Recent vulnerabilities

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2026-0824	5.1 (4.0) 3.5 (3.1) 3.5 (3.0)	questdb ui Web Console cross site scripting	questdb	ui	2026-01-10T14:32:08.724Z	2026-01-12T18:26:21.294Z
CVE-2025-13393	4.3 (3.1)	Featured Image from URL (FIFU) <= 5.3.1 - Authenticate…	marceljm	Featured Image from URL (FIFU)	2026-01-10T13:47:35.750Z	2026-01-12T18:28:15.408Z
CVE-2025-12379	6.4 (3.1)	Shortcodes and extra features for Phlox theme <= 2.17.…	averta	Shortcodes and extra features for Phlox theme	2026-01-10T13:47:35.146Z	2026-01-12T18:29:20.473Z
CVE-2026-0822	5.3 (4.0) 6.3 (3.1) 6.3 (3.0)	quickjs-ng quickjs quickjs.c js_typed_array_sort heap-…	quickjs-ng	quickjs	2026-01-10T13:32:08.881Z	2026-01-12T18:30:50.158Z
CVE-2026-0821	6.9 (4.0) 7.3 (3.1) 7.3 (3.0)	quickjs-ng quickjs quickjs.c js_typed_array_constructo…	quickjs-ng	quickjs	2026-01-10T13:02:07.698Z	2026-01-12T14:36:51.911Z
CVE-2025-14555	6.4 (3.1)	Countdown Timer - Widget Countdown <= 2.7.7 - Authenti…	wpdevart	Countdown Timer – Widget Countdown	2026-01-10T12:23:16.588Z	2026-01-12T13:10:31.231Z
CVE-2025-15504	4.8 (4.0) 3.3 (3.1) 3.3 (3.0)	lief-project LIEF ELF Binary Parser.tcc parse_binary n…	lief-project	LIEF	2026-01-10T11:32:06.771Z	2026-01-12T14:45:44.884Z
CVE-2025-14506	6.4 (3.1)	ConvertForce Popup Builder <= 0.0.7 - Stored Cross-Sit…	imtiazrayhan	ConvertForce Popup Builder	2026-01-10T11:22:38.947Z	2026-01-12T13:10:20.692Z
CVE-2025-52435	N/A	Apache Mynewt NimBLE: Invalid error handling in pause …	Apache Software Foundation	Apache Mynewt NimBLE	2026-01-10T09:47:10.568Z	2026-01-12T19:07:07.593Z
CVE-2025-53470	N/A	Apache Mynewt NimBLE: Out-of-Bounds Write Vulnerabilit…	Apache Software Foundation	Apache Mynewt NimBLE	2026-01-10T09:46:35.789Z	2026-01-12T19:12:52.715Z
CVE-2025-53477	N/A	Apache Mynewt NimBLE: NULL Pointer Dereference in NimB…	Apache Software Foundation	Apache Mynewt NimBLE	2026-01-10T09:45:27.630Z	2026-01-12T16:54:48.496Z
CVE-2025-62235	N/A	Apache Mynewt NimBLE: Incorrect handling of SMP Securi…	Apache Software Foundation	Apache Mynewt NimBLE	2026-01-10T09:42:30.446Z	2026-01-12T16:45:27.886Z
CVE-2026-0831	5.3 (3.1)	Templately <= 3.4.8 - Unauthenticated Limited Arbitrar…	wpdevteam	Templately – Elementor & Gutenberg Template Library: 6500+ Free & Pro Ready Templates And Cloud!	2026-01-10T09:22:18.126Z	2026-01-12T13:09:57.883Z
CVE-2025-15503	6.9 (4.0) 7.3 (3.1) 7.3 (3.0)	Sangfor Operation and Maintenance Management System co…	Sangfor	Operation and Maintenance Management System	2026-01-10T09:02:06.233Z	2026-01-12T14:37:45.873Z
CVE-2025-14976	5.4 (3.1)	User Registration & Membership <= 4.4.8 - Cross-Site R…	wpeverest	User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin	2026-01-10T08:22:57.183Z	2026-01-12T13:08:25.004Z
CVE-2025-15502	6.9 (4.0) 7.3 (3.1) 7.3 (3.0)	Sangfor Operation and Maintenance Management System se…	Sangfor	Operation and Maintenance Management System	2026-01-10T08:02:06.438Z	2026-01-12T14:38:32.534Z
CVE-2025-14948	5.3 (3.1)	miniOrange OTP Verification and SMS Notification for W…	cyberlord92	miniOrange OTP Verification and SMS Notification for WooCommerce	2026-01-10T07:03:55.561Z	2026-01-12T13:08:10.342Z
CVE-2026-22777	7.5 (3.1)	ComfyUI-Manager is Vulnerable to CRLF Injection in Con…	Comfy-Org	ComfyUI-Manager	2026-01-10T06:43:21.579Z	2026-01-12T13:22:32.833Z
CVE-2026-22773	6.5 (3.1)	vLLM is vulnerable to DoS in Idefics3 vision models vi…	vllm-project	vllm	2026-01-10T06:39:02.276Z	2026-01-12T13:22:52.666Z
CVE-2025-14943	4.3 (3.1)	Blog2Social: Social Media Auto Post & Scheduler <= 8.7…	pr-gateway	Blog2Social: Social Media Auto Post & Scheduler	2026-01-10T06:32:34.320Z	2026-01-12T13:40:35.845Z
CVE-2026-22704	8.1 (3.1)	HAXcms Has Stored XSS Vulnerability that May Lead to A…	haxtheweb	issues	2026-01-10T06:22:45.076Z	2026-01-13T15:09:03.814Z
CVE-2026-22705	6.4 (3.1)	RustCrypto: Signatures has timing side-channel in ML-D…	RustCrypto	signatures	2026-01-10T06:14:20.292Z	2026-01-12T16:43:06.463Z
CVE-2026-22703	5.5 (3.1)	Cosign verification accepts any valid Rekor entry unde…	sigstore	cosign	2026-01-10T06:11:09.426Z	2026-01-12T16:43:57.302Z
CVE-2026-22702	4.5 (3.1)	virtualenv Has TOCTOU Vulnerabilities in Directory Creation	pypa	virtualenv	2026-01-10T06:05:53.281Z	2026-01-12T16:44:12.734Z
CVE-2026-22701	5.3 (3.1)	filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vu…	tox-dev	filelock	2026-01-10T05:59:28.872Z	2026-01-12T16:45:50.638Z
CVE-2026-22693	5.3 (3.1)	Null Pointer Dereference in SubtableUnicodesCache::cre…	harfbuzz	harfbuzz	2026-01-10T05:53:21.019Z	2026-01-12T16:47:17.715Z
CVE-2026-22689	6.5 (3.1)	Mailpit is vulnerable to Cross-Site WebSocket Hijackin…	axllent	mailpit	2026-01-10T05:46:13.771Z	2026-01-12T16:47:34.722Z
CVE-2026-22685	8.8 (3.1)	DevToys Path Traversal (“Zip Slip”) Vulnerability in D…	DevToys-app	DevToys	2026-01-10T05:43:19.856Z	2026-01-12T14:39:28.330Z
CVE-2026-22611	3.7 (3.1)	AWS SDK for .NET V4 adopted defense in depth enhanceme…	aws	aws-sdk-net	2026-01-10T05:37:08.297Z	2026-01-12T14:39:57.770Z
CVE-2026-22700	7.5 (3.1)	RustCrypto Has Insufficient Length Validation in decry…	RustCrypto	elliptic-curves	2026-01-10T05:17:25.583Z	2026-01-12T14:46:46.227Z

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2025-14506	6.4 (3.1)	ConvertForce Popup Builder <= 0.0.7 - Stored Cross-Sit…	imtiazrayhan	ConvertForce Popup Builder	2026-01-10T11:22:38.947Z	2026-01-12T13:10:20.692Z
CVE-2026-0831	5.3 (3.1)	Templately <= 3.4.8 - Unauthenticated Limited Arbitrar…	wpdevteam	Templately – Elementor & Gutenberg Template Library: 6500+ Free & Pro Ready Templates And Cloud!	2026-01-10T09:22:18.126Z	2026-01-12T13:09:57.883Z
CVE-2025-62235	N/A	Apache Mynewt NimBLE: Incorrect handling of SMP Securi…	Apache Software Foundation	Apache Mynewt NimBLE	2026-01-10T09:42:30.446Z	2026-01-12T16:45:27.886Z
CVE-2025-53477	N/A	Apache Mynewt NimBLE: NULL Pointer Dereference in NimB…	Apache Software Foundation	Apache Mynewt NimBLE	2026-01-10T09:45:27.630Z	2026-01-12T16:54:48.496Z
CVE-2025-53470	N/A	Apache Mynewt NimBLE: Out-of-Bounds Write Vulnerabilit…	Apache Software Foundation	Apache Mynewt NimBLE	2026-01-10T09:46:35.789Z	2026-01-12T19:12:52.715Z
CVE-2025-52435	N/A	Apache Mynewt NimBLE: Invalid error handling in pause …	Apache Software Foundation	Apache Mynewt NimBLE	2026-01-10T09:47:10.568Z	2026-01-12T19:07:07.593Z
CVE-2025-15503	6.9 (4.0) 7.3 (3.1) 7.3 (3.0)	Sangfor Operation and Maintenance Management System co…	Sangfor	Operation and Maintenance Management System	2026-01-10T09:02:06.233Z	2026-01-12T14:37:45.873Z
CVE-2025-14976	5.4 (3.1)	User Registration & Membership <= 4.4.8 - Cross-Site R…	wpeverest	User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin	2026-01-10T08:22:57.183Z	2026-01-12T13:08:25.004Z
CVE-2025-15502	6.9 (4.0) 7.3 (3.1) 7.3 (3.0)	Sangfor Operation and Maintenance Management System se…	Sangfor	Operation and Maintenance Management System	2026-01-10T08:02:06.438Z	2026-01-12T14:38:32.534Z
CVE-2026-22777	7.5 (3.1)	ComfyUI-Manager is Vulnerable to CRLF Injection in Con…	Comfy-Org	ComfyUI-Manager	2026-01-10T06:43:21.579Z	2026-01-12T13:22:32.833Z
CVE-2026-22773	6.5 (3.1)	vLLM is vulnerable to DoS in Idefics3 vision models vi…	vllm-project	vllm	2026-01-10T06:39:02.276Z	2026-01-12T13:22:52.666Z
CVE-2026-22705	6.4 (3.1)	RustCrypto: Signatures has timing side-channel in ML-D…	RustCrypto	signatures	2026-01-10T06:14:20.292Z	2026-01-12T16:43:06.463Z
CVE-2026-22704	8.1 (3.1)	HAXcms Has Stored XSS Vulnerability that May Lead to A…	haxtheweb	issues	2026-01-10T06:22:45.076Z	2026-01-13T15:09:03.814Z
CVE-2026-22703	5.5 (3.1)	Cosign verification accepts any valid Rekor entry unde…	sigstore	cosign	2026-01-10T06:11:09.426Z	2026-01-12T16:43:57.302Z
CVE-2026-22702	4.5 (3.1)	virtualenv Has TOCTOU Vulnerabilities in Directory Creation	pypa	virtualenv	2026-01-10T06:05:53.281Z	2026-01-12T16:44:12.734Z
CVE-2025-14948	5.3 (3.1)	miniOrange OTP Verification and SMS Notification for W…	cyberlord92	miniOrange OTP Verification and SMS Notification for WooCommerce	2026-01-10T07:03:55.561Z	2026-01-12T13:08:10.342Z
CVE-2025-14943	4.3 (3.1)	Blog2Social: Social Media Auto Post & Scheduler <= 8.7…	pr-gateway	Blog2Social: Social Media Auto Post & Scheduler	2026-01-10T06:32:34.320Z	2026-01-12T13:40:35.845Z
CVE-2026-22701	5.3 (3.1)	filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vu…	tox-dev	filelock	2026-01-10T05:59:28.872Z	2026-01-12T16:45:50.638Z
CVE-2026-22700	7.5 (3.1)	RustCrypto Has Insufficient Length Validation in decry…	RustCrypto	elliptic-curves	2026-01-10T05:17:25.583Z	2026-01-12T14:46:46.227Z
CVE-2026-22699	7.5 (3.1)	RustCrypto SM2-PKE has Unchecked AffinePoint Decoding …	RustCrypto	elliptic-curves	2026-01-10T05:17:22.818Z	2026-01-12T14:59:18.634Z
CVE-2026-22698	8.7 (4.0)	RustCrypto SM2-PKE has 32-bit Biased Nonce Vulnerability	RustCrypto	elliptic-curves	2026-01-10T05:17:19.993Z	2026-01-12T16:48:30.706Z
CVE-2026-22693	5.3 (3.1)	Null Pointer Dereference in SubtableUnicodesCache::cre…	harfbuzz	harfbuzz	2026-01-10T05:53:21.019Z	2026-01-12T16:47:17.715Z
CVE-2026-22689	6.5 (3.1)	Mailpit is vulnerable to Cross-Site WebSocket Hijackin…	axllent	mailpit	2026-01-10T05:46:13.771Z	2026-01-12T16:47:34.722Z
CVE-2026-22685	8.8 (3.1)	DevToys Path Traversal (“Zip Slip”) Vulnerability in D…	DevToys-app	DevToys	2026-01-10T05:43:19.856Z	2026-01-12T14:39:28.330Z
CVE-2026-22611	3.7 (3.1)	AWS SDK for .NET V4 adopted defense in depth enhanceme…	aws	aws-sdk-net	2026-01-10T05:37:08.297Z	2026-01-12T14:39:57.770Z
CVE-2026-22691	2.7 (4.0)	pypdf has possible long runtimes for malformed startxref	py-pdf	pypdf	2026-01-10T04:46:12.423Z	2026-01-12T16:48:53.503Z
CVE-2026-22690	2.7 (4.0)	pypdf has possible long runtimes for missing /Root obj…	py-pdf	pypdf	2026-01-10T04:41:20.773Z	2026-01-12T17:07:00.323Z
CVE-2026-22688	10 (3.1)	WeKnora has Command Injection in MCP stdio test	Tencent	WeKnora	2026-01-10T03:41:59.952Z	2026-01-12T17:20:43.431Z
CVE-2026-22687	8.1 (3.1)	WeKnora vulnerable to SQL Injection	Tencent	WeKnora	2026-01-10T03:41:43.862Z	2026-01-12T17:21:25.675Z
CVE-2026-22610	8.5 (4.0)	Angular has XSS Vulnerability via Unsanitized SVG Scri…	angular	angular	2026-01-10T03:35:40.727Z	2026-01-13T04:55:48.905Z

ID	Description	Published	Updated

ID	Severity	Description	Published	Updated
ghsa-crr3-w29j-c6x6	9.8 (3.1) 8.9 (4.0)	A vulnerability was found in Sangfor Operation and Maintenance Management System up to 3.0.8. This …	2026-01-10T00:30:30Z	2026-01-10T00:30:30Z
ghsa-9ccr-8mmh-vx6x	4.3 (3.1)	A logic issue was addressed with improved validation. This issue is fixed in iOS 26.2 and iPadOS 26…	2026-01-10T00:30:30Z	2026-01-10T00:30:30Z
ghsa-8mvr-hqm9-fqrf	8.8 (3.1) 7.4 (4.0)	A vulnerability has been found in Sangfor Operation and Maintenance Management System up to 3.0.8. …	2026-01-10T00:30:30Z	2026-01-10T00:30:30Z
ghsa-7x99-8x99-xc54	9.8 (3.1)	Improper Control of Generation of Code ('Code Injection') vulnerability in Salesforce Uni2TS on Mac…	2026-01-10T00:30:30Z	2026-01-12T18:30:30Z
ghsa-4wq3-r6vg-34q5	3.5 (3.1)	### Details On October 1, 2025, Palantir discovered that images uploaded through the Dossier front-…	2026-01-10T00:30:30Z	2026-01-10T00:30:31Z
ghsa-29gc-r2qh-wc5v	4.3 (3.1)	A memory initialization issue was addressed with improved memory handling. This issue is fixed in t…	2026-01-10T00:30:30Z	2026-01-10T00:30:30Z
ghsa-78p6-6878-8mj6	7.5 (3.1)	SM2-PKE has Unchecked AffinePoint Decoding (unwrap) in decrypt()	2026-01-09T22:35:35Z	2026-01-11T14:56:39Z
ghsa-h4rm-mm56-xf63	8.9 (4.0)	Fickling vulnerable to detection bypass due to "builtins" blindness	2026-01-09T22:29:02Z	2026-01-11T14:55:18Z
ghsa-w3g8-fp6j-wvqw	8.7 (4.0)	SM2-PKE has 32-bit Biased Nonce Vulnerability	2026-01-09T22:27:50Z	2026-01-11T14:56:33Z
ghsa-r8x9-f3r5-3x8j	6.5 (3.1)	Area9 Rhapsode 1.47.3 allows SQL Injection via multiple API endpoints accessible to authenticated u…	2026-01-09T21:31:35Z	2026-01-10T00:30:29Z
ghsa-mw8h-g64c-rxv4	6.5 (3.1)	Shiori is vulnerable to authentication bypass via a brute force attack	2026-01-09T21:31:35Z	2026-01-13T14:58:03Z
ghsa-j3jp-gmvh-ppvr	8.2 (3.1)	A vulnerability exists in Intelbras CFTV IP NVD 9032 R Ftd V2.800.00IB00C.0.T, which allows an unau…	2026-01-09T21:31:35Z	2026-01-10T00:30:29Z
ghsa-88jg-rrgx-r8v9	6.5 (3.1)	SQL injection vulnerability in pss.sale.com 1.0 via the id parameter to the userfiles/php/cancel_or…	2026-01-09T21:31:35Z	2026-01-10T00:30:29Z
ghsa-7xjv-wf6r-872r	7.8 (3.1) 8.4 (4.0)	Processing specially crafted workspace folder names could allow for arbitrary command injection in …	2026-01-09T21:31:35Z	2026-01-09T21:31:35Z
ghsa-7r2g-px2q-wrcx	6.5 (3.1)	In Area9 Rhapsode 1.47.3, an authenticated attacker can exploit the operation, url, and filename pa…	2026-01-09T21:31:35Z	2026-01-10T00:30:29Z
ghsa-2v8h-5826-r95p	6.5 (3.1)	A DLL hijacking vulnerability in Axtion ODISSAAS ODIS v1.8.4 allows attackers to execute arbitrary …	2026-01-09T21:31:35Z	2026-01-10T00:30:29Z
ghsa-q5qq-mvfm-j35x	8.9 (4.0)	Fickling has Static Analysis Bypass via Incomplete Dangerous Module Blocklist	2026-01-09T21:12:00Z	2026-01-11T14:55:13Z
ghsa-5hvc-6wx8-mvv4	8.9 (4.0)	Fickling vulnerable to use of ctypes and pydoc gadget chain to bypass detection	2026-01-09T21:05:13Z	2026-01-11T14:55:08Z
ghsa-p523-jq9w-64x9	8.9 (4.0)	Fickling Blocklist Bypass: cProfile.run()	2026-01-09T21:04:22Z	2026-01-11T14:54:55Z
ghsa-wfq2-52f7-7qvj	8.9 (4.0)	Fickling has a bypass via runpy.run_path() and runpy.run_module()	2026-01-09T20:52:40Z	2026-01-11T14:54:44Z
ghsa-wvpq-h33f-8rp6	6.1 (3.1)	October CMS Vulnerable to Stored XSS via Branding Styles	2026-01-09T20:12:24Z	2026-01-11T14:55:37Z
ghsa-585q-cm62-757j	2.0 (4.0)	mnl has segmentation fault and invalid memory read in `mnl::cb_run`	2026-01-09T19:53:23Z	2026-01-09T19:53:23Z
ghsa-4f6g-68pf-7vhv	2.7 (4.0)	pypdf has possible long runtimes for malformed startxref	2026-01-09T19:48:57Z	2026-01-11T14:53:40Z
ghsa-4xc4-762w-m6cg	2.7 (4.0)	pypdf has possible long runtimes for missing /Root object with large /Size values	2026-01-09T19:48:22Z	2026-01-11T14:53:34Z
ghsa-88q6-jcjg-hvmw	8.8 (4.0)	jose-swift has JWT Signature Verification Bypass via None Algorithm	2026-01-09T19:39:30Z	2026-01-09T19:39:30Z
ghsa-78h3-63c4-5fqc	9.9 (3.1)	WeKnora has Command Injection in MCP stdio test	2026-01-09T19:21:22Z	2026-01-11T14:53:28Z
ghsa-pcwc-3fw3-8cqv	8.1 (3.1)	WeKnora vulnerable to SQL Injection	2026-01-09T19:19:57Z	2026-01-11T14:53:23Z
ghsa-9cvc-h2w8-phrp	3.7 (3.1)	AWS SDK for .NET V4 adopted defense in depth enhancement for region parameter value	2026-01-09T18:56:21Z	2026-01-11T14:56:00Z
ghsa-jrmj-c5cx-3cw6	8.5 (4.0)	Angular has XSS Vulnerability via Unsanitized SVG Script Attributes	2026-01-09T18:52:14Z	2026-01-11T14:55:54Z
ghsa-2g22-wg49-fgv5	10.0 (3.1)	XWiki Full Calendar Macro vulnerable to SQL injection through Calendar.JSONService	2026-01-09T18:41:47Z	2026-01-11T14:55:48Z

ID	Severity	Description	Package	Published	Updated
pysec-2023-197		Apache Airflow, versions before 2.7.2, has a vulnerability that allows an authorized user…	apache-airflow	2023-10-14T10:15:00+00:00	2023-10-14T12:46:00.410542+00:00
pysec-2023-201	4.3 (3.1)	vantage6 is privacy preserving federated learning infrastructure. The endpoint /api/colla…	vantage6	2023-10-11T20:15:00+00:00	2023-10-18T05:26:18.202930+00:00
pysec-2023-200	4.3 (3.1)	vantage6 is privacy preserving federated learning infrastructure. When a collaboration is…	vantage6	2023-10-11T20:15:00+00:00	2023-10-18T05:26:18.112311+00:00
pysec-2023-198	5.4 (3.1)	vantage6 is privacy preserving federated learning infrastructure. Prior to version 4.0.0,…	vantage6-node	2023-10-11T20:15:00+00:00	2023-10-17T18:31:16.643410+00:00
pysec-2023-196	7.2 (3.1)	vantage6 is privacy preserving federated learning infrastructure. Versions prior to 4.0.0…	vantage6	2023-10-11T18:15:00+00:00	2023-10-13T22:28:56.802294+00:00
pysec-2023-199	4.9 (3.1)	Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foun…	matrix-synapse	2023-10-10T18:15:00+00:00	2023-10-17T22:26:17.611846+00:00
pysec-2023-194	9.8 (3.1)	langchain_experimental 0.0.14 allows an attacker to bypass the CVE-2023-36258 fix and exe…	langchain-experimental	2023-10-09T20:15:00Z	2025-02-23T07:46:11Z
pysec-2023-195	6.5 (3.1)	OctoPrint is a web interface for 3D printers. OctoPrint versions up until and including 1…	octoprint	2023-10-09T16:15:00+00:00	2023-10-13T20:25:14.968230+00:00
pysec-2023-193	4.8 (3.1)	Zope is an open-source web application server. The title property, available on most Zope…	zope	2023-10-04T21:15:00+00:00	2023-10-10T20:21:16.174482+00:00
pysec-2023-192	8.1 (3.1)	urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the `Coo…	urllib3	2023-10-04T17:15:00+00:00	2023-10-10T14:28:19.389317+00:00
pysec-2023-190	7.5 (3.1)	Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service (DoS) s…	asyncua	2023-10-03T05:15:00+00:00	2023-10-04T18:37:48.407821+00:00
pysec-2023-189	7.5 (3.1)	Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication s…	asyncua	2023-10-03T05:15:00+00:00	2023-10-04T18:37:48.328804+00:00
pysec-2023-187		An issue was discovered in pretix before 2023.7.1. Incorrect parsing of configuration fil…	pretix	2023-10-02T20:15:00+00:00	2023-10-02T22:26:51.461030+00:00
pysec-2023-183		opencv-python versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulne…	opencv-python		2023-09-29T21:15:28.039030+00:00
pysec-2023-184		opencv-python-headless versions before v4.8.1.78 bundled libwebp binaries in wheels that …	opencv-python-headless		2023-09-29T21:15:27.980982+00:00
pysec-2023-181		opencv-contrib-python versions before v4.8.1.78 bundled libwebp binaries in wheels that a…	opencv-contrib-python		2023-09-29T21:15:27.924031+00:00
pysec-2023-182		opencv-contrib-python-headless versions before v4.8.1.78 bundled libwebp binaries in whee…	opencv-contrib-python-headless		2023-09-29T21:15:27.863960+00:00
pysec-2023-188	7.5 (3.1)	When deserializing untrusted or corrupted data, it is possible for a reader to consume me…	avro	2023-09-29T17:15:00+00:00	2023-10-03T22:26:25.361706+00:00
pysec-2023-186	8.8 (3.1)	Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffwe…	rdiffweb	2023-09-29T14:15:00+00:00	2023-10-02T20:24:26.790735+00:00
pysec-2023-179		This affects versions of the package pydash before 6.0.0. A number of pydash methods such…	pydash	2023-09-28T05:15:00+00:00	2023-09-28T10:29:02.604249+00:00
pysec-2023-191	7.5 (3.1)	Vyper is a Pythonic Smart Contract Language for the EVM. The `_abi_decode()` function doe…	vyper	2023-09-27T15:19:00+00:00	2023-10-04T20:26:42.494872+00:00
pysec-2023-185	3.7 (3.1)	Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foun…	matrix-synapse	2023-09-27T15:19:00+00:00	2023-09-30T05:24:54.158504+00:00
pysec-2023-180	4.3 (3.1)	Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foun…	matrix-synapse	2023-09-27T15:19:00+00:00	2023-09-29T20:23:39.578838+00:00
pysec-2023-175		Pillow versions before v10.0.1 bundled libwebp binaries in wheels that are vulnerable to …	pillow		2023-09-25T17:25:13.946374Z
pysec-2023-177		An issue in Gevent before version 23.9.0 allows a remote attacker to escalate privileges …	gevent	2023-09-25T12:15:00+00:00	2023-09-25T14:28:09.019811+00:00
pysec-2023-310	7.5 (3.1)	Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NO…	mobsf	2023-09-21T22:15:11+00:00	2025-04-09T17:27:26.663665+00:00
pysec-2023-311	5.4 (3.1)	plone.namedfile allows users to handle `File` and `Image` fields targeting, but not depen…	plone-namedfile	2023-09-21T15:15:10+00:00	2025-04-09T17:27:27.153848+00:00
pysec-2023-178	7.5 (3.1)	plone.rest allows users to use HTTP verbs such as GET, POST, PUT, DELETE, etc. in Plone. …	plone-rest	2023-09-21T15:15:00Z	2023-10-28T20:22:08.431825Z
pysec-2023-174		imagecodecs versions before v2023.9.18 bundled libwebp binaries in wheels that are vulner…	imagecodecs		2023-09-20T05:12:42.403706+00:00
pysec-2023-306	8.1 (3.1)	Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine (EVM). In ve…	vyper	2023-09-18T21:16:00+00:00	2024-11-21T14:23:02.752932+00:00

ID	Description	Type

ID	Description	Updated

ID	Description	Published	Updated
mal-2025-192858	Malicious code in resethp (npm)	2025-12-23T08:28:15Z	2026-01-02T21:37:30Z
mal-2025-192857	Malicious code in redux-motion (npm)	2025-12-23T08:27:50Z	2026-01-02T21:37:30Z
mal-2025-192856	Malicious code in react-resizable-text (npm)	2025-12-23T08:27:17Z	2026-01-02T21:37:30Z
mal-2025-192855	Malicious code in react-flex-tools (npm)	2025-12-23T08:26:31Z	2026-01-02T21:37:30Z
mal-2025-192854	Malicious code in react-confetti-enhanced (npm)	2025-12-23T08:26:19Z	2026-01-02T21:37:30Z
mal-2025-192853	Malicious code in portal-aes (npm)	2025-12-23T08:24:49Z	2026-01-02T21:37:29Z
mal-2025-192852	Malicious code in polyfill-corejs2 (npm)	2025-12-23T08:24:47Z	2026-01-02T21:37:29Z
mal-2025-192851	Malicious code in petco-test (npm)	2025-12-23T08:24:29Z	2026-01-02T21:37:29Z
mal-2025-192850	Malicious code in pentestlyio-testpackage (npm)	2025-12-23T08:24:20Z	2026-01-02T21:37:29Z
mal-2025-192849	Malicious code in oneday-worm-research (npm)	2025-12-23T08:23:15Z	2026-01-02T21:37:29Z
mal-2025-192848	Malicious code in nokaca (npm)	2025-12-23T08:22:46Z	2026-01-02T21:37:29Z
mal-2025-192847	Malicious code in node-calculator-x7k9-grabber (npm)	2025-12-23T08:22:31Z	2026-01-02T21:37:29Z
mal-2025-192846	Malicious code in node-calculator-x7k9-evil (npm)	2025-12-23T08:22:31Z	2026-01-02T21:37:29Z
mal-2025-192845	Malicious code in node-calculator-fe54 (npm)	2025-12-23T08:22:30Z	2026-01-02T21:37:29Z
mal-2025-192844	Malicious code in node-calculator-f483 (npm)	2025-12-23T08:22:29Z	2026-01-02T21:37:29Z
mal-2025-192843	Malicious code in node-calculator-f2af (npm)	2025-12-23T08:22:22Z	2026-01-02T21:37:29Z
mal-2025-192842	Malicious code in node-calculator-e776 (npm)	2025-12-23T08:22:21Z	2026-01-02T21:37:29Z
mal-2025-192841	Malicious code in node-calculator-dfd9 (npm)	2025-12-23T08:22:20Z	2026-01-02T21:37:29Z
mal-2025-192840	Malicious code in node-calculator-bde6 (npm)	2025-12-23T08:22:19Z	2026-01-02T21:37:29Z
mal-2025-192839	Malicious code in node-calculator-ad83 (npm)	2025-12-23T08:22:17Z	2026-01-02T21:37:29Z
mal-2025-192838	Malicious code in node-calculator-ab44 (npm)	2025-12-23T08:22:16Z	2026-01-02T21:37:29Z
mal-2025-192837	Malicious code in node-calculator-a34e (npm)	2025-12-23T08:22:15Z	2026-01-02T21:37:29Z
mal-2025-192836	Malicious code in node-calculator-98ba (npm)	2025-12-23T08:22:06Z	2026-01-02T21:37:29Z
mal-2025-192835	Malicious code in node-calculator-8f0c (npm)	2025-12-23T08:22:05Z	2026-01-02T21:37:29Z
mal-2025-192834	Malicious code in node-calculator-7b82 (npm)	2025-12-23T08:22:04Z	2026-01-02T21:37:29Z
mal-2025-192833	Malicious code in node-calculator-78c0 (npm)	2025-12-23T08:22:03Z	2026-01-02T21:37:29Z
mal-2025-192832	Malicious code in node-calculator-73dd (npm)	2025-12-23T08:22:02Z	2026-01-02T21:37:29Z
mal-2025-192831	Malicious code in node-calculator-603e (npm)	2025-12-23T08:22:01Z	2026-01-02T21:37:29Z
mal-2025-192830	Malicious code in node-calculator-5b8f (npm)	2025-12-23T08:22:00Z	2026-01-02T21:37:29Z
mal-2025-192829	Malicious code in node-calculator-40ed (npm)	2025-12-23T08:21:52Z	2026-01-02T21:37:29Z

ID	Description	Published	Updated
wid-sec-w-2025-2540	IBM Cognos Analytics: Schwachstelle ermöglicht Offenlegung von Informationen	2025-11-10T23:00:00.000+00:00	2025-11-10T23:00:00.000+00:00
wid-sec-w-2025-2539	Rockwell Automation FactoryTalk DataMosaix Private Cloud: Mehrere Schwachstellen	2025-11-10T23:00:00.000+00:00	2025-11-11T23:00:00.000+00:00
wid-sec-w-2025-2538	Rockwell Automation Studio 5000: Mehrere Schwachstellen	2025-11-10T23:00:00.000+00:00	2025-11-11T23:00:00.000+00:00
wid-sec-w-2025-2537	BusyBox (wget): Schwachstelle ermöglicht Umgehung von Sicherheitsvorkehrungen	2025-11-10T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-2536	SAP Software: Mehrere Schwachstellen	2025-11-10T23:00:00.000+00:00	2025-11-12T23:00:00.000+00:00
wid-sec-w-2025-2535	DNN: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-11-10T23:00:00.000+00:00	2025-11-10T23:00:00.000+00:00
wid-sec-w-2025-2534	IBM Business Automation Workflow: Mehrere Schwachstellen	2025-11-09T23:00:00.000+00:00	2025-11-26T23:00:00.000+00:00
wid-sec-w-2025-2533	RedHat Multicluster Engine for Kubernetes: Schwachstelle ermöglicht Privilegieneskalation	2025-11-09T23:00:00.000+00:00	2025-12-17T23:00:00.000+00:00
wid-sec-w-2025-2532	IBM DB2: Mehrere Schwachstellen	2025-11-09T23:00:00.000+00:00	2025-12-09T23:00:00.000+00:00
wid-sec-w-2025-2531	Linux Kernel: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen	2025-11-09T23:00:00.000+00:00	2025-12-28T23:00:00.000+00:00
wid-sec-w-2025-2530	CrushFTP: Schwachstelle ermöglicht Cross-Site Scripting	2025-11-09T23:00:00.000+00:00	2025-11-09T23:00:00.000+00:00
wid-sec-w-2025-2529	QNAP NAS QTS und QTS hero: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff	2025-11-09T23:00:00.000+00:00	2025-12-15T23:00:00.000+00:00
wid-sec-w-2025-2518	Red Hat Enterprise Linux (runc): Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen	2025-11-09T23:00:00.000+00:00	2026-01-06T23:00:00.000+00:00
wid-sec-w-2025-2517	SuiteCRM: Mehrere Schwachstellen ermöglichen Manipulation von Dateien	2025-11-09T23:00:00.000+00:00	2025-11-09T23:00:00.000+00:00
wid-sec-w-2025-2516	SuiteCRM: Mehrere Schwachstellen ermöglichen Manipulation von Dateien	2025-11-06T23:00:00.000+00:00	2025-11-09T23:00:00.000+00:00
wid-sec-w-2025-2515	libxml2: Schwachstelle ermöglicht Denial of Service	2025-11-06T23:00:00.000+00:00	2025-11-09T23:00:00.000+00:00
wid-sec-w-2025-2514	Meldung zurückgezogen	2025-11-06T23:00:00.000+00:00	2025-11-09T23:00:00.000+00:00
wid-sec-w-2025-2513	Dell integrated Dell Remote Access Controller: Schwachstelle ermöglicht Umgehung von Sicherheitsmaßnahmen	2025-11-06T23:00:00.000+00:00	2025-11-06T23:00:00.000+00:00
wid-sec-w-2025-2512	Synacor Zimbra: Mehrere Schwachstellen	2025-11-06T23:00:00.000+00:00	2025-11-06T23:00:00.000+00:00
wid-sec-w-2025-2511	SuiteCRM: Mehrere Schwachstellen	2025-11-06T23:00:00.000+00:00	2025-11-06T23:00:00.000+00:00
wid-sec-w-2025-2510	AnyDesk: Mehrere Schwachstellen	2025-11-06T23:00:00.000+00:00	2025-12-07T23:00:00.000+00:00
wid-sec-w-2025-2509	Devolutions Server: Mehrere Schwachstellen	2025-11-06T23:00:00.000+00:00	2025-11-06T23:00:00.000+00:00
wid-sec-w-2025-2508	Red Hat Enterprise Linux: Schwachstelle ermöglicht Denial of Service	2025-11-06T23:00:00.000+00:00	2025-12-14T23:00:00.000+00:00
wid-sec-w-2025-2504	IBM Business Automation Workflow: Mehrere Schwachstellen ermöglichen Cross-Site Scripting	2025-11-05T23:00:00.000+00:00	2025-11-06T23:00:00.000+00:00
wid-sec-w-2025-2503	cPanel cPanel/WHM: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff	2025-11-05T23:00:00.000+00:00	2025-11-05T23:00:00.000+00:00
wid-sec-w-2025-2502	Cisco Unified Contact Center Express (UCCX): Mehrere Schwachstellen	2025-11-05T23:00:00.000+00:00	2025-11-05T23:00:00.000+00:00
wid-sec-w-2025-2501	Drupal Module (Email TFA und Simple multi step form): Mehrere Schwachstellen	2025-11-05T23:00:00.000+00:00	2025-11-18T23:00:00.000+00:00
wid-sec-w-2025-2500	Cisco Contact Center Produkte (CCE,CCX,CUIC): Mehrere Schwachstellen	2025-11-05T23:00:00.000+00:00	2025-11-18T23:00:00.000+00:00
wid-sec-w-2025-2499	IBM WebSphere Application Server: Schwachstelle ermöglicht Manipulation von Dateien und potenziell Umgehen von Sicherheitsvorkehrungen	2025-11-05T23:00:00.000+00:00	2026-01-01T23:00:00.000+00:00
wid-sec-w-2025-2498	Cisco Identity Services Engine (ISE): Mehrere Schwachstellen	2025-11-05T23:00:00.000+00:00	2025-11-05T23:00:00.000+00:00

ID	Description	Published	Updated
ncsc-2024-0469	Kwetsbaarheden verholpen in Qlik Sense Enterprise voor Windows	2024-12-09T13:38:50.887753Z	2024-12-09T13:38:50.887753Z
ncsc-2024-0468	Kwetsbaarheden verholpen in Mitel MiCollab	2024-12-09T13:37:33.039167Z	2024-12-09T13:37:33.039167Z
ncsc-2024-0467	Kwetsbaarheden verholpen in QNAP besturingssystemen	2024-12-09T13:36:33.362104Z	2024-12-09T13:36:33.362104Z
ncsc-2024-0466	Kwetsbaarheden verholpen in Atlassian producten	2024-12-06T13:05:55.904619Z	2024-12-06T13:05:55.904619Z
ncsc-2024-0465	Kwetsbaarheden verholpen in ABB ASPECT, NEXUS Series en MATRIX Series	2024-12-06T11:49:21.695542Z	2024-12-06T11:49:21.695542Z
ncsc-2024-0463	Kwetsbaarheden verholpen in Veeam Backup & Replication	2024-12-06T11:47:19.699742Z	2024-12-06T11:47:19.699742Z
ncsc-2024-0462	Kwetsbaarheden verholpen in Zabbix	2024-12-02T12:51:47.361749Z	2024-12-02T12:51:47.361749Z
ncsc-2024-0461	Kwetsbaarheden verholpen in IBM Security Verify Access Appliance	2024-12-02T10:55:14.978137Z	2024-12-02T10:55:14.978137Z
ncsc-2024-0460	Kwetsbaarheid verholpen in Zabbix	2024-11-28T14:24:11.654121Z	2024-11-28T14:24:11.654121Z
ncsc-2024-0459	Kwetsbaarheden verholpen in VMware Aria Operations	2024-11-26T13:25:37.944485Z	2024-11-26T13:25:37.944485Z
ncsc-2024-0458	Kwetsbaarheden ontdekt in Veritas Enterprise Vault	2024-11-25T09:04:34.013551Z	2024-11-25T09:04:34.013551Z
ncsc-2024-0457	Kwetsbaarheden verholpen in Apple iOS en iPadOS	2024-11-20T10:01:35.437557Z	2024-11-20T10:01:35.437557Z
ncsc-2024-0456	Kwetsbaarheden verholpen in Apple macOS en Safari	2024-11-20T10:00:42.593160Z	2024-11-20T10:00:42.593160Z
ncsc-2024-0455	Kwetsbaarheid verholpen in Trend Micro Deep Security	2024-11-20T09:04:14.183257Z	2024-11-20T09:04:14.183257Z
ncsc-2024-0454	Kwetsbaarheid verholpen in GitHub CLI	2024-11-19T15:03:48.421618Z	2024-11-19T15:03:48.421618Z
ncsc-2024-0453	Kwetsbaarheid verholpen in Oracle Agile PLM Framework	2024-11-19T09:41:05.945149Z	2024-11-19T09:41:05.945149Z
ncsc-2024-0452	Kwetsbaarheden verholpen in Siemens Tecnomatix Plant Simulation	2024-11-19T08:19:24.590425Z	2024-11-19T08:19:24.590425Z
ncsc-2024-0451	Kwetsbaarheden verholpen in Palo Alto PAN-OS	2024-11-18T16:00:29.206286Z	2024-11-20T08:41:37.309906Z
ncsc-2024-0450	Kwetsbaarheid verholpen in Adobe Photoshop	2024-11-18T11:18:22.537372Z	2024-11-18T11:18:22.537372Z
ncsc-2024-0449	Kwetsbaarheden verholpen in Adobe InDesign	2024-11-18T11:14:49.456205Z	2024-11-18T11:14:49.456205Z
ncsc-2024-0447	Kwetsbaarheden verholpen in GitLab CE/EE	2024-11-15T12:29:35.775993Z	2024-11-15T12:29:35.775993Z
ncsc-2024-0446	Kwetsbaarheid verholpen in Schneider Electric Ecostruxture	2024-11-14T12:46:16.737874Z	2024-11-14T12:46:16.737874Z
ncsc-2024-0445	Kwetsbaarheden verholpen in Fortinet FortiClient	2024-11-14T12:42:00.899040Z	2024-11-14T12:42:00.899040Z
ncsc-2024-0444	Kwetsbaarheden verholpen in Palo Alto PAN-OS	2024-11-14T12:38:50.941039Z	2024-11-14T12:38:50.941039Z
ncsc-2024-0443	Kwetsbaarheden verholpen in Citrix NetScaler ADC en NetScaler Gateway	2024-11-13T15:10:45.265209Z	2024-11-13T15:10:45.265209Z
ncsc-2024-0442	Kwetsbaarheden verholpen in Ivanti Connect Secure en Policy Secure	2024-11-13T12:38:13.252957Z	2024-11-13T12:38:13.252957Z
ncsc-2024-0441	Kwetsbaarheden verholpen in Ivanti Endpoint Manager	2024-11-13T10:42:35.387490Z	2024-11-13T10:42:35.387490Z
ncsc-2024-0439	Kwetsbaarheden verholpen in Microsoft Office	2024-11-12T18:57:09.604321Z	2024-11-12T18:57:09.604321Z
ncsc-2024-0438	Kwetsbaarheid verholpen in Microsoft Exchange Server	2024-11-12T18:56:25.729148Z	2024-11-12T18:56:25.729148Z
ncsc-2024-0437	Kwetsbaarheden verholpen in Microsoft SQL Server	2024-11-12T18:55:39.363057Z	2024-11-12T18:55:39.363057Z

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated
rhsa-2025:22393	Red Hat Security Advisory: qt6-qtsvg security update	2025-12-01T08:51:13+00:00	2025-12-01T12:50:40+00:00
rhsa-2025:22388	Red Hat Security Advisory: kernel security update	2025-12-01T06:11:52+00:00	2026-01-08T15:43:04+00:00
rhsa-2025:22387	Red Hat Security Advisory: kernel-rt security update	2025-12-01T05:31:33+00:00	2026-01-08T15:43:01+00:00
rhsa-2025:22377	Red Hat Security Advisory: libxml2 security update	2025-12-01T03:32:31+00:00	2025-12-17T08:37:41+00:00
rhsa-2025:22376	Red Hat Security Advisory: libxml2 security update	2025-12-01T03:26:36+00:00	2025-12-17T08:37:40+00:00
rhsa-2025:22374	Red Hat Security Advisory: firefox security update	2025-12-01T02:53:51+00:00	2025-12-09T09:10:06+00:00
rhsa-2025:22375	Red Hat Security Advisory: firefox security update	2025-12-01T02:46:01+00:00	2025-12-09T09:10:04+00:00
rhsa-2025:22364	Red Hat Security Advisory: xorg-x11-server security update	2025-12-01T02:42:02+00:00	2026-01-05T10:10:04+00:00
rhsa-2025:22371	Red Hat Security Advisory: firefox security update	2025-12-01T02:40:31+00:00	2025-12-09T09:10:08+00:00
rhsa-2025:22372	Red Hat Security Advisory: firefox security update	2025-12-01T02:39:56+00:00	2025-12-09T09:10:06+00:00
rhsa-2025:22363	Red Hat Security Advisory: firefox security update	2025-12-01T02:38:16+00:00	2025-12-09T09:10:19+00:00
rhsa-2025:22373	Red Hat Security Advisory: firefox security update	2025-12-01T02:35:11+00:00	2025-12-09T09:10:11+00:00
rhsa-2025:22368	Red Hat Security Advisory: firefox security update	2025-12-01T02:33:21+00:00	2025-12-09T09:10:12+00:00
rhsa-2025:22369	Red Hat Security Advisory: firefox security update	2025-12-01T02:17:58+00:00	2025-12-09T09:10:17+00:00
rhsa-2025:22367	Red Hat Security Advisory: firefox security update	2025-12-01T02:12:31+00:00	2025-12-09T09:10:13+00:00
rhsa-2025:22365	Red Hat Security Advisory: xorg-x11-server security update	2025-12-01T02:02:06+00:00	2026-01-05T10:10:01+00:00
rhsa-2025:22370	Red Hat Security Advisory: java-1.8.0-ibm security update	2025-12-01T01:49:46+00:00	2025-12-03T20:50:33+00:00
rhsa-2025:22361	Red Hat Security Advisory: qt6-qtquick3d security update	2025-12-01T01:46:32+00:00	2025-12-03T15:35:42+00:00
rhsa-2025:22345	Red Hat Security Advisory: Red Hat OpenShift Developer Tools - Source-to-Image 1.5.2	2025-11-27T22:06:09+00:00	2026-01-08T03:29:02+00:00
rhsa-2025:22287	Red Hat Security Advisory: Red Hat Quay 3.9	2025-11-27T14:54:51+00:00	2026-01-08T03:39:14+00:00
rhsa-2025:21829	Red Hat Security Advisory: OpenShift Container Platform 4.12.83 bug fix and security update	2025-11-27T12:20:57+00:00	2026-01-08T03:07:21+00:00
rhsa-2025:21824	Red Hat Security Advisory: OpenShift Container Platform 4.16.53 bug fix and security update	2025-11-27T11:08:51+00:00	2026-01-08T03:16:07+00:00
rhsa-2025:21795	Red Hat Security Advisory: OpenShift Container Platform 4.18.29 bug fix and security update	2025-11-27T04:24:21+00:00	2026-01-08T03:16:07+00:00
rhsa-2025:22205	Red Hat Security Advisory: bind security update	2025-11-26T21:38:30+00:00	2026-01-06T12:42:41+00:00
rhsa-2025:22190	Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.2 security update	2025-11-26T17:02:38+00:00	2026-01-05T18:27:35+00:00
rhsa-2025:22188	Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.2 Security update	2025-11-26T16:59:23+00:00	2026-01-05T18:27:34+00:00
rhsa-2025:22187	Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.2 security update	2025-11-26T16:59:20+00:00	2026-01-05T18:27:37+00:00
rhsa-2025:22181	Red Hat Security Advisory: golang security update	2025-11-26T15:05:54+00:00	2026-01-08T03:29:01+00:00
rhsa-2025:22182	Red Hat Security Advisory: Red Hat Quay 3.10.16	2025-11-26T14:52:57+00:00	2026-01-08T03:39:14+00:00
rhsa-2025:22179	Red Hat Security Advisory: RHSA 4.8.6 security and bug fix update	2025-11-26T13:57:08+00:00	2026-01-08T03:39:13+00:00

ID	Description	Published	Updated
icsa-25-072-06	Siemens SCALANCE LPE9403	2025-03-11T00:00:00.000000Z	2025-05-06T06:00:00.000000Z
icsa-25-072-05	Siemens SINAMICS S200	2025-03-11T00:00:00.000000Z	2025-03-11T00:00:00.000000Z
icsa-25-072-04	Siemens SiPass integrated AC5102/ACC-G2 and ACC-AP	2025-03-11T00:00:00.000000Z	2025-05-06T06:00:00.000000Z
icsa-25-072-03	Siemens SIMATIC S7-1500 TM MFP	2025-03-11T00:00:00.000000Z	2025-09-09T00:00:00.000000Z
icsa-25-072-02	Siemens SINEMA Remote Connect Server	2025-03-11T00:00:00.000000Z	2025-03-11T00:00:00.000000Z
icsa-25-072-01	Siemens Teamcenter Visualization and Tecnomatix	2025-03-11T00:00:00.000000Z	2025-05-06T06:00:00.000000Z
icsa-25-063-08	Edimax IC-7100 IP Camera	2025-03-04T07:00:00.000000Z	2025-03-04T07:00:00.000000Z
icsa-25-063-07	GMOD Apollo	2025-03-04T07:00:00.000000Z	2025-03-04T07:00:00.000000Z
icsa-25-063-06	Delta Electronics CNCSoft-G2	2025-03-04T07:00:00.000000Z	2025-03-04T07:00:00.000000Z
icsa-25-063-02	Keysight Ixia Vision Product Family (Update A)	2025-03-04T07:00:00.000000Z	2025-09-30T06:00:00.000000Z
icsa-25-063-01	Carrier Block Load	2025-03-04T07:00:00.000000Z	2025-03-04T07:00:00.000000Z
icsma-25-058-01	Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application	2025-02-27T07:00:00.000000Z	2025-02-27T07:00:00.000000Z
icsa-25-058-01	Schneider Electric communication modules for Modicon M580 and Quantum controllers (Update B)	2025-02-27T07:00:00.000000Z	2025-09-09T06:00:00.000000Z
icsa-25-133-03	Hitachi Energy MACH GWS products	2025-02-25T13:30:00.000000Z	2025-02-25T13:30:00.000000Z
icsa-25-133-01	Hitachi Energy Service Suite	2025-02-25T13:30:00.000000Z	2025-02-25T13:30:00.000000Z
icsa-25-065-01	Hitachi Energy PCU400	2025-02-25T13:30:00.000000Z	2025-02-25T13:30:00.000000Z
icsa-25-063-03	Hitachi Energy MACH PS700	2025-02-25T13:30:00.000000Z	2025-02-25T13:30:00.000000Z
icsa-25-056-01	Rockwell Automation PowerFlex 755	2025-02-25T07:00:00.000000Z	2025-02-25T07:00:00.000000Z
icsma-25-051-01	Medixant RadiAnt DICOM Viewer	2025-02-20T07:00:00.000000Z	2025-02-20T07:00:00.000000Z
icsa-25-051-05	Rapid Response Monitoring My Security Account App	2025-02-20T07:00:00.000000Z	2025-02-20T07:00:00.000000Z
icsa-25-051-03	Carrier Block Load	2025-02-20T07:00:00.000000Z	2025-02-20T07:00:00.000000Z
icsa-25-051-06	Elseta Vinci Protocol Analyzer	2025-02-18T07:00:00.000000Z	2025-02-18T07:00:00.000000Z
icsa-25-051-04	Siemens SiPass Integrated	2025-02-17T00:00:00.000000Z	2025-05-06T06:00:00.000000Z
icsma-25-044-01	Qardio Heart Health IOS and Android Application and QardioARM A100	2025-02-13T07:00:00.000000Z	2025-02-13T07:00:00.000000Z
icsa-25-044-18	Dingtian DT-R0 Series	2025-02-13T07:00:00.000000Z	2025-02-13T07:00:00.000000Z
icsa-25-044-17	Outback Power Mojave Inverter	2025-02-13T07:00:00.000000Z	2025-02-13T07:00:00.000000Z
icsa-25-044-16	mySCADA myPRO Manager	2025-02-13T07:00:00.000000Z	2025-02-13T07:00:00.000000Z
icsa-25-044-15	ORing IAP-420	2025-02-13T07:00:00.000000Z	2025-02-13T07:00:00.000000Z
va-25-043-01	Ivanti Connect Secure and Ivanti Policy Secure external file control vulnerability	2025-02-12T19:44:47Z	2025-02-20T00:00:00Z
icsa-25-079-02	Schneider Electric Enerlinâ€™X IFE and eIFE	2025-02-11T06:00:00.000000Z	2025-02-11T06:00:00.000000Z

ID	Description	Published	Updated
cisco-sa-asaftd-ac-acl-bypass-bwd7q6gb	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software AnyConnect Access Control List Bypass Vulnerabilities	2023-11-01T16:00:00+00:00	2023-11-01T16:00:00+00:00
cisco-sa-asa-webvpn-dos-3ghzqbas	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access VPN Denial of Service Vulnerability	2023-11-01T16:00:00+00:00	2023-11-02T13:47:35+00:00
cisco-sa-asa-icmpv6-t5tzqwnd	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software ICMPv6 Message Processing Denial of Service Vulnerability	2023-11-01T16:00:00+00:00	2023-11-02T13:50:35+00:00
cisco-sa-sdwan-lfi-owlbkuge	Cisco Catalyst SD-WAN Manager Local File Inclusion Vulnerability	2023-10-18T16:00:00+00:00	2023-10-18T16:00:00+00:00
cisco-sa-http2-reset-d8kf32vz	HTTP/2 Rapid Reset Attack Affecting Cisco Products: October 2023	2023-10-16T16:00:00+00:00	2023-12-21T17:09:38+00:00
cisco-sa-iosxe-webui-privesc-j22saa4z	Multiple Vulnerabilities in Cisco IOS XE Software Web UI Feature	2023-10-16T15:00:00+00:00	2023-11-01T15:44:28+00:00
cisco-sa-curl-libcurl-d9ds39cv	cURL and libcurl Vulnerability Affecting Cisco Products: October 2023	2023-10-12T16:00:00+00:00	2024-08-27T18:06:16+00:00
cisco-sa-rdocker-uatbukkn	Cisco IOx Application Hosting Environment Privilege Escalation Vulnerability	2023-10-04T16:00:00+00:00	2023-10-04T16:00:00+00:00
cisco-sa-cucm-apidos-pgsdcdnf	Multiple Cisco Unified Communications Products Unauthenticated API High CPU Utilization Denial of Service Vulnerability	2023-10-04T16:00:00+00:00	2024-05-17T15:07:50+00:00
cisco-sa-cer-priv-esc-b9t3hqk9	Cisco Emergency Responder Static Credentials Vulnerability	2023-10-04T16:00:00+00:00	2023-10-04T16:00:00+00:00
cisco-sa-wlc-wncd-hfgmsfsd	Cisco IOS XE Software for Wireless LAN Controllers Wireless Network Control Denial of Service Vulnerability	2023-09-27T16:00:00+00:00	2023-09-27T16:00:00+00:00
cisco-sa-webui-cmdij-fzzaexay	Cisco IOS XE Software Web UI Command Injection Vulnerability	2023-09-27T16:00:00+00:00	2023-09-27T16:00:00+00:00
cisco-sa-vmanage-html-3zkh8d6x	Cisco Catalyst SD-WAN Manager Web UI HTML Injection Vulnerability	2023-09-27T16:00:00+00:00	2023-09-27T16:00:00+00:00
cisco-sa-sdwan-vman-sc-lrlfu2z	Cisco Catalyst SD-WAN Manager Vulnerabilities	2023-09-27T16:00:00+00:00	2023-10-25T16:37:56+00:00
cisco-sa-mlre-h93fswrz	Cisco IOS XE Software for ASR 1000 Series Aggregation Services Routers IPv6 Multicast Denial of Service Vulnerability	2023-09-27T16:00:00+00:00	2023-09-27T16:00:00+00:00
cisco-sa-ios-xe-l2tp-dos-eb5tufmv	Cisco IOS XE Software Layer 2 Tunneling Protocol Denial of Service Vulnerability	2023-09-27T16:00:00+00:00	2023-09-27T16:00:00+00:00
cisco-sa-getvpn-rce-g8qr68sx	Cisco IOS and IOS XE Software Cisco Group Encrypted Transport VPN Software Out-of-Bounds Write Vulnerability	2023-09-27T16:00:00+00:00	2023-09-27T16:00:00+00:00
cisco-sa-dnac-ins-acc-con-nhavdrbz	Cisco DNA Center API Insufficient Access Control Vulnerability	2023-09-27T16:00:00+00:00	2023-09-27T16:00:00+00:00
cisco-sa-click-ap-dos-wdcxkvnq	Cisco Catalyst 9100 Access Points Denial of Service Vulnerability	2023-09-27T16:00:00+00:00	2023-09-27T16:00:00+00:00
cisco-sa-cbw-dos-ysmbuqx3	Cisco Wireless LAN Controller AireOS Software Denial of Service Vulnerability	2023-09-27T16:00:00+00:00	2023-09-27T16:00:00+00:00
cisco-sa-cat3k-dos-zza4gb3r	Cisco IOS XE Software for Catalyst 3650 and Catalyst 3850 Series Switches Denial of Service Vulnerability	2023-09-27T16:00:00+00:00	2023-09-27T16:00:00+00:00
cisco-sa-appqoe-utd-dos-p8o57p5y	Cisco IOS XE Software Application Quality of Experience and Unified Threat Defense Denial of Service Vulnerability	2023-09-27T16:00:00+00:00	2023-09-27T16:00:00+00:00
cisco-sa-ap-dos-capwap-ddmczs4m	Cisco Access Point Software Uncontrolled Resource Consumption Vulnerability	2023-09-27T16:00:00+00:00	2024-12-12T12:27:21+00:00
cisco-sa-aaascp-tyj4fejm	Cisco IOS and IOS XE Software Command Authorization Bypass Vulnerability	2023-09-27T16:00:00+00:00	2023-10-13T13:36:50+00:00
cisco-sa-lnt-l9zokbz5	Cisco IOS XR Software Image Verification Vulnerability	2023-09-13T16:00:00+00:00	2023-09-13T16:00:00+00:00
cisco-sa-iosxr-ipxe-sigbypass-pymfyqgb	Cisco IOS XR Software iPXE Boot Signature Bypass Vulnerability	2023-09-13T16:00:00+00:00	2024-08-07T15:55:33+00:00
cisco-sa-iosxr-info-gxp7nvcp	Cisco IOS XR Software Model-Driven Programmability Behavior with AAA Authorization	2023-09-13T16:00:00+00:00	2023-09-13T16:00:00+00:00
cisco-sa-ios-xr-cfm-3pwn8mkt	Cisco IOS XR Software Connectivity Fault Management Denial of Service Vulnerability	2023-09-13T16:00:00+00:00	2023-09-13T16:00:00+00:00
cisco-sa-dnx-acl-pyzdkeyf	Cisco IOS XR Software Access Control List Bypass Vulnerability	2023-09-13T16:00:00+00:00	2023-09-13T16:00:00+00:00
cisco-sa-comp3acl-vgmp6bq3	Cisco IOS XR Software Compression ACL Bypass Vulnerability	2023-09-13T16:00:00+00:00	2023-09-13T16:00:00+00:00

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated
msrc_cve-2025-64435	KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation	2025-11-02T00:00:00.000Z	2026-01-02T14:39:36.000Z
msrc_cve-2025-64434	KubeVirt Improper TLS Certificate Management Handling Allows API Identity Spoofing	2025-11-02T00:00:00.000Z	2026-01-02T14:39:30.000Z
msrc_cve-2025-64433	KubeVirt Arbitrary Container File Read	2025-11-02T00:00:00.000Z	2026-01-02T14:39:25.000Z
msrc_cve-2025-64432	KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer	2025-11-02T00:00:00.000Z	2026-01-02T14:39:19.000Z
msrc_cve-2025-64329	containerd CRI server: Host memory exhaustion through Attach goroutine leak	2025-11-02T00:00:00.000Z	2025-12-07T01:47:05.000Z
msrc_cve-2025-64324	KubeVirt Vulnerable to Arbitrary Host File Read and Write	2025-11-02T00:00:00.000Z	2025-12-17T14:35:11.000Z
msrc_cve-2025-62689	NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.	2025-11-02T00:00:00.000Z	2025-11-25T01:40:58.000Z
msrc_cve-2025-61915	OpenPrinting CUPS vulnerable to stack based out-of-bound write	2025-11-02T00:00:00.000Z	2026-01-02T14:40:04.000Z
msrc_cve-2025-61664	Grub2: missing unregister call for normal_exit command may lead to use-after-free	2025-11-02T00:00:00.000Z	2025-12-17T01:36:47.000Z
msrc_cve-2025-61663	Grub2: missing unregister call for normal commands may lead to use-after-free	2025-11-02T00:00:00.000Z	2026-01-03T01:39:02.000Z
msrc_cve-2025-61662	Grub2: missing unregister call for gettext command may lead to use-after-free	2025-11-02T00:00:00.000Z	2026-01-03T01:38:57.000Z
msrc_cve-2025-61661	Grub2: grub2: out-of-bounds write via malicious usb device	2025-11-02T00:00:00.000Z	2026-01-03T01:39:08.000Z
msrc_cve-2025-60876	BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw space (0x20) in the request-target must also be rejected (clients should use %20).	2025-11-02T00:00:00.000Z	2025-12-07T01:50:56.000Z
msrc_cve-2025-60753	An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).	2025-11-02T00:00:00.000Z	2025-11-11T01:01:21.000Z
msrc_cve-2025-59777	NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.	2025-11-02T00:00:00.000Z	2025-11-19T14:35:32.000Z
msrc_cve-2025-58436	OpenPrinting CUPS slow client can halt cupsd, leading to a possible DoS attack	2025-11-02T00:00:00.000Z	2025-12-31T14:36:30.000Z
msrc_cve-2025-54771	Grub2: use-after-free in grub_file_close()	2025-11-02T00:00:00.000Z	2025-11-21T01:03:19.000Z
msrc_cve-2025-54770	Grub2: use-after-free in net_set_vlan	2025-11-02T00:00:00.000Z	2025-11-21T01:03:27.000Z
msrc_cve-2025-52881	runc: LSM labels can be bypassed with malicious config using dummy procfs files	2025-11-02T00:00:00.000Z	2026-01-03T01:39:17.000Z
msrc_cve-2025-52565	container escape due to /dev/console mount and related races	2025-11-02T00:00:00.000Z	2025-12-02T01:39:36.000Z
msrc_cve-2025-47913	Potential denial of service in golang.org/x/crypto/ssh/agent	2025-11-02T00:00:00.000Z	2025-11-25T01:37:18.000Z
msrc_cve-2025-40211	ACPI: video: Fix use-after-free in acpi_video_switch_brightness()	2025-11-02T00:00:00.000Z	2025-12-02T14:35:54.000Z
msrc_cve-2025-40210	Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND"	2025-11-02T00:00:00.000Z	2025-11-25T01:39:58.000Z
msrc_cve-2025-40207	media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try()	2025-11-02T00:00:00.000Z	2025-12-07T01:51:24.000Z
msrc_cve-2025-40206	netfilter: nft_objref: validate objref and objrefmap expressions	2025-11-02T00:00:00.000Z	2025-12-07T01:52:17.000Z
msrc_cve-2025-40205	btrfs: avoid potential out-of-bounds in btrfs_encode_fh()	2025-11-02T00:00:00.000Z	2025-12-07T01:52:11.000Z
msrc_cve-2025-40204	sctp: Fix MAC comparison to be constant-time	2025-11-02T00:00:00.000Z	2025-12-07T01:35:42.000Z
msrc_cve-2025-40202	ipmi: Rework user message limit handling	2025-11-02T00:00:00.000Z	2025-12-07T01:35:54.000Z
msrc_cve-2025-40201	kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths	2025-11-02T00:00:00.000Z	2025-12-07T01:51:54.000Z
msrc_cve-2025-40200	Squashfs: reject negative file sizes in squashfs_read_inode()	2025-11-02T00:00:00.000Z	2025-12-07T01:51:30.000Z

ID	Description	Published	Updated

ID	Description	Updated
var-201108-0285	Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allow…	2025-12-22T22:28:37.620000Z
var-201302-0132	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java …	2025-12-22T22:28:05.896000Z
var-202004-2201	A memory consumption issue was addressed with improved memory handling. This issue is fix…	2025-12-22T22:28:05.590000Z
var-202212-2075	An out-of-bounds read in Organization Specific TLV was found in various versions of Openv…	2025-12-22T22:28:05.282000Z
var-202206-1157	Incomplete cleanup in specific special register write operations for some Intel(R) Proces…	2025-12-22T22:28:05.116000Z
var-201306-0247	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java …	2025-12-22T22:28:04.566000Z
var-201405-0244	The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEA…	2025-12-22T22:28:01.243000Z
var-202201-0437	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Summary: The Migra…	2025-12-22T22:26:21.708000Z
var-201705-3873	In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 me…	2025-12-22T22:26:20.552000Z
var-200705-0670	The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.1…	2025-12-22T22:26:17.477000Z
var-201404-0592	The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly h…	2025-12-22T22:25:45.985000Z
var-202002-1458	eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_requ…	2025-12-22T22:25:40.910000Z
var-202103-0920	An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be …	2025-12-22T22:25:38.767000Z
var-200110-0176	Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox …	2025-12-22T22:25:38.536000Z
var-200609-1400	The Security Framework in Apple Mac OS X 10.4 through 10.4.8 allows remote attackers to c…	2025-12-22T22:25:37.911000Z
var-200110-0214	The Apple Type Services (ATS) server in Mac OS X 10.4.8 and earlier does not securely cre…	2025-12-22T22:25:36.634000Z
var-202103-1554	Netty is an open-source, asynchronous event-driven network application framework for rapi…	2025-12-22T22:25:35.567000Z
var-201804-1163	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari be…	2025-12-22T22:25:34.525000Z
var-201603-0244	Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and…	2025-12-22T22:25:33.303000Z
var-201205-0305	sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI…	2025-12-22T22:25:33.148000Z
var-202006-1838	Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested…	2025-12-22T22:24:22.909000Z
var-200703-0019	Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted at…	2025-12-22T22:24:21.795000Z
var-201103-0287	The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and ea…	2025-12-22T22:24:09.603000Z
var-200703-0016	Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted at…	2025-12-22T22:24:09.518000Z
var-202109-1803	ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No in…	2025-12-22T22:24:04.207000Z
var-201302-0150	Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on …	2025-12-22T22:23:39.487000Z
var-201110-0394	Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK…	2025-12-22T22:23:38.465000Z
var-202004-1972	A race condition was addressed with additional validation. This issue is fixed in iOS 13.…	2025-12-22T22:23:38.165000Z
var-201605-0467	Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4…	2025-12-22T22:23:36.468000Z
var-201710-1400	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari befo…	2025-12-22T22:23:35.804000Z

ID	Description	Published	Updated
jvndb-2023-000115	OSS Calendar vulnerable to SQL injection	2023-11-14T14:05+09:00	2024-05-01T17:38+09:00
jvndb-2023-006199	Multiple security updates for Trend Micro Apex One and Apex One as a Service (November 2023)	2023-11-13T17:28+09:00	2024-03-13T17:28+09:00
jvndb-2023-000112	Multiple vulnerabilities in Pleasanter	2023-11-13T15:57+09:00	2024-04-22T17:56+09:00
jvndb-2023-000114	Multiple vulnerabilities in Cisco Firepower Management Center Software	2023-11-13T14:01+09:00	2024-05-07T15:07+09:00
jvndb-2023-000113	HOTELDRUID vulnerable to cross-site scripting	2023-11-10T14:41+09:00	2024-05-01T17:47+09:00
jvndb-2023-000111	Remarshal unlimitedly expanding YAML alias nodes	2023-11-10T14:41+09:00	2024-05-08T17:53+09:00
jvndb-2023-000107	EC-CUBE 3 series and 4 series vulnerable to arbitrary code execution	2023-11-07T13:47+09:00	2024-05-09T17:17+09:00
jvndb-2023-004919	FUJIFILM Business Innovation Corp. and Xerox Corporation MFPs export Address Books with insufficient encryption strength	2023-11-02T17:21+09:00	2024-05-07T15:25+09:00
jvndb-2023-000110	Improper restriction of XML external entity references (XXE) in e-Tax software	2023-11-02T13:38+09:00	2024-05-01T18:41+09:00
jvndb-2023-004790	Multiple Vulnerabilities in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer	2023-11-02T12:14+09:00	2023-11-02T12:14+09:00
jvndb-2023-004754	MCL Technologies MCL-Net vulnerable to directory traversal	2023-11-01T16:49+09:00	2023-11-01T16:49+09:00
jvndb-2023-000109	Cybozu Remote Service vulnerable to uncontrolled resource consumption	2023-10-31T13:43+09:00	2024-05-07T15:51+09:00
jvndb-2023-000108	Inkdrop vulnerable to code injection	2023-10-30T13:48+09:00	2024-05-07T16:09+09:00
jvndb-2023-004294	Advanced Micro Devices Windows kernel drivers vulnerable to insufficient access control on its IOCTL	2023-10-27T16:10+09:00	2024-05-20T17:49+09:00
jvndb-2023-000106	Multiple vulnerabilities in baserCMS	2023-10-27T14:46+09:00	2024-05-07T15:59+09:00
jvndb-2023-000105	Movable Type vulnerable to cross-site scripting	2023-10-25T15:18+09:00	2024-05-10T17:47+09:00
jvndb-2023-003956	Improper restriction of XML external entity reference (XXE) vulnerability in OMRON CX-Designer	2023-10-24T16:11+09:00	2024-05-10T17:47+09:00
jvndb-2023-000103	HP ThinUpdate vulnerable to improper server certificate verification	2023-10-23T14:26+09:00	2023-10-23T14:26+09:00
jvndb-2023-000102	Multiple vulnerabilities in JustSystems products	2023-10-19T15:16+09:00	2024-05-16T16:44+09:00
jvndb-2023-000104	Improper restriction of XML external entity references (XXE) in Proself	2023-10-18T18:00+09:00	2024-05-15T17:08+09:00
jvndb-2023-003913	Multiple vulnerabilities in JTEKT ELECTRONICS OnSinView2	2023-10-18T14:13+09:00	2024-05-16T17:28+09:00
jvndb-2023-000101	web2py vulnerable to OS command injection	2023-10-16T16:11+09:00	2024-05-22T17:58+09:00
jvndb-2023-000100	Scanning evasion issue in Cisco Secure Email Gateway	2023-10-16T16:11+09:00	2023-10-27T15:52+09:00
jvndb-2023-003788	Out-of-bounds read vulnerability in Keyence KV STUDIO and KV REPLAY VIEWER	2023-10-11T15:23+09:00	2024-05-16T17:09+09:00
jvndb-2023-000098	e-Gov Client Application fails to restrict custom URL schemes properly	2023-10-06T14:57+09:00	2024-05-17T17:55+09:00
jvndb-2023-003771	File and Directory Permissions Vulnerability in JP1/Performance Management	2023-10-04T15:23+09:00	2023-10-04T15:23+09:00
jvndb-2023-003770	DoS Vulnerability in Hitachi Ops Center Common Services	2023-10-04T15:23+09:00	2024-05-22T15:31+09:00
jvndb-2023-003769	Information Exposure Vulnerability in Hitachi Ops Center Administrator	2023-10-04T15:23+09:00	2024-05-22T15:20+09:00
jvndb-2023-000097	Citadel WebCit vulnerable to cross-site scripting on Instant Messaging facility	2023-10-04T14:07+09:00	2024-05-21T17:08+09:00
jvndb-2023-003767	Multiple vulnerabilities in multiple FURUNO SYSTEMS wireless LAN access point devices in ST(Standalone) mode	2023-10-03T14:26+09:00	2024-05-22T18:01+09:00

ID	Description	Updated

ID	Description	Published	Updated
suse-su-2025:4072-1	Security update for containerd	2025-11-12T10:33:38Z	2025-11-12T10:33:38Z
suse-su-2025:4068-1	Security update for lasso	2025-11-12T08:04:16Z	2025-11-12T08:04:16Z
suse-su-2025:4067-1	Security update for openssh	2025-11-12T08:03:27Z	2025-11-12T08:03:27Z
suse-su-2025:4064-1	Security update for the Linux Kernel (Live Patch 60 for SUSE Linux Enterprise 15 SP3)	2025-11-12T02:35:06Z	2025-11-12T02:35:06Z
suse-su-2025:4063-1	Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP6)	2025-11-12T02:34:57Z	2025-11-12T02:34:57Z
suse-su-2025:4062-1	Security update for the Linux Kernel (Live Patch 29 for SUSE Linux Enterprise 15 SP5)	2025-11-11T18:36:41Z	2025-11-11T18:36:41Z
suse-su-2025:4059-1	Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP5)	2025-11-11T18:36:30Z	2025-11-11T18:36:30Z
suse-su-2025:4058-1	Security update for the Linux Kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5)	2025-11-11T18:36:17Z	2025-11-11T18:36:17Z
suse-su-2025:4057-1	Security update for the Linux Kernel	2025-11-11T18:36:09Z	2025-11-11T18:36:09Z
suse-su-2025:4056-1	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP7)	2025-11-11T18:35:25Z	2025-11-11T18:35:25Z
suse-su-2025:3681-1	Security update for go1.25	2025-11-11T18:34:57Z	2025-11-11T18:34:57Z
suse-su-2025:4054-1	Security update for ongres-scram	2025-11-11T14:04:30Z	2025-11-11T14:04:30Z
suse-su-2025:4053-1	Security update for qatengine, qatlib	2025-11-11T13:46:58Z	2025-11-11T13:46:58Z
suse-su-2025:4050-1	Security update for the Linux Kernel (Live Patch 25 for SUSE Linux Enterprise 15 SP5)	2025-11-11T09:33:48Z	2025-11-11T09:33:48Z
suse-su-2025:4043-1	Security update for the Linux Kernel (Live Patch 20 for SUSE Linux Enterprise 15 SP5)	2025-11-11T07:03:50Z	2025-11-11T07:03:50Z
suse-su-2025:4046-1	Security update for the Linux Kernel (Live Patch 43 for SUSE Linux Enterprise 15 SP4)	2025-11-11T02:33:47Z	2025-11-11T02:33:47Z
suse-su-2025:4040-1	Security update for the Linux Kernel (Live Patch 42 for SUSE Linux Enterprise 15 SP4)	2025-11-10T19:03:48Z	2025-11-10T19:03:48Z
suse-su-2025:4039-1	Security update for java-1_8_0-openjdk	2025-11-10T15:05:07Z	2025-11-10T15:05:07Z
suse-su-2025:21038-1	Security update for podman	2025-11-10T14:47:12Z	2025-11-10T14:47:12Z
suse-su-2025:21037-1	Security update for tiff	2025-11-10T14:45:27Z	2025-11-10T14:45:27Z
suse-su-2025:21036-1	Security update for runc	2025-11-10T14:45:27Z	2025-11-10T14:45:27Z
suse-su-2025:21067-1	Security update for powerpc-utils	2025-11-10T14:24:22Z	2025-11-10T14:24:22Z
suse-su-2025:21054-1	Security update for runc	2025-11-10T14:24:22Z	2025-11-10T14:24:22Z
suse-su-2025:4038-1	Security update for java-1_8_0-openjdk	2025-11-10T14:22:51Z	2025-11-10T14:22:51Z
suse-su-2025:4036-1	Security update for the Linux Kernel (Live Patch 32 for SUSE Linux Enterprise 15 SP4)	2025-11-10T14:04:15Z	2025-11-10T14:04:15Z
suse-su-2025:4035-1	Security update for erlang26	2025-11-10T13:47:05Z	2025-11-10T13:47:05Z
suse-su-2025:4029-1	Security update for squid	2025-11-10T11:44:34Z	2025-11-10T11:44:34Z
suse-su-2025:4026-1	Security update for squid	2025-11-10T09:12:43Z	2025-11-10T09:12:43Z
suse-su-2025:4024-1	Security update for the Linux Kernel (Live Patch 63 for SUSE Linux Enterprise 12 SP5)	2025-11-10T08:14:25Z	2025-11-10T08:14:25Z
suse-su-2025:4016-1	Security update for the Linux Kernel (Live Patch 49 for SUSE Linux Enterprise 15 SP3)	2025-11-10T08:13:30Z	2025-11-10T08:13:30Z

ID	Description	Published	Updated
opensuse-su-2025:15530-1	trivy-0.65.0-2.1 on GA media	2025-09-05T00:00:00Z	2025-09-05T00:00:00Z
opensuse-su-2025:15529-1	traefik-3.5.1-1.1 on GA media	2025-09-05T00:00:00Z	2025-09-05T00:00:00Z
opensuse-su-2025:15528-1	python311-Django4-4.2.24-1.1 on GA media	2025-09-05T00:00:00Z	2025-09-05T00:00:00Z
opensuse-su-2025:15527-1	python311-Django-5.2.6-1.1 on GA media	2025-09-05T00:00:00Z	2025-09-05T00:00:00Z
opensuse-su-2025:15526-1	libsixel-bash-completion-1.10.5-2.1 on GA media	2025-09-05T00:00:00Z	2025-09-05T00:00:00Z
opensuse-su-2025:15525-1	go1.25-1.25.1-1.1 on GA media	2025-09-05T00:00:00Z	2025-09-05T00:00:00Z
opensuse-su-2025:15524-1	chromedriver-140.0.7339.80-1.1 on GA media	2025-09-05T00:00:00Z	2025-09-05T00:00:00Z
opensuse-su-2025:15523-1	7zip-25.01-1.1 on GA media	2025-09-05T00:00:00Z	2025-09-05T00:00:00Z
opensuse-su-2025:15522-1	libwireshark18-4.4.9-2.1 on GA media	2025-09-04T00:00:00Z	2025-09-04T00:00:00Z
opensuse-su-2025:15521-1	libpodofo-0_10-devel-0.10.5-1.1 on GA media	2025-09-04T00:00:00Z	2025-09-04T00:00:00Z
opensuse-su-2025:15520-1	netty-4.1.126-1.1 on GA media	2025-09-04T00:00:00Z	2025-09-04T00:00:00Z
opensuse-su-2025:15519-1	python311-ruff-0.12.11-2.1 on GA media	2025-09-03T00:00:00Z	2025-09-03T00:00:00Z
opensuse-su-2025:15518-1	python311-maturin-1.9.4-1.1 on GA media	2025-09-03T00:00:00Z	2025-09-03T00:00:00Z
opensuse-su-2025:15517-1	himmelblau-1.2.2+git.0.2d04bca-1.1 on GA media	2025-09-03T00:00:00Z	2025-09-03T00:00:00Z
opensuse-su-2025:15516-1	MozillaFirefox-142.0.1-1.1 on GA media	2025-09-03T00:00:00Z	2025-09-03T00:00:00Z
opensuse-su-2025:15515-1	regclient-0.9.2-1.1 on GA media	2025-09-02T00:00:00Z	2025-09-02T00:00:00Z
opensuse-su-2025:15514-1	python311-uv-0.8.14-2.1 on GA media	2025-09-02T00:00:00Z	2025-09-02T00:00:00Z
opensuse-su-2025:15513-1	libmupen64plus-devel-2.6.0-2.1 on GA media	2025-09-02T00:00:00Z	2025-09-02T00:00:00Z
opensuse-su-2025:15512-1	bpftop-0.7.1-1.1 on GA media	2025-09-02T00:00:00Z	2025-09-02T00:00:00Z
opensuse-su-2025:15511-1	libudisks2-0-2.10.1-4.1 on GA media	2025-09-01T00:00:00Z	2025-09-01T00:00:00Z
opensuse-su-2025:15510-1	traefik2-2.11.29-1.1 on GA media	2025-09-01T00:00:00Z	2025-09-01T00:00:00Z
opensuse-su-2025:15509-1	sbctl-0.17-2.1 on GA media	2025-09-01T00:00:00Z	2025-09-01T00:00:00Z
opensuse-su-2025:15508-1	rekor-1.4.1-1.1 on GA media	2025-09-01T00:00:00Z	2025-09-01T00:00:00Z
opensuse-su-2025:15507-1	python311-eventlet-0.40.3-1.1 on GA media	2025-09-01T00:00:00Z	2025-09-01T00:00:00Z
opensuse-su-2025:15506-1	jupyter-bqplot-jupyterlab-0.5.46-13.1 on GA media	2025-09-01T00:00:00Z	2025-09-01T00:00:00Z
opensuse-su-2025:15505-1	kured-1.20.0-1.1 on GA media	2025-09-01T00:00:00Z	2025-09-01T00:00:00Z
opensuse-su-2025:15504-1	dcmtk-3.6.9-4.1 on GA media	2025-09-01T00:00:00Z	2025-09-01T00:00:00Z
opensuse-su-2025:15503-1	tailscale-1.86.5-1.1 on GA media	2025-08-29T00:00:00Z	2025-08-29T00:00:00Z
opensuse-su-2025:15502-1	jupyter-nbdime-7.0.2-23.1 on GA media	2025-08-29T00:00:00Z	2025-08-29T00:00:00Z
opensuse-su-2025:15501-1	libpcre2-16-0-10.46-1.1 on GA media	2025-08-29T00:00:00Z	2025-08-29T00:00:00Z

ID	Description	Published	Updated
cnvd-2025-29161	Dell SmartFabric OS10 Software命令注入漏洞	2025-11-20	2025-11-21
cnvd-2025-29160	Dell SmartFabric OS10 Software代码注入漏洞	2025-11-20	2025-11-21
cnvd-2025-29159	Fortinet FortiWeb信任管理问题漏洞	2025-11-20	2025-11-21
cnvd-2025-29158	Fortinet FortiExtender缓冲区溢出漏洞	2025-11-20	2025-11-21
cnvd-2025-29157	Fortinet FortiClientWindows访问控制错误漏洞	2025-11-20	2025-11-21
cnvd-2025-29156	Fortinet FortiADC缓冲区溢出漏洞（CNVD-2025-29156）	2025-11-20	2025-11-21
cnvd-2025-29136	WordPress Like-it plugin跨站请求伪造漏洞	2025-11-20	2025-11-21
cnvd-2025-29135	WordPress Gutenify plugin跨站脚本漏洞	2025-11-20	2025-11-21
cnvd-2025-29134	WordPress everviz plugin跨站脚本漏洞	2025-11-20	2025-11-21
cnvd-2025-29133	WordPress Download Panel plugin未经授权的设置修改漏洞	2025-11-20	2025-11-21
cnvd-2025-29132	WordPress CSV to SortTable plugin跨站脚本漏洞	2025-11-20	2025-11-21
cnvd-2025-29131	WordPress Coil Web Monetization plugin跨站请求伪造漏洞	2025-11-20	2025-11-21
cnvd-2025-29130	WordPress Category and Product Woocommerce Tabs plugin文件包含漏洞	2025-11-20	2025-11-21
cnvd-2025-29129	WordPress ArtiBot Free Chat Bot for WebSites plugin跨站脚本漏洞	2025-11-20	2025-11-21
cnvd-2025-29118	Responsive Hotel Site usersettingdel.php文件SQL注入漏洞	2025-11-20	2025-11-21
cnvd-2025-29117	Responsive Hotel Site usersetting.php文件SQL注入漏洞	2025-11-20	2025-11-21
cnvd-2025-29019	Siemens PS/IGES Parasolid Translator Component越界读取漏洞	2025-11-20	2025-11-17
cnvd-2025-28982	Siemens Mendix Rich Text组件跨站脚本漏洞	2025-11-20	2025-11-17
cnvd-2026-00025	Linksys E1200堆栈缓冲区溢出漏洞（CNVD-2026-00025）	2025-11-18	2026-01-04
cnvd-2026-00024	Linksys E1200堆栈缓冲区溢出漏洞（CNVD-2026-00024）	2025-11-18	2026-01-04
cnvd-2025-31391	Apache OpenOffice外部文件加载漏洞	2025-11-18	2025-12-25
cnvd-2025-31390	Apache OpenOffice越界写漏洞	2025-11-18	2025-12-23
cnvd-2025-30949	D-Link DIR-823G命令注入漏洞（CNVD-2025-30949）	2025-11-18	2025-12-18
cnvd-2025-30367	Student Record Management System login.php文件SQL注入漏洞	2025-11-18	2025-12-10
cnvd-2025-29969	Linksys E1200命令注入漏洞	2025-11-18	2025-12-04
cnvd-2025-29968	Linksys E1200堆栈缓冲区溢出漏洞	2025-11-18	2025-12-04
cnvd-2025-29715	TOTOLINK LR1200GB命令注入漏洞	2025-11-18	2025-12-02
cnvd-2025-29714	TOTOLINK A950RG命令注入漏洞	2025-11-18	2025-12-02
cnvd-2025-29713	TOTOLINK A950RG缓冲区溢出漏洞	2025-11-18	2025-12-02
cnvd-2025-29712	TOTOLINK A720R堆栈缓冲区溢出漏洞	2025-11-18	2025-12-02

ID	Description	Published	Updated
certfr-2025-avi-0752	Multiples vulnérabilités dans Google Pixel	2025-09-04T00:00:00.000000	2025-09-04T00:00:00.000000
certfr-2025-avi-0751	Multiples vulnérabilités dans les produits VMware	2025-09-03T00:00:00.000000	2025-09-03T00:00:00.000000
certfr-2025-avi-0750	Multiples vulnérabilités dans Google Android	2025-09-03T00:00:00.000000	2025-09-03T00:00:00.000000
certfr-2025-avi-0749	Multiples vulnérabilités dans Google Chrome	2025-09-03T00:00:00.000000	2025-09-03T00:00:00.000000
certfr-2025-avi-0748	Vulnérabilité dans les produits Liferay	2025-09-02T00:00:00.000000	2025-09-02T00:00:00.000000
certfr-2025-avi-0747	Multiples vulnérabilités dans les produits Qnap	2025-09-01T00:00:00.000000	2025-09-01T00:00:00.000000
certfr-2025-avi-0746	Multiples vulnérabilités dans les produits IBM	2025-08-29T00:00:00.000000	2025-08-29T00:00:00.000000
certfr-2025-avi-0745	Multiples vulnérabilités dans le noyau Linux de SUSE	2025-08-29T00:00:00.000000	2025-08-29T00:00:00.000000
certfr-2025-avi-0744	Multiples vulnérabilités dans le noyau Linux de Red Hat	2025-08-29T00:00:00.000000	2025-08-29T00:00:00.000000
certfr-2025-avi-0743	Multiples vulnérabilités dans le noyau Linux d'Ubuntu	2025-08-29T00:00:00.000000	2025-08-29T00:00:00.000000
certfr-2025-avi-0742	Vulnérabilité dans Microsoft Edge	2025-08-29T00:00:00.000000	2025-08-29T00:00:00.000000
certfr-2025-avi-0741	Vulnérabilité dans Wireshark	2025-08-29T00:00:00.000000	2025-08-29T00:00:00.000000
certfr-2025-avi-0740	Multiples vulnérabilités dans Tenable Security Center	2025-08-29T00:00:00.000000	2025-08-29T00:00:00.000000
certfr-2025-avi-0739	Multiples vulnérabilités dans Asterisk	2025-08-29T00:00:00.000000	2025-08-29T00:00:00.000000
certfr-2025-avi-0738	Multiples vulnérabilités dans les produits Elastic	2025-08-29T00:00:00.000000	2025-08-29T00:00:00.000000
certfr-2025-avi-0737	Multiples vulnérabilités dans les produits Cisco	2025-08-28T00:00:00.000000	2025-08-28T00:00:00.000000
certfr-2025-avi-0736	Multiples vulnérabilités dans GitLab	2025-08-28T00:00:00.000000	2025-08-28T00:00:00.000000
certfr-2025-avi-0735	Vulnérabilité dans GLPI	2025-08-28T00:00:00.000000	2025-08-28T00:00:00.000000
certfr-2025-avi-0734	Vulnérabilité dans ISC Kea DHCP	2025-08-28T00:00:00.000000	2025-08-28T00:00:00.000000
certfr-2025-avi-0733	Vulnérabilité dans Nagios XI	2025-08-28T00:00:00.000000	2025-08-28T00:00:00.000000
certfr-2025-avi-0732	Vulnérabilité dans Google Chrome	2025-08-27T00:00:00.000000	2025-08-27T00:00:00.000000
certfr-2025-avi-0731	Vulnérabilité dans Shibboleth Identity Provider	2025-08-27T00:00:00.000000	2025-08-27T00:00:00.000000
certfr-2025-avi-0730	Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway	2025-08-26T00:00:00.000000	2025-08-26T00:00:00.000000
certfr-2025-avi-0729	Multiples vulnérabilités dans Qnap File Station	2025-08-26T00:00:00.000000	2025-08-26T00:00:00.000000
certfr-2025-avi-0728	Vulnérabilité dans Centreon Web	2025-08-25T00:00:00.000000	2025-08-25T00:00:00.000000
certfr-2025-avi-0727	Multiples vulnérabilités dans les produits ESET	2025-08-25T00:00:00.000000	2025-08-25T00:00:00.000000
certfr-2025-avi-0726	Vulnérabilité dans les produits Moxa	2025-08-25T00:00:00.000000	2025-08-25T00:00:00.000000
certfr-2025-avi-0725	Vulnérabilité dans Liferay	2025-08-25T00:00:00.000000	2025-08-25T00:00:00.000000
certfr-2025-avi-0724	Multiples vulnérabilités dans les produits IBM	2025-08-22T00:00:00.000000	2025-08-22T00:00:00.000000
certfr-2025-avi-0723	Multiples vulnérabilités dans le noyau Linux de SUSE	2025-08-22T00:00:00.000000	2025-08-22T00:00:00.000000

ID	Description	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated