
cisco-sa-iosxe-ospf-dos-dr9sfrxp	Cisco IOS XE Software OSPFv2 Denial of Service Vulnerability	2024-03-27T16:00:00+00:00	2024-03-27T16:00:00+00:00
cisco-sa-ios-xe-sda-edge-dos-qzwuwxwg	Cisco IOS XE Software SD-Access Fabric Edge Node Denial of Service Vulnerability	2024-03-27T16:00:00+00:00	2024-03-27T16:00:00+00:00
cisco-sa-ikev1-no2ccfwz	Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerabilities	2024-03-27T16:00:00+00:00	2024-03-27T16:00:00+00:00

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated
msrc_cve-2025-48964	ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).	2025-07-02T00:00:00.000Z	2026-02-21T04:00:07.000Z
msrc_cve-2025-34468	libcoap Stack-Based Buffer Overflow in Address Resolution DoS or Potential RCE	2025-12-02T00:00:00.000Z	2026-02-21T04:00:03.000Z
msrc_cve-2025-37885	KVM: x86: Reset IRTE to host control if new route isn't postable	2025-05-02T00:00:00.000Z	2026-02-21T03:59:58.000Z
msrc_cve-2025-26594	X.org: xwayland: use-after-free of the root cursor	2025-02-02T00:00:00.000Z	2026-02-21T03:59:34.000Z
msrc_cve-2025-66382	In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.	2025-11-02T00:00:00.000Z	2026-02-21T03:59:21.000Z
msrc_cve-2025-37918	Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue()	2025-05-02T00:00:00.000Z	2026-02-21T03:59:03.000Z
msrc_cve-2025-38369	dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using	2025-07-02T00:00:00.000Z	2026-02-21T03:58:54.000Z
msrc_cve-2025-68823	ublk: fix deadlock when reading partition table	2026-01-02T00:00:00.000Z	2026-02-21T03:58:26.000Z
msrc_cve-2025-26598	Xorg: xwayland: out-of-bounds write in createpointerbarrierclient()	2025-02-02T00:00:00.000Z	2026-02-21T03:58:08.000Z
msrc_cve-2025-37824	tipc: fix NULL pointer dereference in tipc_mon_reinit_self()	2025-05-02T00:00:00.000Z	2026-02-21T03:58:05.000Z
msrc_cve-2025-38365	btrfs: fix a race between renames and directory logging	2025-07-02T00:00:00.000Z	2026-02-21T03:57:42.000Z
msrc_cve-2022-32206	curl < 7.84.0 supports "chained" HTTP compression algorithms meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb" makingcurl end up spending enormous amounts of allocated heap memory or trying toand returning out of memory errors.	2022-07-02T00:00:00.000Z	2026-02-21T03:57:20.000Z
msrc_cve-2025-23148	soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()	2025-05-02T00:00:00.000Z	2026-02-21T03:57:10.000Z
msrc_cve-2025-38416	NFC: nci: uart: Set tty->disc_data only in success path	2025-07-02T00:00:00.000Z	2026-02-21T03:56:50.000Z
msrc_cve-2025-26599	Xorg: xwayland: use of uninitialized pointer in compredirectwindow()	2025-02-02T00:00:00.000Z	2026-02-21T03:56:39.000Z
msrc_cve-2025-23156	media: venus: hfi_parser: refactor hfi packet parsing logic	2025-05-02T00:00:00.000Z	2026-02-21T03:56:19.000Z
msrc_cve-2022-27782	libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However several TLS andSSH settings were left out from the configuration match checks making themmatch too easily.	2022-06-02T00:00:00.000Z	2026-02-21T03:56:03.000Z
msrc_cve-2025-38354	drm/msm/gpu: Fix crash when throttling GPU immediately during boot	2025-07-02T00:00:00.000Z	2026-02-21T03:56:00.000Z
msrc_cve-2025-37738	ext4: ignore xattrs past end	2025-05-02T00:00:00.000Z	2026-02-21T03:55:24.000Z
msrc_cve-2025-22868	Unexpected memory consumption during token parsing in golang.org/x/oauth2	2025-02-02T00:00:00.000Z	2026-02-21T03:55:14.000Z
msrc_cve-2025-38418	remoteproc: core: Release rproc->clean_table after rproc_attach() fails	2025-07-02T00:00:00.000Z	2026-02-21T03:55:08.000Z
msrc_cve-2025-22041	ksmbd: fix use-after-free in ksmbd_sessions_deregister()	2025-04-02T00:00:00.000Z	2026-02-21T03:54:51.000Z
msrc_cve-2025-37985	USB: wdm: close race between wdm_open and wdm_wwan_port_stop	2025-05-02T00:00:00.000Z	2026-02-21T03:54:33.000Z
msrc_cve-2025-38363	drm/tegra: Fix a possible null pointer dereference	2025-07-02T00:00:00.000Z	2026-02-21T03:54:11.000Z
msrc_cve-2025-39735	jfs: fix slab-out-of-bounds read in ea_get()	2025-04-02T00:00:00.000Z	2026-02-21T03:53:27.000Z
msrc_cve-2025-38543	drm/tegra: nvdec: Fix dma_alloc_coherent error check	2025-08-02T00:00:00.000Z	2026-02-21T03:53:24.000Z
msrc_cve-2025-38422	net: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices	2025-07-02T00:00:00.000Z	2026-02-21T03:53:03.000Z
msrc_cve-2024-58237	bpf: consider that tail calls invalidate packet pointers	2025-05-02T00:00:00.000Z	2026-02-21T03:52:43.000Z
msrc_cve-2025-37838	HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition	2025-04-02T00:00:00.000Z	2026-02-21T03:51:57.000Z
msrc_cve-2025-38436	drm/scheduler: signal scheduled fence when kill job	2025-07-02T00:00:00.000Z	2026-02-21T03:51:48.000Z

ID	Description	Published	Updated

ID	Description	Updated
var-201607-0321	The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache To…	2025-12-22T22:39:35.028000Z
var-201106-0034	Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.…	2025-12-22T22:39:28.763000Z
var-201302-0131	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java …	2025-12-22T22:38:55.492000Z
var-202102-1488	The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique…	2025-12-22T22:38:54.865000Z
var-202207-0107	AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation …	2025-12-22T22:38:21.202000Z
var-200611-0368	The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Pas…	2025-12-22T22:38:15.378000Z
var-202112-0566	Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2…	2025-12-22T22:38:09.163000Z
var-201706-0334	glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to ma…	2025-12-22T22:38:08.762000Z
var-200510-0005	Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Mic…	2025-12-22T22:38:08.358000Z
var-201903-0424	A memory corruption issue was addressed with improved memory handling. This issue is fixe…	2025-12-22T22:38:08.163000Z
var-200609-1397	The Airport driver for certain Orinoco based Airport cards in Darwin kernel 8.8.0 in Appl…	2025-12-22T22:38:07.588000Z
var-202207-1358	When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out o…	2025-12-22T22:38:07.227000Z
var-201302-0309	Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.…	2025-12-22T22:38:04.399000Z
var-201912-0608	A memory corruption issue was addressed with improved input validation. This issue is fix…	2025-12-22T22:38:04.311000Z
var-202310-0175	The HTTP/2 protocol allows a denial of service (server resource consumption) because requ…	2025-12-22T22:37:57.843000Z
var-201708-0038	The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 al…	2025-12-22T22:37:55.997000Z
var-202006-1807	Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)]…	2025-12-22T22:37:55.639000Z
var-201109-0190	Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allow…	2025-12-22T22:37:51.059000Z
var-202110-1622	A memory corruption issue was addressed with improved memory handling. This issue is fixe…	2025-12-22T22:37:19.368000Z
var-201509-0438	Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C L…	2025-12-22T22:36:48.237000Z
var-200810-0141	Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for c…	2025-12-22T22:36:48.181000Z
var-201008-0241	Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Mi…	2025-12-22T22:36:48.100000Z
var-202003-1776	FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between seriali…	2025-12-22T22:36:47.939000Z
var-201210-0063	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java …	2025-12-22T22:36:47.615000Z
var-200704-0737	Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont bef…	2025-12-22T22:36:47.121000Z
var-200904-0824	Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other pr…	2025-12-22T22:36:42.964000Z
var-201912-1864	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2025-12-22T22:36:34.526000Z
var-201912-1853	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2025-12-22T22:35:31.618000Z
var-200512-0299	Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authent…	2025-12-22T22:35:31.464000Z
var-201710-1404	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari befo…	2025-12-22T22:34:28.059000Z

ID	Description	Published	Updated
jvndb-2022-001381	Multiple vulnerabilities in Trend Micro ServerProtect	2022-03-03T14:42+09:00	2024-06-21T17:58+09:00
jvndb-2022-000015	EC-CUBE improperly handles HTTP Host header values	2022-02-22T14:22+09:00	2024-06-21T17:39+09:00
jvndb-2022-000013	EC-CUBE plugin "Mail Magazine Management Plugin" vulnerable to cross-site request forgery	2022-02-22T14:09+09:00	2024-06-21T14:05+09:00
jvndb-2022-000023	WordPress Plugin "Advanced Custom Fields" vulnerable to missing authorization	2022-03-30T15:23+09:00	2024-06-21T12:25+09:00
jvndb-2022-000020	Multiple vulnerabilities in pfSense	2022-03-15T14:58+09:00	2024-06-21T11:59+09:00
jvndb-2022-000022	AttacheCase may insecurely load Dynamic Link Libraries	2022-03-30T14:00+09:00	2024-06-21T11:42+09:00
jvndb-2022-001387	Installer of WPS Office for Windows misconfigures the ACL for the installation directory	2022-03-09T12:30+09:00	2024-06-21T11:37+09:00
jvndb-2022-001384	Multiple vulnerabilities in OMRON CX-Programmer	2022-03-08T15:56+09:00	2024-06-21T11:32+09:00
jvndb-2023-000008	Pgpool-II vulnerable to information disclosure	2023-01-23T16:35+09:00	2024-06-20T17:54+09:00
jvndb-2022-000024	Zero-channel BBS Plus vulnerable to cross-site scripting	2022-03-30T15:36+09:00	2024-06-20T17:34+09:00
jvndb-2022-000019	pfSense-pkg-WireGuard vulnerable to directory traversal	2022-03-03T15:08+09:00	2024-06-20T16:51+09:00
jvndb-2022-000018	MarkText vulnerable to cross-site scripting	2022-03-03T14:40+09:00	2024-06-20T16:46+09:00
jvndb-2022-000046	Gitlab vulnerable to server-side request forgery	2022-06-17T12:26+09:00	2024-06-20T15:39+09:00
jvndb-2024-003645	Multiple vulnerabilities in multiple Trend Micro products	2024-06-20T14:59+09:00	2024-06-20T14:59+09:00
jvndb-2022-000027	Hammock AssetView missing authentication for critical functions	2022-04-22T13:53+09:00	2024-06-20T12:15+09:00
jvndb-2022-000037	Spring Security OAuth (spring-security-oauth2) vulnerable to denial-of-service (DoS)	2022-05-20T17:04+09:00	2024-06-20T12:09+09:00
jvndb-2022-001923	Multiple vulnerabilities in CONTEC SolarView Compact	2022-05-27T15:28+09:00	2024-06-20T11:34+09:00
jvndb-2022-001795	Command injection vulnerability in QNAP VioStar series NVR	2022-05-12T18:07+09:00	2024-06-20T11:31+09:00
jvndb-2024-000065	"ZOZOTOWN" App for Android fails to restrict custom URL schemes properly	2024-06-19T16:04+09:00	2024-06-19T16:04+09:00
jvndb-2022-000029	KOYO Electronics Screen Creator Advance2 vulnerable to authentication bypass	2022-05-09T14:43+09:00	2024-06-19T16:03+09:00
jvndb-2022-000028	Multiple vulnerabilities in multiple MEIKYO ELECTRIC products	2022-05-09T14:31+09:00	2024-06-19T15:55+09:00
jvndb-2024-000064	WordPress plugin "SiteGuard WP Plugin" may leak the customized path to the login page	2024-06-19T14:25+09:00	2024-06-19T14:25+09:00
jvndb-2022-001809	Trend Micro Password Manager vulnerable to privilege escalation	2022-05-24T15:27+09:00	2024-06-18T17:52+09:00
jvndb-2022-000032	Installer of Trend Micro Password Manager may insecurely load Dynamic Link Libraries	2022-05-11T15:21+09:00	2024-06-18T17:46+09:00
jvndb-2022-000039	RevoWorks incomplete filtering of MS Office v4 macros	2022-05-27T16:09+09:00	2024-06-18T16:31+09:00
jvndb-2022-001948	Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service	2022-06-03T12:17+09:00	2024-06-18T16:30+09:00
jvndb-2022-001931	Multiple vulnerabilities in Fuji Electric V-SFT, V-Server and V-Server Lite	2022-05-27T15:37+09:00	2024-06-18T16:28+09:00
jvndb-2022-000038	WordPress plugin "WP Statistics" vulnerable to cross-site scripting	2022-05-24T15:00+09:00	2024-06-18T15:41+09:00
jvndb-2022-000031	GENEREX RCCMD vulnerable to directory traversal	2022-05-10T15:47+09:00	2024-06-18T15:35+09:00
jvndb-2024-000061	Multiple vulnerabilities in Ricoh Streamline NX PC Client	2024-06-18T14:56+09:00	2024-06-18T14:56+09:00

ID	Description	Updated

ID	Description	Published	Updated
suse-su-2026:0133-1	Security update for python	2026-01-16T09:19:41Z	2026-01-16T09:19:41Z
suse-su-2026:20090-1	Security update for cpp-httplib	2026-01-15T22:11:51Z	2026-01-15T22:11:51Z
suse-su-2026:20089-1	Security update for alloy	2026-01-15T17:57:53Z	2026-01-15T17:57:53Z
suse-su-2026:20088-1	Security update for erlang	2026-01-15T17:32:55Z	2026-01-15T17:32:55Z
suse-su-2026:20086-1	Security update for MozillaFirefox	2026-01-15T16:33:38Z	2026-01-15T16:33:38Z
suse-su-2026:0130-1	Security update for python310	2026-01-15T13:11:09Z	2026-01-15T13:11:09Z
suse-su-2026:20085-1	Security update for bind	2026-01-15T10:43:50Z	2026-01-15T10:43:50Z
suse-su-2026:0125-1	Security update for podman	2026-01-14T16:57:37Z	2026-01-14T16:57:37Z
suse-su-2026:0123-1	Security update for libsoup	2026-01-14T13:47:28Z	2026-01-14T13:47:28Z
suse-su-2026:20084-1	Security update for tomcat	2026-01-14T13:17:56Z	2026-01-14T13:17:56Z
suse-su-2026:20081-1	Security update for apache2	2026-01-14T11:03:13Z	2026-01-14T11:03:13Z
suse-su-2026:20110-1	Security update for curl	2026-01-14T10:58:55Z	2026-01-14T10:58:55Z
suse-su-2026:20082-1	Security update for curl	2026-01-14T10:58:55Z	2026-01-14T10:58:55Z
suse-su-2026:20092-1	Security update for haproxy	2026-01-14T10:57:49Z	2026-01-14T10:57:49Z
suse-su-2026:20109-1	Security update for haproxy	2026-01-14T10:55:40Z	2026-01-14T10:55:40Z
suse-su-2026:20094-1	Security update for haproxy	2026-01-14T10:55:40Z	2026-01-14T10:55:40Z
suse-su-2026:20108-1	Security update for gpg2	2026-01-14T10:23:37Z	2026-01-14T10:23:37Z
suse-su-2026:20080-1	Security update for gpg2	2026-01-14T10:23:37Z	2026-01-14T10:23:37Z
suse-su-2026:0122-1	Security update for MozillaFirefox	2026-01-14T08:49:21Z	2026-01-14T08:49:21Z
suse-su-2026:20078-1	Security update for squid	2026-01-14T08:37:40Z	2026-01-14T08:37:40Z
suse-su-2026:0121-1	Security update for ovmf	2026-01-14T06:47:26Z	2026-01-14T06:47:26Z
suse-su-2026:0120-1	Security update for ovmf	2026-01-14T06:46:44Z	2026-01-14T06:46:44Z
suse-su-2026:20077-1	Security update for python-uv	2026-01-13T12:49:17Z	2026-01-13T12:49:17Z
suse-su-2026:20091-1	Security update for hawk2	2026-01-13T12:46:40Z	2026-01-13T12:46:40Z
suse-su-2026:20093-1	Security update for hawk2	2026-01-13T12:43:07Z	2026-01-13T12:43:07Z
suse-su-2026:0119-1	Security update for curl	2026-01-13T08:10:35Z	2026-01-13T08:10:35Z
suse-su-2026:0118-1	Security update for libtasn1	2026-01-13T06:46:54Z	2026-01-13T06:46:54Z
suse-su-2026:0117-1	Security update for util-linux	2026-01-13T04:33:43Z	2026-01-13T04:33:43Z
suse-su-2026:0116-1	Security update for util-linux	2026-01-13T02:33:45Z	2026-01-13T02:33:45Z
suse-su-2026:0115-1	Security update for util-linux	2026-01-12T15:03:44Z	2026-01-12T15:03:44Z

ID	Description	Published	Updated
opensuse-su-2025:15818-1	pgadmin4-9.11-1.1 on GA media	2025-12-12T00:00:00Z	2025-12-12T00:00:00Z
opensuse-su-2025:15817-1	buildpacks-cli-0.39.1-1.1 on GA media	2025-12-12T00:00:00Z	2025-12-12T00:00:00Z
opensuse-su-2025:15816-1	ImageMagick-7.1.2.10-1.1 on GA media	2025-12-12T00:00:00Z	2025-12-12T00:00:00Z
opensuse-su-2025:15815-1	xkbcomp-1.5.0-1.1 on GA media	2025-12-11T00:00:00Z	2025-12-11T00:00:00Z
opensuse-su-2025:15814-1	MozillaThunderbird-140.6.0-1.1 on GA media	2025-12-11T00:00:00Z	2025-12-11T00:00:00Z
opensuse-su-2025:15813-1	MozillaFirefox-146.0-1.1 on GA media	2025-12-11T00:00:00Z	2025-12-11T00:00:00Z
opensuse-su-2025:15812-1	libpoppler-cpp2-25.09.1-4.1 on GA media	2025-12-10T00:00:00Z	2025-12-10T00:00:00Z
opensuse-su-2025:15811-1	keylime-config-7.13.0+40-1.1 on GA media	2025-12-10T00:00:00Z	2025-12-10T00:00:00Z
opensuse-su-2025:15810-1	gio-branding-upstream-2.86.3-1.1 on GA media	2025-12-10T00:00:00Z	2025-12-10T00:00:00Z
opensuse-su-2025:15809-1	firefox-esr-140.6.0-1.1 on GA media	2025-12-10T00:00:00Z	2025-12-10T00:00:00Z
opensuse-su-2025:15808-1	apache2-2.4.66-1.1 on GA media	2025-12-10T00:00:00Z	2025-12-10T00:00:00Z
opensuse-su-2025:20148-1	Security update for openexr	2025-12-09T16:32:45Z	2025-12-09T16:32:45Z
opensuse-su-2025:20153-1	Security update for python-Django	2025-12-09T13:43:55Z	2025-12-09T13:43:55Z
opensuse-su-2025:15807-1	regclient-0.11.1-1.1 on GA media	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
opensuse-su-2025:15806-1	python311-Django4-4.2.27-1.1 on GA media	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
opensuse-su-2025:15805-1	python311-Django-5.2.9-1.1 on GA media	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
opensuse-su-2025:15804-1	nvidia-open-driver-G07-signed-check-590.44.01-1.1 on GA media	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
opensuse-su-2025:15803-1	krb5-1.22.1-1.1 on GA media	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
opensuse-su-2025:15802-1	corepack24-24.11.1-2.1 on GA media	2025-12-08T00:00:00Z	2025-12-08T00:00:00Z
opensuse-su-2025:15801-1	libpng16-16-1.6.52-1.1 on GA media	2025-12-08T00:00:00Z	2025-12-08T00:00:00Z
opensuse-su-2025:15800-1	kdeconnect-kde-25.11.90-1.1 on GA media	2025-12-08T00:00:00Z	2025-12-08T00:00:00Z
opensuse-su-2025:15799-1	libwireshark19-4.6.2-1.1 on GA media	2025-12-05T00:00:00Z	2025-12-05T00:00:00Z
opensuse-su-2025:15798-1	rhino-1.7.15.1-1.1 on GA media	2025-12-05T00:00:00Z	2025-12-05T00:00:00Z
opensuse-su-2025:20143-1	Security update for git-bug	2025-12-04T13:08:26Z	2025-12-04T13:08:26Z
opensuse-su-2025:20138-1	Security update for act	2025-12-04T12:02:10Z	2025-12-04T12:02:10Z
opensuse-su-2025:15797-1	libpng12-0-1.2.59-4.1 on GA media	2025-12-04T00:00:00Z	2025-12-04T00:00:00Z
opensuse-su-2025:15796-1	go1.24-1.24.11-1.1 on GA media	2025-12-04T00:00:00Z	2025-12-04T00:00:00Z
opensuse-su-2025:20135-1	Security update for mozjs128	2025-12-03T20:41:04Z	2025-12-03T20:41:04Z
opensuse-su-2025:15795-1	go1.25-1.25.5-1.1 on GA media	2025-12-03T00:00:00Z	2025-12-03T00:00:00Z
opensuse-su-2025:15794-1	chromedriver-143.0.7499.40-2.1 on GA media	2025-12-03T00:00:00Z	2025-12-03T00:00:00Z

ID	Description	Published	Updated

ID	Description	Published	Updated
bit-jenkins-2025-67635		2025-12-12T11:23:31.286Z	2025-12-12T11:51:34.315Z
bit-gitlab-2025-7449	Allocation of Resources Without Limits or Throttling in GitLab	2025-12-02T12:05:42.978Z	2025-12-11T12:06:55.559Z
bit-gitlab-2025-6195	Direct Request ('Forced Browsing') in GitLab	2025-12-02T12:05:25.518Z	2025-12-11T12:06:55.559Z
bit-gitlab-2025-13611	Insertion of Sensitive Information into Log File in GitLab	2025-12-02T12:03:48.649Z	2025-12-11T12:06:55.559Z
bit-gitlab-2025-12653	Authentication Bypass by Spoofing in GitLab	2025-12-02T12:03:41.060Z	2025-12-11T12:06:55.559Z
bit-gitlab-2025-12571	Allocation of Resources Without Limits or Throttling in GitLab	2025-12-02T12:03:39.208Z	2025-12-11T12:06:55.559Z
bit-gitlab-2024-9183	Time-of-check Time-of-use (TOCTOU) Race Condition in GitLab	2025-12-09T12:02:49.276Z	2025-12-11T12:06:55.559Z
bit-django-2025-64460	Potential denial-of-service vulnerability in XML serializer text extraction	2025-12-11T11:37:12.400Z	2025-12-11T12:06:55.559Z
bit-golang-2025-61725	Excessive CPU consumption in ParseAddress in net/mail	2025-11-06T12:58:41.872Z	2025-12-10T12:06:24.101Z
bit-pgbouncer-2025-2291	PgBouncer default auth_query does not take Postgres password expiry into account	2025-04-18T19:19:16.416Z	2025-12-09T12:08:00.393Z
bit-envoy-2025-66220	Envoy’s TLS certificate matcher for `match_typed_subject_alt_names` may incorrectly treat certificates containing an embedded null byte	2025-12-06T11:38:21.122Z	2025-12-09T12:08:00.393Z
bit-envoy-2025-64763	Envoy forwards early CONNECT data in TCP proxy mode	2025-12-06T11:38:19.488Z	2025-12-09T12:08:00.393Z
bit-envoy-2025-64527	Envoy crashes when JWT authentication is configured with the remote JWKS fetching	2025-12-06T11:38:17.923Z	2025-12-09T12:08:00.393Z
bit-apache-2025-66200	Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo	2025-12-09T11:38:20.150Z	2025-12-09T12:08:00.393Z
bit-apache-2025-65082	Apache HTTP Server: CGI environment variable override	2025-12-09T11:38:18.501Z	2025-12-09T12:08:00.393Z
bit-apache-2025-59775	Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF	2025-12-09T11:38:16.754Z	2025-12-09T12:08:00.393Z
bit-apache-2025-58098	Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...	2025-12-09T11:38:15.033Z	2025-12-09T12:08:00.393Z
bit-apache-2025-55753	Apache HTTP Server: mod_md (ACME), unintended retry intervals	2025-12-09T11:38:13.178Z	2025-12-09T12:08:00.393Z
bit-mongodb-2025-13507	Time-series operations may cause internal BSON size limit to be exceed	2025-12-06T11:42:49.537Z	2025-12-06T12:06:23.267Z
bit-mongodb-2025-12893	Improper Certificate Validation May Allow Successful TLS Handshaking Despite Invalid Extended Key Usage Fields in MongoDB Server	2025-12-06T11:42:47.994Z	2025-12-06T12:06:23.267Z
bit-mongodb-2025-11979	Use-after-free in the MongoDB server query planner may lead to crash or undefined behavior	2025-12-06T11:42:46.232Z	2025-12-06T12:06:23.267Z
bit-golang-2025-61727	Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509	2025-12-06T11:41:09.464Z	2025-12-06T12:06:23.267Z
bit-cilium-2025-64715	Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic	2025-12-02T11:35:57.032Z	2025-12-06T12:06:23.267Z
bit-python-2025-6075	Quadratic complexity in os.path.expandvars() with user-controlled template	2025-12-05T11:13:34.373Z	2025-12-05T11:40:36.013Z
bit-libpython-2025-6075	Quadratic complexity in os.path.expandvars() with user-controlled template	2025-12-05T11:08:28.184Z	2025-12-05T11:40:36.013Z
bit-python-2025-8291	ZIP64 End of Central Directory (EOCD) Locator record offset not checked	2025-10-14T09:30:19.669Z	2025-12-04T12:07:39.656Z
bit-python-2025-1795	Mishandling of comma during folding and unicode-encoding of email headers	2025-04-14T11:35:31.045Z	2025-12-04T12:07:39.656Z
bit-libpython-2025-8291	ZIP64 End of Central Directory (EOCD) Locator record offset not checked	2025-10-14T09:25:48.465Z	2025-12-04T12:07:39.656Z
bit-libpython-2025-1795	Mishandling of comma during folding and unicode-encoding of email headers	2025-08-11T13:53:05.339Z	2025-12-04T12:07:39.656Z
bit-golang-2025-61729	Excessive resource consumption when printing error string for host certificate validation in crypto/x509	2025-12-04T11:41:52.637Z	2025-12-04T12:07:39.656Z

ID	Description	Published	Updated

ID	Published	Updated
drupal-contrib-2021-040	2021-09-22T17:26:12.000Z	2023-08-11T16:55:39.000Z
drupal-contrib-2021-039	2021-09-22T17:26:04.000Z	2023-08-11T16:55:33.000Z
drupal-contrib-2021-038	2021-09-22T17:25:50.000Z	2023-08-11T16:54:48.000Z
drupal-contrib-2021-037	2021-09-22T17:17:05.000Z	2023-08-11T16:54:22.000Z
drupal-contrib-2021-036	2021-09-22T17:12:02.000Z	2023-08-11T16:53:25.000Z
drupal-contrib-2021-035	2021-09-22T17:09:11.000Z	2023-08-11T16:51:09.000Z
drupal-contrib-2021-047	2021-12-22T17:47:54.000Z	2023-08-11T16:49:16.000Z
drupal-contrib-2021-045	2021-12-08T18:02:44.000Z	2023-08-11T16:48:31.000Z
drupal-contrib-2021-044	2021-11-17T15:45:07.000Z	2023-08-11T16:47:14.000Z
drupal-contrib-2022-006	2022-01-25T18:35:55.000Z	2023-08-11T14:56:17.000Z
drupal-contrib-2022-001	2022-01-05T17:06:22.000Z	2023-08-11T14:06:56.000Z
drupal-contrib-2022-002	2022-01-05T17:12:29.000Z	2023-08-11T14:06:15.000Z
drupal-contrib-2022-004	2022-01-19T15:33:50.000Z	2023-08-11T14:04:07.000Z
drupal-contrib-2022-005	2022-01-25T18:35:09.000Z	2023-08-11T14:03:48.000Z
drupal-contrib-2022-009	2022-01-25T18:36:37.000Z	2023-08-11T14:02:59.000Z
drupal-contrib-2022-015	2022-01-25T18:39:13.000Z	2023-08-11T14:02:31.000Z
drupal-contrib-2022-008	2022-01-25T18:36:22.000Z	2023-08-11T14:01:01.000Z
drupal-contrib-2022-017	2022-01-25T18:39:38.000Z	2023-08-11T13:56:08.000Z
drupal-contrib-2022-012	2022-01-25T18:37:20.000Z	2023-08-11T13:55:41.000Z
drupal-contrib-2022-026	2022-02-23T17:10:52.000Z	2023-08-11T13:50:17.000Z
drupal-contrib-2022-025	2022-02-16T17:07:35.000Z	2023-08-11T13:49:36.000Z
drupal-contrib-2022-024	2022-02-09T15:20:08.000Z	2023-08-11T13:49:13.000Z
drupal-contrib-2022-023	2022-02-09T15:17:56.000Z	2023-08-11T13:48:49.000Z
drupal-contrib-2022-014	2022-01-26T17:18:11.000Z	2023-08-11T13:48:18.000Z
drupal-contrib-2022-021	2022-01-25T18:41:04.000Z	2023-08-11T13:47:07.000Z
drupal-contrib-2022-018	2022-01-25T18:39:50.000Z	2023-08-11T13:46:46.000Z
drupal-contrib-2022-036	2022-05-04T16:11:07.000Z	2023-08-10T21:43:53.000Z
drupal-contrib-2022-035	2022-05-04T16:06:53.000Z	2023-08-10T21:43:30.000Z
drupal-contrib-2022-032	2022-03-30T18:23:29.000Z	2023-08-10T21:41:21.000Z
drupal-contrib-2022-029	2022-03-09T18:57:52.000Z	2023-08-10T21:39:44.000Z

ID	Description	Published	Updated
cnvd-2026-06986	WordPress Short Link plugin跨站脚本漏洞	2026-01-19	2026-01-23
cnvd-2026-06985	WordPress Shipping Rate By Cities plugin SQL注入漏洞	2026-01-19	2026-01-23
cnvd-2026-06984	WordPress SearchWiz plugin跨站脚本漏洞	2026-01-19	2026-01-23
cnvd-2026-06913	WordPress Responsive Accordion Slider plugin未经授权的数据修改漏洞	2026-01-19	2026-01-23
cnvd-2026-06912	WordPress LinkedIn SC plugin跨站脚本漏洞	2026-01-19	2026-01-23
cnvd-2026-06911	WordPress Kunze Law plugin跨站脚本漏洞	2026-01-19	2026-01-23
cnvd-2026-06910	WordPress Internal Link Builder plugin跨站脚本漏洞	2026-01-19	2026-01-23
cnvd-2026-06909	WordPress Gotham Block Extra Light plugin路径遍历漏洞	2026-01-19	2026-01-23
cnvd-2026-06908	WordPress Gotham Block Extra Light plugin跨站脚本漏洞	2026-01-19	2026-01-23
cnvd-2026-06907	WordPress GetContentFromURL plugin服务端请求伪造漏洞	2026-01-19	2026-01-23
cnvd-2026-06906	WordPress Float Payment Gateway plugin未经授权的数据修改漏洞	2026-01-19	2026-01-23
cnvd-2026-06905	WordPress Flat Shipping Rate by City for WooCommerce plugin SQL注入漏洞	2026-01-19	2026-01-23
cnvd-2026-06904	WordPress Electric Studio Download Counter plugin跨站脚本漏洞	2026-01-19	2026-01-23
cnvd-2026-06903	WordPress Aplazo Payment Gateway plugin缺少权限漏洞	2026-01-19	2026-01-23
cnvd-2026-06902	WordPress AJS Footnotes plugin跨站脚本漏洞	2026-01-19	2026-01-23
cnvd-2026-06831	D-Link DIR-823G操作系统命令注入漏洞	2022-04-01	2026-01-23
cnvd-2026-06830	D-Link DIR-823G密码重置漏洞	2023-06-30	2026-01-23
cnvd-2026-06829	D-Link DIR-823G URL字段缓冲区溢出漏洞	2023-07-03	2026-01-23
cnvd-2026-06828	D-Link DIR-823G HostName字段缓冲区溢出漏洞	2023-07-03	2026-01-23
cnvd-2026-06827	D-Link DIR-823G堆栈缓冲区溢出漏洞	2023-09-25	2026-01-23
cnvd-2026-06826	D-Link DIR-823G SetWifiDownSettings函数栈缓冲区溢出漏洞	2023-09-25	2026-01-23
cnvd-2026-06825	D-Link DIR-823G空指针取消引用漏洞	2024-05-07	2026-01-23
cnvd-2026-06824	D-Link DIR-823G信息泄露漏洞	2024-09-11	2026-01-23
cnvd-2026-06823	D-Link DIR-823G命令注入漏洞	2025-11-18	2026-01-23
cnvd-2026-06813	D-Link DWR-M920 sub_41C7FC函数缓冲区溢出漏洞	2025-11-24	2026-01-23
cnvd-2026-06812	D-Link DWR-M920 sub_423848函数缓冲区溢出漏洞	2026-01-14	2026-01-23
cnvd-2026-06811	D-Link DWR-M920 sub_464794函数缓冲区溢出漏洞	2026-01-14	2026-01-23
cnvd-2026-06810	D-Link DWR-M920命令注入漏洞	2026-01-14	2026-01-23
cnvd-2026-06809	D-Link DWR-M920 sub_42261C函数堆栈缓冲区溢出漏洞	2026-01-14	2026-01-23
cnvd-2026-06604	上海锐昉科技有限公司RB企业管理系统存在SQL注入漏洞	2025-11-25	2026-01-23

ID	Description	Published	Updated
certfr-2025-avi-1016	Multiples vulnérabilités dans Mozilla Thunderbird	2025-11-17T00:00:00.000000	2025-11-17T00:00:00.000000
certfr-2025-avi-1015	Multiples vulnérabilités dans les produits NetApp	2025-11-17T00:00:00.000000	2025-11-17T00:00:00.000000
certfr-2025-avi-1014	Vulnérabilité dans Fortinet FortiWeb	2025-11-14T00:00:00.000000	2025-11-14T00:00:00.000000
certfr-2025-avi-1013	Multiples vulnérabilités dans les produits IBM	2025-11-14T00:00:00.000000	2025-11-14T00:00:00.000000
certfr-2025-avi-1012	Vulnérabilité dans Microsoft Edge	2025-11-14T00:00:00.000000	2025-11-14T00:00:00.000000
certfr-2025-avi-1011	Multiples vulnérabilités dans le noyau Linux de Red Hat	2025-11-14T00:00:00.000000	2025-11-14T00:00:00.000000
certfr-2025-avi-1010	Multiples vulnérabilités dans le noyau Linux de Debian	2025-11-14T00:00:00.000000	2025-11-14T00:00:00.000000
certfr-2025-avi-1009	Multiples vulnérabilités dans le noyau Linux de SUSE	2025-11-14T00:00:00.000000	2025-11-14T00:00:00.000000
certfr-2025-avi-1008	Multiples vulnérabilités dans le noyau Linux d'Ubuntu	2025-11-14T00:00:00.000000	2025-11-14T00:00:00.000000
certfr-2025-avi-1007	Multiples vulnérabilités dans PostgreSQL	2025-11-14T00:00:00.000000	2025-11-14T00:00:00.000000
certfr-2025-avi-1006	Vulnérabilité dans Cisco Catalyst Center	2025-11-14T00:00:00.000000	2025-11-14T00:00:00.000000
certfr-2025-avi-0954	Multiples vulnérabilités dans Liferay	2025-11-03T00:00:00.000000	2025-11-14T00:00:00.000000
certfr-2025-avi-0888	Multiples vulnérabilités dans les produits Mattermost	2025-10-16T00:00:00.000000	2025-11-14T00:00:00.000000
certfr-2025-avi-1005	Multiples vulnérabilités dans les produits Siemens	2025-11-13T00:00:00.000000	2025-11-13T00:00:00.000000
certfr-2025-avi-1004	Multiples vulnérabilités dans les produits Palo Alto Networks	2025-11-13T00:00:00.000000	2025-11-13T00:00:00.000000
certfr-2025-avi-1003	Multiples vulnérabilités dans Drupal	2025-11-13T00:00:00.000000	2025-11-13T00:00:00.000000
certfr-2025-avi-1002	Multiples vulnérabilités dans GitLab	2025-11-13T00:00:00.000000	2025-11-13T00:00:00.000000
certfr-2025-avi-1001	Multiples vulnérabilités dans Elastic Kibana	2025-11-13T00:00:00.000000	2025-11-13T00:00:00.000000
certfr-2025-avi-1000	Multiples vulnérabilités dans les produits Splunk	2025-11-13T00:00:00.000000	2025-11-13T00:00:00.000000
certfr-2025-avi-0999	Vulnérabilité dans les produits Symfony	2025-11-13T00:00:00.000000	2025-11-13T00:00:00.000000
certfr-2025-avi-0998	Multiples vulnérabilités dans les produits Microsoft	2025-11-12T00:00:00.000000	2025-11-12T00:00:00.000000
certfr-2025-avi-0997	Multiples vulnérabilités dans Microsoft Azure	2025-11-12T00:00:00.000000	2025-11-12T00:00:00.000000
certfr-2025-avi-0996	Multiples vulnérabilités dans Microsoft Windows	2025-11-12T00:00:00.000000	2025-11-12T00:00:00.000000
certfr-2025-avi-0995	Multiples vulnérabilités dans Microsoft Office	2025-11-12T00:00:00.000000	2025-11-12T00:00:00.000000
certfr-2025-avi-0994	Multiples vulnérabilités dans Microsoft Edge	2025-11-12T00:00:00.000000	2025-11-12T00:00:00.000000
certfr-2025-avi-0993	Multiples vulnérabilités dans les produits Intel	2025-11-12T00:00:00.000000	2025-11-12T00:00:00.000000
certfr-2025-avi-0992	Multiples vulnérabilités dans Apache OpenOffice	2025-11-12T00:00:00.000000	2025-11-12T00:00:00.000000
certfr-2025-avi-0991	Multiples vulnérabilités dans les produits Mozilla	2025-11-12T00:00:00.000000	2025-11-12T00:00:00.000000
certfr-2025-avi-0990	Vulnérabilité dans Google Chrome	2025-11-12T00:00:00.000000	2025-11-12T00:00:00.000000
certfr-2025-avi-0989	Vulnérabilité dans Nagios XI	2025-11-12T00:00:00.000000	2025-11-12T00:00:00.000000

ID	Description	Published	Updated
certa-2001-ale-010	Propagation du ver "Code Blue"	2001-09-07T00:00:00.000000	2001-09-07T00:00:00.000000
certa-2001-ale-008	Propagation du ver « Code Red »	2001-07-18T00:00:00.000000	2001-08-13T00:00:00.000000
certa-2001-ale-009	Propagation importante du virus SirCam	2001-07-24T00:00:00.000000	2001-07-26T00:00:00.000000
certa-2001-ale-007	Propagation d'un ver affectant sadmind et IIS	2001-05-09T00:00:00.000000	2001-05-09T00:00:00.000000
certa-2001-ale-006	Prolifération en Europe du virus HOMEPAGE	2001-05-09T00:00:00.000000	2001-05-09T00:00:00.000000
certa-2001-ale-005	Vulnérabilités dans les modems ADSL d'Alcatel	2001-04-11T00:00:00.000000	2001-04-11T00:00:00.000000
certa-2001-ale-004	Vulnérabilité dans le démon snmpXdmid sous Sun Solaris	2001-03-30T00:00:00.000000	2001-03-30T00:00:00.000000
certa-2001-ale-003	Prolifération du ver Li0n	2001-03-26T00:00:00.000000	2001-03-26T00:00:00.000000
certa-2001-ale-002	Risque d'exploitation des ressources partagées sous Windows	2001-03-26T00:00:00.000000	2001-03-26T00:00:00.000000
certa-2001-ale-001	Propagation du ver Ramen sous Linux.	2001-01-19T00:00:00.000000	2001-01-19T00:00:00.000000
certa-2000-ale-016	Connexion à Wanadoo	2000-11-30T00:00:00.000000	2000-11-30T00:00:00.000000
certa-2000-ale-015	Risque d'usurpation de l'identité de Sun Microsystems	2000-10-25T00:00:00.000000	2000-10-25T00:00:00.000000
certa-2000-ale-013	Virus VBS Quatro-A	2000-09-18T00:00:00.000000	2000-09-18T00:00:00.000000
certa-2000-ale-014	Vulnérabilité dans la bibliothèque glibc sous Unix	2000-09-14T00:00:00.000000	2000-09-14T00:00:00.000000
certa-2000-ale-012	Mauvaise compatibilité des scanners de virus avec NTFS	2000-09-08T00:00:00.000000	2000-09-08T00:00:00.000000
certa-2000-ale-001	Alerte de virus LOVE-LETTER-FOR-YOU	2000-05-05T00:00:00.000000	2000-07-05T00:00:00.000000
certa-2000-ale-011	Trojan Simpsons	2000-06-29T00:00:00.000000	2000-06-29T00:00:00.000000
certa-2000-ale-010	Vulnérabilités dans le serveur de fichier wu-ftpd	2000-06-26T00:00:00.000000	2000-06-26T00:00:00.000000
certa-2000-ale-009	Ver VBS/Stages-A, Mirc/stages-a, pIRC/Stages-A	2000-06-20T00:00:00.000000	2000-06-20T00:00:00.000000
certa-2000-ale-008	The Serbian Badman Trojan (TSB)	2000-06-13T00:00:00.000000	2000-06-13T00:00:00.000000
certa-2000-ale-007	Virus VBS/LoveLet-AS	2000-06-09T00:00:00.000000	2000-06-09T00:00:00.000000
certa-2000-ale-006	Deni de service sous Firewall-1	2000-06-08T00:00:00.000000	2000-06-08T00:00:00.000000
certa-2000-ale-005	Virus macro V97M/Resume.A	2000-05-29T00:00:00.000000	2000-05-29T00:00:00.000000
certa-2000-ale-004	Virus Macro OF97/Cybernet-A	2000-05-26T00:00:00.000000	2000-05-26T00:00:00.000000
certa-2000-ale-003	« Mesures de performances » de l'Internet	2000-05-26T00:00:00.000000	2000-05-26T00:00:00.000000
certa-2000-ale-002	Alerte de virus NEWLOVE	2000-05-19T00:00:00.000000	2000-05-19T00:00:00.000000

ID	CVSS	Description	Vendor	Product	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated