Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-28372 |
7.4 (3.1)
|
telnetd in GNU inetutils through 2.7 allows privi… |
GNU |
inetutils |
2026-02-27T05:28:17.383Z | 2026-02-28T04:55:43.235Z |
| CVE-2026-2492 |
7 (3.0)
|
TensorFlow HDF5 Library Uncontrolled Search Path Eleme… |
TensorFlow |
TensorFlow |
2026-02-20T22:22:54.392Z | 2026-02-28T04:55:41.592Z |
| CVE-2026-3223 |
8.4 (4.0)
|
Zip Slip leading to Arbitrary File Write and Privilege… |
Google |
Web Designer |
2026-02-27T13:12:38.809Z | 2026-02-28T04:55:40.466Z |
| CVE-2025-9907 |
6.7 (3.1)
|
Event-driven-ansible: event stream test mode exposes s… |
Red Hat |
Red Hat Ansible Automation Platform 2.5 for RHEL 8 |
2026-02-27T07:29:06.070Z | 2026-02-28T04:55:39.096Z |
| CVE-2025-9908 |
6.7 (3.1)
|
Event-driven-ansible: sensitive internal headers discl… |
Red Hat |
Red Hat Ansible Automation Platform 2.5 for RHEL 8 |
2026-02-27T07:29:32.368Z | 2026-02-28T04:55:37.926Z |
| CVE-2026-2251 |
9.8 (3.1)
|
Path Traversal leading to Remote Code Execution (RCE) |
Xerox |
FreeFlow Core |
2026-02-27T08:08:52.263Z | 2026-02-28T04:55:29.310Z |
| CVE-2026-27967 |
7.1 (3.1)
|
Symlink Escape in Agent File Tools |
zed-industries |
zed |
2026-02-25T23:33:21.477Z | 2026-02-28T04:55:28.156Z |
| CVE-2026-27966 |
9.8 (3.1)
|
Langflow has Remote Code Execution in CSV Agent |
langflow-ai |
langflow |
2026-02-26T01:55:18.580Z | 2026-02-28T04:55:26.622Z |
| CVE-2026-21619 |
2 (4.0)
|
Unsafe Deserialization of Erlang Terms in hex_core |
hexpm |
hex_core |
2026-02-27T17:57:11.513Z | 2026-02-28T03:47:44.873Z |
| CVE-2026-27021 |
6.9 (4.0)
|
Discourse: Poll voters endpoint lacked post visibility… |
discourse |
discourse |
2026-02-26T19:50:56.341Z | 2026-02-28T03:25:15.137Z |
| CVE-2026-2775 |
9.8 (3.1)
|
Mitigation bypass in the DOM: HTML Parser component |
Mozilla |
Firefox |
2026-02-24T13:33:11.553Z | 2026-02-28T03:21:34.289Z |
| CVE-2026-2776 |
10 (3.1)
|
Sandbox escape due to incorrect boundary conditions in… |
Mozilla |
Firefox |
2026-02-24T13:33:12.247Z | 2026-02-28T03:19:44.671Z |
| CVE-2026-2778 |
10 (3.1)
|
Sandbox escape due to incorrect boundary conditions in… |
Mozilla |
Firefox |
2026-02-24T13:33:13.564Z | 2026-02-28T03:18:10.437Z |
| CVE-2026-2779 |
9.8 (3.1)
|
Incorrect boundary conditions in the Networking: JAR c… |
Mozilla |
Firefox |
2026-02-24T13:33:14.195Z | 2026-02-28T03:16:09.978Z |
| CVE-2026-2784 |
9.8 (3.1)
|
Mitigation bypass in the DOM: Security component |
Mozilla |
Firefox |
2026-02-24T13:33:17.554Z | 2026-02-28T03:14:35.231Z |
| CVE-2026-2788 |
9.8 (3.1)
|
Incorrect boundary conditions in the Audio/Video: GMP … |
Mozilla |
Firefox |
2026-02-24T13:33:20.287Z | 2026-02-28T03:12:31.648Z |
| CVE-2026-2791 |
9.8 (3.1)
|
Mitigation bypass in the Networking: Cache component |
Mozilla |
Firefox |
2026-02-24T13:33:22.237Z | 2026-02-28T03:10:50.975Z |
| CVE-2023-37028 |
6.5 (3.1)
|
A Null pointer dereference vulnerability in the M… |
n/a |
n/a |
2025-01-21T00:00:00.000Z | 2026-02-28T03:06:39.990Z |
| CVE-2024-29741 |
7.8 (3.1)
|
In pblS2mpuResume of s2mpu.c, there is a possible… |
Google |
Android |
2024-04-05T20:02:15.409Z | 2026-02-28T03:02:40.798Z |
| CVE-2024-26480 |
7.5 (3.1)
|
An issue in Statping-ng v.0.91.0 allows an attack… |
n/a |
n/a |
2026-02-11T00:00:00.000Z | 2026-02-28T03:01:46.335Z |
| CVE-2025-69971 |
9.8 (3.1)
|
FUXA v1.2.7 contains a hard-coded credential vuln… |
n/a |
n/a |
2026-02-03T00:00:00.000Z | 2026-02-28T02:59:59.337Z |
| CVE-2025-69421 |
N/A
|
NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex… |
OpenSSL |
OpenSSL |
2026-01-27T16:01:26.435Z | 2026-02-28T02:58:24.792Z |
| CVE-2025-66374 |
7.8 (3.1)
|
CyberArk Endpoint Privilege Manager Agent through… |
n/a |
n/a |
2026-02-03T00:00:00.000Z | 2026-02-28T02:56:22.099Z |
| CVE-2025-65887 |
6.5 (3.1)
|
A division-by-zero vulnerability in the flow.floo… |
n/a |
n/a |
2026-01-28T00:00:00.000Z | 2026-02-28T02:54:45.328Z |
| CVE-2025-6591 |
0 (4.0)
|
HTML injection in API action=feedcontributions output … |
Wikimedia Foundation |
MediaWiki |
2026-02-02T23:02:33.728Z | 2026-02-28T02:52:57.390Z |
| CVE-2026-2773 |
9.8 (3.1)
|
Incorrect boundary conditions in the Web Audio component |
Mozilla |
Firefox |
2026-02-24T13:33:10.177Z | 2026-02-28T02:38:52.756Z |
| CVE-2026-2766 |
9.8 (3.1)
|
Use-after-free in the JavaScript Engine: JIT component |
Mozilla |
Firefox |
2026-02-24T13:33:04.946Z | 2026-02-28T02:32:50.044Z |
| CVE-2026-2765 |
9.8 (3.1)
|
Use-after-free in the JavaScript Engine component |
Mozilla |
Firefox |
2026-02-24T13:33:03.943Z | 2026-02-28T02:31:24.689Z |
| CVE-2026-2764 |
9.8 (3.1)
|
JIT miscompilation, use-after-free in the JavaScript E… |
Mozilla |
Firefox |
2026-02-24T13:33:03.207Z | 2026-02-28T02:29:08.622Z |
| CVE-2026-2763 |
9.8 (3.1)
|
Use-after-free in the JavaScript Engine component |
Mozilla |
Firefox |
2026-02-24T13:33:02.514Z | 2026-02-28T02:27:22.934Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-2791 |
9.8 (3.1)
|
Mitigation bypass in the Networking: Cache component |
Mozilla |
Firefox |
2026-02-24T13:33:22.237Z | 2026-02-28T03:10:50.975Z |
| CVE-2026-2788 |
9.8 (3.1)
|
Incorrect boundary conditions in the Audio/Video: GMP … |
Mozilla |
Firefox |
2026-02-24T13:33:20.287Z | 2026-02-28T03:12:31.648Z |
| CVE-2026-2784 |
9.8 (3.1)
|
Mitigation bypass in the DOM: Security component |
Mozilla |
Firefox |
2026-02-24T13:33:17.554Z | 2026-02-28T03:14:35.231Z |
| CVE-2026-2779 |
9.8 (3.1)
|
Incorrect boundary conditions in the Networking: JAR c… |
Mozilla |
Firefox |
2026-02-24T13:33:14.195Z | 2026-02-28T03:16:09.978Z |
| CVE-2026-2778 |
10 (3.1)
|
Sandbox escape due to incorrect boundary conditions in… |
Mozilla |
Firefox |
2026-02-24T13:33:13.564Z | 2026-02-28T03:18:10.437Z |
| CVE-2026-2776 |
10 (3.1)
|
Sandbox escape due to incorrect boundary conditions in… |
Mozilla |
Firefox |
2026-02-24T13:33:12.247Z | 2026-02-28T03:19:44.671Z |
| CVE-2026-2775 |
9.8 (3.1)
|
Mitigation bypass in the DOM: HTML Parser component |
Mozilla |
Firefox |
2026-02-24T13:33:11.553Z | 2026-02-28T03:21:34.289Z |
| CVE-2025-6591 |
0 (4.0)
|
HTML injection in API action=feedcontributions output … |
Wikimedia Foundation |
MediaWiki |
2026-02-02T23:02:33.728Z | 2026-02-28T02:52:57.390Z |
| CVE-2025-69971 |
9.8 (3.1)
|
FUXA v1.2.7 contains a hard-coded credential vuln… |
n/a |
n/a |
2026-02-03T00:00:00.000Z | 2026-02-28T02:59:59.337Z |
| CVE-2025-69421 |
N/A
|
NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex… |
OpenSSL |
OpenSSL |
2026-01-27T16:01:26.435Z | 2026-02-28T02:58:24.792Z |
| CVE-2025-66374 |
7.8 (3.1)
|
CyberArk Endpoint Privilege Manager Agent through… |
n/a |
n/a |
2026-02-03T00:00:00.000Z | 2026-02-28T02:56:22.099Z |
| CVE-2025-65887 |
6.5 (3.1)
|
A division-by-zero vulnerability in the flow.floo… |
n/a |
n/a |
2026-01-28T00:00:00.000Z | 2026-02-28T02:54:45.328Z |
| CVE-2024-26480 |
7.5 (3.1)
|
An issue in Statping-ng v.0.91.0 allows an attack… |
n/a |
n/a |
2026-02-11T00:00:00.000Z | 2026-02-28T03:01:46.335Z |
| CVE-2026-2773 |
9.8 (3.1)
|
Incorrect boundary conditions in the Web Audio component |
Mozilla |
Firefox |
2026-02-24T13:33:10.177Z | 2026-02-28T02:38:52.756Z |
| CVE-2026-2766 |
9.8 (3.1)
|
Use-after-free in the JavaScript Engine: JIT component |
Mozilla |
Firefox |
2026-02-24T13:33:04.946Z | 2026-02-28T02:32:50.044Z |
| CVE-2026-2765 |
9.8 (3.1)
|
Use-after-free in the JavaScript Engine component |
Mozilla |
Firefox |
2026-02-24T13:33:03.943Z | 2026-02-28T02:31:24.689Z |
| CVE-2026-2764 |
9.8 (3.1)
|
JIT miscompilation, use-after-free in the JavaScript E… |
Mozilla |
Firefox |
2026-02-24T13:33:03.207Z | 2026-02-28T02:29:08.622Z |
| CVE-2026-2763 |
9.8 (3.1)
|
Use-after-free in the JavaScript Engine component |
Mozilla |
Firefox |
2026-02-24T13:33:02.514Z | 2026-02-28T02:27:22.934Z |
| CVE-2026-2762 |
9.8 (3.1)
|
Integer overflow in the JavaScript: Standard Library c… |
Mozilla |
Firefox |
2026-02-24T13:33:01.761Z | 2026-02-28T02:25:03.772Z |
| CVE-2026-3054 |
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
|
Alinto SOGo cross site scripting |
Alinto |
SOGo |
2026-02-24T02:02:06.992Z | 2026-02-24T20:45:48.226Z |
| CVE-2026-26369 |
9.3 (4.0)
9.8 (3.1)
|
JUNG eNet SMART HOME server 2.2.1/2.3.1 Privilege Esca… |
JUNG |
eNet SMART HOME server |
2026-02-15T15:29:56.204Z | 2026-02-17T16:50:04.129Z |
| CVE-2026-26368 |
8.7 (4.0)
8.8 (3.1)
|
JUNG eNet SMART HOME server 2.2.1/2.3.1 Account Takeov… |
JUNG |
eNet SMART HOME server |
2026-02-15T15:29:55.403Z | 2026-02-17T16:50:34.868Z |
| CVE-2026-23595 |
8.8 (3.1)
|
Unauthenticated Authentication Bypass in application A… |
Hewlett Packard Enterprise (HPE) |
HPE Aruba Networking Private 5G Core |
2026-02-17T20:45:43.833Z | 2026-02-18T15:18:41.436Z |
| CVE-2026-23596 |
6.5 (3.1)
|
Unauthenticated Improper Access Control in management … |
Hewlett Packard Enterprise (HPE) |
HPE Aruba Networking Private 5G Core |
2026-02-17T20:46:12.694Z | 2026-02-18T15:15:27.361Z |
| CVE-2026-23598 |
6.5 (3.1)
|
Unauthenticated Information Disclosure in application … |
Hewlett Packard Enterprise (HPE) |
HPE Aruba Networking Private 5G Core |
2026-02-17T20:47:21.374Z | 2026-02-27T14:19:25.480Z |
| CVE-2026-23597 |
6.5 (3.1)
|
Unauthenticated Information Disclosure in application … |
Hewlett Packard Enterprise (HPE) |
HPE Aruba Networking Private 5G Core |
2026-02-17T20:46:45.035Z | 2026-02-18T14:42:46.651Z |
| CVE-2024-55928 |
6.5 (3.1)
|
Clear text secrets returned & Remote system secrets in… |
Xerox |
Xerox Workplace Suite |
2025-01-23T17:25:46.915Z | 2025-02-24T17:16:19.462Z |
| CVE-2024-55927 |
7.6 (3.1)
|
Flawed token generation implementation & Hard-coded ke… |
Xerox |
Xerox Workplace Suite |
2025-01-23T17:20:29.974Z | 2025-02-24T17:12:10.831Z |
| CVE-2024-55926 |
7.6 (3.1)
|
Arbitrary file upload, deletion and read through heade… |
Xerox |
Xerox Workplace Suite |
2025-01-23T17:12:21.371Z | 2025-02-24T17:11:02.567Z |
| CVE-2024-55925 |
7.5 (3.1)
|
API Security bypass through header manipulation |
Xerox |
Xerox Workplace Suite |
2025-01-23T17:03:33.187Z | 2025-09-17T16:49:42.753Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-2791 | Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148, Fir… | 2026-02-24T14:16:27.580 | 2026-02-28T04:16:19.447 |
| fkie_cve-2026-2788 | Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox… | 2026-02-24T14:16:27.260 | 2026-02-28T04:16:19.250 |
| fkie_cve-2026-2784 | Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 148, Firefox… | 2026-02-24T14:16:26.847 | 2026-02-28T04:16:19.063 |
| fkie_cve-2026-2779 | Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox … | 2026-02-24T14:16:26.330 | 2026-02-28T04:16:18.877 |
| fkie_cve-2026-2778 | Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnera… | 2026-02-24T14:16:26.230 | 2026-02-28T04:16:18.683 |
| fkie_cve-2026-2776 | Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software… | 2026-02-24T14:16:26.023 | 2026-02-28T04:16:18.490 |
| fkie_cve-2026-2775 | Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Fire… | 2026-02-24T14:16:25.917 | 2026-02-28T04:16:18.283 |
| fkie_cve-2025-6591 | Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program file… | 2026-02-02T23:16:01.653 | 2026-02-28T04:16:17.870 |
| fkie_cve-2025-69971 | FUXA v1.2.7 contains a hard-coded credential vulnerability in server/api/jwt-helper.js. The applica… | 2026-02-03T18:16:17.370 | 2026-02-28T04:16:17.690 |
| fkie_cve-2025-69421 | Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PK… | 2026-01-27T16:16:34.437 | 2026-02-28T04:16:17.457 |
| fkie_cve-2025-66374 | CyberArk Endpoint Privilege Manager Agent through 25.10.0 allows a local user to achieve privilege … | 2026-02-03T18:16:15.920 | 2026-02-28T04:16:17.283 |
| fkie_cve-2025-65887 | A division-by-zero vulnerability in the flow.floor_divide() component of OneFlow v0.9.0 allows atta… | 2026-01-28T17:16:08.313 | 2026-02-28T04:16:17.103 |
| fkie_cve-2024-26480 | An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted r… | 2026-02-11T20:16:06.883 | 2026-02-28T04:16:16.357 |
| fkie_cve-2026-2773 | Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148,… | 2026-02-24T14:16:25.703 | 2026-02-28T03:16:04.443 |
| fkie_cve-2026-2766 | Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, F… | 2026-02-24T14:16:24.973 | 2026-02-28T03:16:04.233 |
| fkie_cve-2026-2765 | Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefo… | 2026-02-24T14:16:24.860 | 2026-02-28T03:16:04.023 |
| fkie_cve-2026-2764 | JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affe… | 2026-02-24T14:16:24.737 | 2026-02-28T03:16:03.823 |
| fkie_cve-2026-2763 | Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefo… | 2026-02-24T14:16:24.620 | 2026-02-28T03:16:03.627 |
| fkie_cve-2026-2762 | Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox … | 2026-02-24T14:16:24.480 | 2026-02-28T03:16:03.350 |
| fkie_cve-2026-3054 | A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The … | 2026-02-24T03:16:02.977 | 2026-02-28T01:36:15.960 |
| fkie_cve-2026-26369 | eNet SMART HOME server 2.2.1 and 2.3.1 contains a privilege escalation vulnerability due to insuffi… | 2026-02-15T16:15:54.407 | 2026-02-28T01:34:28.150 |
| fkie_cve-2026-26368 | eNet SMART HOME server 2.2.1 and 2.3.1 contains a missing authorization vulnerability in the resetU… | 2026-02-15T16:15:54.237 | 2026-02-28T01:33:46.257 |
| fkie_cve-2026-23595 | An authentication bypass in the application API allows an unauthorized administrative account to be… | 2026-02-17T21:22:15.757 | 2026-02-28T01:31:52.473 |
| fkie_cve-2026-23596 | A vulnerability in the management API of the affected product could allow an unauthenticated remote… | 2026-02-17T21:22:15.913 | 2026-02-28T01:30:22.830 |
| fkie_cve-2026-23598 | Vulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could allo… | 2026-02-17T21:22:16.193 | 2026-02-28T01:30:07.653 |
| fkie_cve-2026-23597 | Vulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could allo… | 2026-02-17T21:22:16.053 | 2026-02-28T01:28:43.053 |
| fkie_cve-2024-55928 | Xerox Workplace Suite exposes sensitive secrets in clear text, both locally and remotely. This vuln… | 2025-01-23T18:15:32.100 | 2026-02-28T01:22:35.880 |
| fkie_cve-2024-55927 | A vulnerability in Xerox Workplace Suite arises from flawed token generation and the use of hard-co… | 2025-01-23T18:15:31.940 | 2026-02-28T01:21:42.500 |
| fkie_cve-2024-55926 | A vulnerability found in Xerox Workplace Suite allows arbitrary file read, upload, and deletion on … | 2025-01-23T18:15:31.780 | 2026-02-28T01:20:33.507 |
| fkie_cve-2024-55925 | In Xerox Workplace Suite, an API restricted to specific hosts can be bypassed by manipulating the H… | 2025-01-23T17:15:15.380 | 2026-02-28T01:19:44.767 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-hg4g-pqvm-c557 |
|
HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session… | 2026-02-27T21:31:22Z | 2026-02-28T03:31:33Z |
| ghsa-2p7f-7xjf-8q9q |
|
HTTP::Session2 versions before 1.12 for Perl for Perl may generate weak session ids using the rand(… | 2026-02-27T21:31:22Z | 2026-02-28T03:31:33Z |
| ghsa-5c6j-r48x-rmvq |
8.1 (3.1)
|
Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString() | 2026-02-28T02:50:45Z | 2026-02-28T02:50:45Z |
| ghsa-945p-3jhm-6rcp |
6.9 (4.0)
|
malcontent: Nested archive extraction failure can drop content from scan inputs | 2026-02-28T02:50:09Z | 2026-02-28T02:50:09Z |
| ghsa-8rr6-2qw5-pc7r |
6.8 (3.1)
|
PMD Designer has Stored XSS in VBHTMLRenderer and YAHTMLRenderer via unescaped violation messages | 2026-02-28T02:49:29Z | 2026-02-28T02:49:29Z |
| ghsa-j8cj-hw74-64jv |
|
Hive has Double-free and Use After Free Vulnerabilities | 2026-02-28T02:48:45Z | 2026-02-28T02:48:45Z |
| ghsa-8p85-9qpw-fwgw |
8.2 (4.0)
|
@fastify/middie has Improper Path Normalization when Using Path-Scoped Middleware | 2026-02-28T02:47:17Z | 2026-02-28T02:47:17Z |
| ghsa-f2v5-7jq9-h8cg |
6.9 (4.0)
|
pypdf: Manipulated RunLengthDecode streams can exhaust RAM | 2026-02-28T02:46:10Z | 2026-02-28T02:46:10Z |
| ghsa-hfcp-477w-3wjw |
8.3 (3.1)
|
rubyipmi is vulnerable to OS Command Injection through malicious usernames | 2026-02-27T09:30:29Z | 2026-02-28T02:45:38Z |
| ghsa-7g5x-9c4v-4w5r |
3.1 (3.1)
|
Keycloak REST Services has a WebAuthn Attestation Statement Verification Bypass | 2026-02-27T09:30:29Z | 2026-02-28T02:44:46Z |
| ghsa-v4jw-m6rm-399h |
4.9 (3.1)
|
Keycloak Server Private SPI: Improper Access Control Allows Administrators to Bypass Attribute Visi… | 2026-02-27T09:30:29Z | 2026-02-28T02:42:55Z |
| ghsa-gx6c-pv62-9mcf |
3.3 (3.1)
1.9 (4.0)
|
Snowflake JDBC Driver is Vulnerable to Uncontrolled Resource Consumption through SdkProxyRoutePlanner | 2026-02-27T06:31:28Z | 2026-02-28T02:26:37Z |
| ghsa-8xwf-cr4r-856r |
9.1 (3.1)
|
OpenStack Vitrage: Unauthorized Access to the Host can Lead to Eval Injection | 2026-02-27T06:31:28Z | 2026-02-28T02:24:32Z |
| ghsa-7977-c43c-xpwj |
9.9 (3.1)
|
OpenClaw is vulnerable to validation bypass through GNU long-option abbreviations in allowlist mode | 2026-02-27T06:31:28Z | 2026-02-28T02:17:24Z |
| ghsa-gxvv-45f6-3ch8 |
8.5 (3.1)
|
openshift-apiserver: SSRF via Missing IP/Network-Range Validation in User-Supplied Image References | 2025-12-16T15:30:42Z | 2026-02-28T02:15:59Z |
| ghsa-rx6w-2w6h-r346 |
4.3 (3.1)
2.1 (4.0)
|
PSI Probe: Broken access control can lead to DoS | 2026-02-27T00:31:46Z | 2026-02-28T02:09:13Z |
| ghsa-4rv8-5cmm-2r22 |
6.1 (3.1)
|
osctrl has Stored Cross-Site Scripting (XSS) in On-Demand Query List | 2026-02-28T02:07:15Z | 2026-02-28T02:07:15Z |
| ghsa-rchw-322g-f7rm |
7.3 (3.1)
|
osctrl is Vulnerable to OS Command Injection via Environment Configuration | 2026-02-28T02:05:48Z | 2026-02-28T02:05:48Z |
| ghsa-fpg4-jhqr-589c |
1.7 (4.0)
|
SvelteKit has deserialization expansion in unvalidated `form` remote function leading to Denial of… | 2026-02-28T02:04:39Z | 2026-02-28T02:04:39Z |
| ghsa-72hv-8253-57qq |
8.7 (4.0)
|
jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition | 2026-02-28T02:01:05Z | 2026-02-28T02:01:06Z |
| ghsa-rfjg-6m84-crj2 |
9.8 (3.1)
|
Vikunja Vulnerable to Account Takeover via Password Reset Token Reuse | 2026-02-28T01:59:28Z | 2026-02-28T01:59:28Z |
| ghsa-x7g6-7v62-f6fh |
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 2026-02-28T00:31:02Z | 2026-02-28T00:31:02Z |
| ghsa-prmh-rp39-qc4m |
9.3 (4.0)
|
openDCIM version 23.04, through commit 4467e9c4, contains a SQL injection vulnerability in Config::… | 2026-02-28T00:31:02Z | 2026-02-28T00:31:02Z |
| ghsa-pmx8-fmc2-4rjp |
5.3 (4.0)
|
Featured Image from Content (featured-image-from-content) WordPress plugin versions prior to 1.7 co… | 2026-02-28T00:31:01Z | 2026-02-28T00:31:02Z |
| ghsa-mg2w-x76x-59h8 |
9.3 (4.0)
|
openDCIM version 23.04, through commit 4467e9c4, contains a missing authorization vulnerability in … | 2026-02-28T00:31:02Z | 2026-02-28T00:31:02Z |
| ghsa-428h-8xhf-g3cw |
9.3 (4.0)
|
openDCIM version 23.04, through commit 4467e9c4, contains an OS command injection vulnerability in … | 2026-02-28T00:31:02Z | 2026-02-28T00:31:02Z |
| ghsa-fqr4-q363-g7gm |
6.5 (3.1)
5.9 (4.0)
|
Cross-Site Request Forgery (CSRF) vulnerability in OpenText™ Web Site Management Server allows Cros… | 2026-02-20T00:31:53Z | 2026-02-28T00:31:01Z |
| ghsa-fg7c-375r-xggv |
5.4 (3.1)
7.5 (4.0)
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2026-02-20T00:31:53Z | 2026-02-28T00:31:01Z |
| ghsa-5jm3-f2cq-hw7c |
7.5 (3.1)
7.1 (4.0)
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ope… | 2026-02-20T00:31:53Z | 2026-02-28T00:31:01Z |
| ghsa-558g-hvr5-cchr |
5.4 (3.1)
7.0 (4.0)
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2026-02-20T00:31:53Z | 2026-02-28T00:31:01Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2023-121 |
|
A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as a… | zstd | 2023-03-31T20:15:00+00:00 | 2026-02-25T19:20:58+00:00 |
| pysec-2024-85 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2026-02-25T10:47:20.527736Z |
| pysec-2024-84 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2026-02-25T10:47:20.405923Z |
| pysec-2024-83 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2026-02-25T10:47:20.277592Z |
| pysec-2024-82 |
8.8 (3.1)
|
Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB… | mindsdb | 2024-09-12T13:15:00Z | 2026-02-25T10:47:20.150040Z |
| pysec-2023-278 |
5.3 (3.1)
|
MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1… | mindsdb | 2023-12-11T21:15:00Z | 2026-02-25T10:47:20.007476Z |
| pysec-2026-1 |
|
A PyPI user account compromised by an attacker and was able to upload a malicious version… | dydx-v4-client | 2026-01-28T21:09:02+00:00 | |
| pysec-2025-52 |
|
gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. | mlflow | 2025-06-23T15:15:29Z | 2025-12-05T13:25:55.146081Z |
| pysec-2020-220 |
|
A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll… | ansible | 2020-10-05T14:15:00Z | 2025-10-31T04:43:53.616247Z |
| pysec-2025-72 |
|
The `num2words` project was compromised via a phishing attack and two new versions were u… | num2words | 2025-07-31T14:34:47+00:00 | |
| pysec-2025-71 |
|
Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas… | cadwyn | 2025-07-21T21:15:25+00:00 | 2025-07-23T15:24:03.825615+00:00 |
| pysec-2025-70 |
10.0 (3.1)
|
A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen… | langchain-community | 2025-06-23T21:15:25+00:00 | 2025-07-16T21:23:40.211079+00:00 |
| pysec-2024-259 |
9.8 (3.1)
|
In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by m… | torch | 2024-10-29T21:15:04+00:00 | 2025-07-16T03:09:57.748865+00:00 |
| pysec-2024-258 |
|
In scrapy/scrapy, an issue was identified where the Authorization header is not removed d… | scrapy | 2024-05-20T08:15:08+00:00 | 2025-07-15T17:37:50.051730+00:00 |
| pysec-2025-69 |
|
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem… | roundup | 2025-07-13T20:15:25+00:00 | 2025-07-13T21:23:01.161315+00:00 |
| pysec-2025-68 |
8.0 (3.1)
|
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6… | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.449399+00:00 |
| pysec-2025-67 |
9.8 (3.1)
|
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil… | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.385619+00:00 |
| pysec-2025-66 |
|
Improper privilege management in a REST interface allowed registered users to access unau… | streampipes | 2025-03-03T11:15:11+00:00 | 2025-07-08T15:23:46.628375+00:00 |
| pysec-2025-65 |
|
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0… | llama-index | 2025-07-07T13:15:28+00:00 | 2025-07-07T15:23:42.730681+00:00 |
| pysec-2025-61 |
|
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap … | pillow | 2025-07-01T19:15:27Z | 2025-07-07T14:12:46.226030Z |
| pysec-2025-64 |
9.8 (3.1)
|
A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0… | python-a2a | 2025-06-17T07:15:18+00:00 | 2025-07-02T21:23:13.806273+00:00 |
| pysec-2025-63 |
|
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe… | vllm | 2025-03-19T16:15:32+00:00 | 2025-07-01T23:22:49.176005+00:00 |
| pysec-2025-62 |
|
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal… | vllm | 2025-02-07T20:15:34+00:00 | 2025-07-01T23:22:49.083695+00:00 |
| pysec-2025-60 |
|
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Inform… | apache-iotdb | 2025-05-14T11:16:28+00:00 | 2025-07-01T21:22:47.232036+00:00 |
| pysec-2025-59 |
|
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attack… | apache-iotdb | 2025-05-14T11:15:47+00:00 | 2025-07-01T21:22:47.177405+00:00 |
| pysec-2024-257 |
7.5 (3.1)
|
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… | mobsf | 2024-03-22T23:15:07+00:00 | 2025-06-30T15:23:50.085549+00:00 |
| pysec-2025-58 |
8.8 (3.1)
|
vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py impl… | vllm | 2025-01-27T18:15:41+00:00 | 2025-06-27T21:22:36.583615+00:00 |
| pysec-2025-57 |
|
A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent… | zenml | 2025-03-20T10:15:48+00:00 | 2025-06-27T17:22:55.175431+00:00 |
| pysec-2025-56 |
4.3 (3.1)
|
OctoPrint provides a web interface for controlling consumer 3D printers. In versions up t… | octoprint | 2025-04-22T18:15:59+00:00 | 2025-06-27T17:22:53.513680+00:00 |
| pysec-2024-256 |
|
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… | mobsf | 2024-12-03T16:15:24+00:00 | 2025-06-27T17:22:53.325430+00:00 |
| ID | Description | Type |
|---|---|---|
| tid-412 | Some devices will allow for the forwarding of packets to other connected devices (e.g., r… | networking |
| tid-411 | The device utilizes a weak or insecure cryptographic protocol or algorithm that can be br… | networking |
| tid-410 | While encrypting data can prevent a threat actor from directly obtaining the plaintext co… | networking |
| tid-408 | Some devices do not adequately encrypt communications that includes operational or manage… | networking |
| tid-407 | Threat actors may be able to replay a message to a device to cause an unwanted function, … | networking |
| tid-406 | Some devices operate using protocols that have no capacity for network-level authenticati… | networking |
| tid-405 | Remote connections and communications can consume various device resources (e.g., network… | networking |
| tid-404 | Some devices will have operating modes that put the device in an inoperable state. Device… | networking |
| tid-401 | Some devices may support proprietary protocols, or may add proprietary functionality to o… | networking |
| tid-330 | Algorithms or code implementations of cryptographic processes will sometimes leak informa… | application-software |
| tid-329 | If a device stores passwords in an unsafe manner (e.g., in a cleartext file with no read … | application-software |
| tid-328 | Hardcoded credentials typically cannot be changed by end-users and are often undocumented… | application-software |
| tid-327 | If an application does not properly restrict data writes to allocated memory locations, a… | application-software |
| tid-326 | Many object-oriented languages use serialization to convert class objects into byte strin… | application-software |
| tid-325 | The device uses HTTP headers that are unencrypted, not-validated, and/or unauthenticated.… | application-software |
| tid-324 | If a device does not properly authenticate all HTTP requests, a threat actor can directly… | application-software |
| tid-323 | A threat actor can send requests for files or content that resides in different directori… | application-software |
| tid-322 | If a threat actor can include malicious JavaScript within a page viewed by a legitimate d… | application-software |
| tid-321 | A threat actor can hijack an insufficiently protected HTTP session token to gain unauthor… | application-software |
| tid-320 | The device does not property restrict, filter, or validate the content of web-based reque… | application-software |
| tid-319 | The device does not properly restrict, filter, or validate the content of web-based reque… | application-software |
| tid-318 | The device uses a cryptographic library or implementation that either introduces an addit… | application-software |
| tid-317 | If the device does not generate sufficiently random cryptographic primitives, a threat ac… | application-software |
| tid-316 | Certificate-based authentication depends on the correct parsing and validation of an X.50… | application-software |
| tid-315 | If the device includes a password retrieval mechanism, a threat actor could use that mech… | application-software |
| tid-314 | A threat actor could gain unauthorized access by continually guessing passwords. This cou… | application-software |
| tid-313 | A threat actor can change or reset a password or credential without being authenticated. … | application-software |
| tid-312 | A device’s credential change mechanisms can be abused to lock out users from their own de… | application-software |
| tid-311 | Devices often include default credentials from the vendor. Default credentials can be cha… | application-software |
| tid-310 | If an application does not authenticate all connections from a remote device or system, a… | application-software |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33884 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.534455Z |
| gsd-2024-33901 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.525896Z |
| gsd-2024-33887 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.503613Z |
| gsd-2024-33895 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.493081Z |
| gsd-2024-33894 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.488420Z |
| gsd-2024-33902 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.486429Z |
| gsd-2024-33888 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.468423Z |
| gsd-2024-33885 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.441746Z |
| gsd-2024-33891 | Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via th… | 2024-04-29T05:02:07.412035Z |
| gsd-2024-33899 | RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the scr… | 2024-04-29T05:02:07.400574Z |
| gsd-2024-33889 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.392587Z |
| gsd-2024-33893 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.381761Z |
| gsd-2024-33892 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.378170Z |
| gsd-2024-33890 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.344384Z |
| gsd-2024-33896 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.313250Z |
| gsd-2024-33903 | In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pede… | 2024-04-29T05:02:07.295775Z |
| gsd-2024-33900 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.290639Z |
| gsd-2024-33898 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.287632Z |
| gsd-2024-33886 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.287167Z |
| gsd-2024-33897 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.283756Z |
| gsd-2024-33883 | The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certa… | 2024-04-29T05:02:07.271727Z |
| gsd-2024-4303 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.716348Z |
| gsd-2024-4300 | E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remo… | 2024-04-29T05:02:05.715239Z |
| gsd-2024-4297 | The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlo… | 2024-04-29T05:02:05.700888Z |
| gsd-2024-4301 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.678292Z |
| gsd-2024-4296 | The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock… | 2024-04-29T05:02:05.621428Z |
| gsd-2024-4299 | The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSheroc… | 2024-04-29T05:02:05.606402Z |
| gsd-2024-4302 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.603637Z |
| gsd-2024-4298 | The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, Audit… | 2024-04-29T05:02:05.598531Z |
| gsd-2024-33876 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.990196Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-1082 | Malicious code in cdf-clients (PyPI) | 2026-02-27T21:33:39Z | 2026-02-27T21:33:39Z |
| mal-2026-1081 | Malicious code in marionette-react-view (npm) | 2026-02-27T20:57:39Z | 2026-02-27T20:57:39Z |
| mal-2026-1060 | Malicious code in @zinley/orion (npm) | 2026-02-27T12:04:26Z | 2026-02-27T20:13:17Z |
| mal-2026-1080 | Malicious code in hashtools32 (PyPI) | 2026-02-27T19:50:28Z | 2026-02-27T19:50:28Z |
| mal-2026-1079 | Malicious code in sokettry (npm) | 2026-02-27T16:29:27Z | 2026-02-27T16:29:28Z |
| mal-2026-1078 | Malicious code in socket-dgxeon (npm) | 2026-02-27T16:29:28Z | 2026-02-27T16:29:28Z |
| mal-2026-1077 | Malicious code in dgxeon-soket4 (npm) | 2026-02-27T16:29:27Z | 2026-02-27T16:29:28Z |
| mal-2026-1076 | Malicious code in dgxeon-soket3 (npm) | 2026-02-27T16:29:27Z | 2026-02-27T16:29:28Z |
| mal-2026-1075 | Malicious code in dgxeon-soket2 (npm) | 2026-02-27T16:29:27Z | 2026-02-27T16:29:28Z |
| mal-2026-1073 | Malicious code in baileys-xeonbot (npm) | 2026-02-27T16:29:27Z | 2026-02-27T16:29:28Z |
| mal-2026-1072 | Malicious code in @dgxeon/libsignal-node (npm) | 2026-02-27T16:29:28Z | 2026-02-27T16:29:28Z |
| mal-2026-1074 | Malicious code in dgxeon-soket (npm) | 2026-02-27T16:29:27Z | 2026-02-27T16:29:27Z |
| mal-2026-1066 | Malicious code in @skyzopedia/baileys-mod (npm) | 2026-02-27T16:13:46Z | 2026-02-27T16:13:54Z |
| mal-2026-1070 | Malicious code in @skyzopedia/ubot (npm) | 2026-02-27T16:13:46Z | 2026-02-27T16:13:47Z |
| mal-2026-1069 | Malicious code in @skyzopedia/libsignal-node (npm) | 2026-02-27T16:13:46Z | 2026-02-27T16:13:47Z |
| mal-2026-1068 | Malicious code in @skyzopedia/brat (npm) | 2026-02-27T16:13:46Z | 2026-02-27T16:13:47Z |
| mal-2026-1067 | Malicious code in @skyzopedia/baileys-pro (npm) | 2026-02-27T16:13:46Z | 2026-02-27T16:13:47Z |
| mal-2026-1065 | Malicious code in @skyzopedia/baileys (npm) | 2026-02-27T16:13:46Z | 2026-02-27T16:13:47Z |
| mal-2026-1071 | Malicious code in libsignal-skyzopedia (npm) | 2026-02-27T16:13:46Z | 2026-02-27T16:13:46Z |
| mal-2026-1064 | Malicious code in cicd-ppe-redteam-test02 (PyPI) | 2026-02-27T13:50:48Z | 2026-02-27T15:19:51Z |
| mal-2026-1063 | Malicious code in cicd-ppe-redteam-test01 (PyPI) | 2026-02-27T13:42:21Z | 2026-02-27T14:49:19Z |
| mal-2026-1061 | Malicious code in newman-reporter-genuinepoc (npm) | 2026-02-27T11:55:41Z | 2026-02-27T11:55:41Z |
| mal-2026-1062 | Malicious code in express-core-validator (npm) | 2026-02-27T11:51:42Z | 2026-02-27T11:51:42Z |
| mal-2026-1059 | Malicious code in nuget-task-common (npm) | 2026-02-27T09:55:28Z | 2026-02-27T10:18:30Z |
| mal-2026-1053 | Malicious code in hardhat-node (npm) | 2026-02-26T13:32:42Z | 2026-02-26T22:14:36Z |
| mal-2026-1052 | Malicious code in foundry-toolkit (npm) | 2026-02-26T20:50:45Z | 2026-02-26T22:14:36Z |
| mal-2026-1050 | Malicious code in launch-darkly-js (npm) | 2026-02-26T20:10:47Z | 2026-02-26T20:10:47Z |
| mal-2026-1057 | Malicious code in windowston (npm) | 2026-02-26T17:51:38Z | 2026-02-26T17:51:38Z |
| mal-2026-1049 | Malicious code in flycord (PyPI) | 2026-02-26T15:38:34Z | 2026-02-26T15:38:34Z |
| mal-2026-1048 | Malicious code in edx-salesforce (PyPI) | 2026-02-26T13:55:39Z | 2026-02-26T14:07:49Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-2712 | Mattermost: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-12-01T23:00:00.000+00:00 | 2026-02-26T23:00:00.000+00:00 |
| wid-sec-w-2026-0514 | FreeRDP: Mehrere Schwachstellen | 2026-02-24T23:00:00.000+00:00 | 2026-02-25T23:00:00.000+00:00 |
| wid-sec-w-2026-0484 | ImageMagick: Mehrere Schwachstellen | 2026-02-23T23:00:00.000+00:00 | 2026-02-25T23:00:00.000+00:00 |
| wid-sec-w-2026-0331 | BeyondTrust Privileged Remote Access und Remote Support: Schwachstelle ermöglicht Codeausführung | 2026-02-05T23:00:00.000+00:00 | 2026-02-25T23:00:00.000+00:00 |
| wid-sec-w-2026-0496 | Fortinet FortiOS: Mehrere Schwachstellen | 2018-05-22T22:00:00.000+00:00 | 2026-02-24T23:00:00.000+00:00 |
| wid-sec-w-2026-0478 | GIMP: Mehrere Schwachstellen ermöglichen Denial of Service | 2017-12-19T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2026-0448 | Red Hat Enterprise Linux (MUNGE): Schwachstelle ermöglicht Privilegieneskalation | 2026-02-17T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2026-0446 | libssh: Mehrere Schwachstellen ermöglichen Manipulation von Dateien und DoS | 2026-02-17T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2026-0362 | Red Hat Enterprise Linux (Lodash): Schwachstelle ermöglicht Denial of Service | 2026-02-10T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2026-0353 | libpng: Schwachstelle ermöglicht Codeausführung | 2026-02-09T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2026-0345 | Golang Go: Mehrere Schwachstellen | 2026-02-08T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2026-0324 | Linux Kernel: Mehrere Schwachstellen | 2026-02-04T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2026-0244 | FreeRDP: Mehrere Schwachstellen | 2026-01-27T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2026-0237 | libpng: Mehrere Schwachstellen ermöglichen Denial of Service | 2026-01-27T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2026-0234 | OpenSSL: Mehrere Schwachstellen | 2026-01-27T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2026-0224 | Grafana: Mehrere Schwachstellen | 2026-01-26T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2026-0129 | Golang Go: Mehrere Schwachstellen | 2026-01-15T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2026-0114 | Red Hat OpenShift (github.com/sirupsen/logrus): Schwachstelle ermöglicht Denial of Service | 2026-01-14T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2026-0111 | FreeRDP: Mehrere Schwachstellen | 2026-01-13T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2026-0086 | Linux Kernel: Mehrere Schwachstellen | 2026-01-13T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2026-0068 | libpng (API-Funktionen): Mehrere Schwachstellen ermöglichen DoS und Offenlegung von Informationen | 2026-01-12T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2931 | GIMP: Schwachstelle ermöglicht Codeausführung | 2025-12-29T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2881 | Red Hat Enterprise Linux (multicluster global hub): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-12-17T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2871 | GIMP: Mehrere Schwachstellen ermöglichen Codeausführung | 2025-12-17T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2750 | Apache HTTP Server: Mehrere Schwachstellen | 2025-12-04T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2724 | Golang Go: Mehrere Schwachstellen | 2025-12-02T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2608 | Golang Go: Schwachstelle ermöglicht Denial of Service | 2025-11-16T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2431 | Linux Kernel: Mehrere Schwachstellen | 2025-10-28T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2301 | Red Hat Enterprise Linux: Mehrere Schwachstellen | 2025-10-14T22:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2227 | Golang Go: Mehrere Schwachstellen | 2025-10-07T22:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ncsc-2026-0073 | Kwetsbaarheid verholpen in Juniper Junos OS Evolved | 2026-02-27T09:48:51.845864Z | 2026-02-27T09:48:51.845864Z |
| ncsc-2026-0072 | Kwetsbaarheden verholpen in GitLab | 2026-02-27T07:15:18.318821Z | 2026-02-27T07:15:18.318821Z |
| ncsc-2026-0071 | Kwetsbaarheden verholpen in Cisco Catalyst SD-WAN Manager | 2026-02-25T17:11:09.013125Z | 2026-02-25T17:11:09.013125Z |
| ncsc-2026-0070 | Kwetsbaarheden verholpen in VMware Aria Operations | 2026-02-25T11:24:46.807867Z | 2026-02-25T11:24:46.807867Z |
| ncsc-2026-0069 | Kwetsbaarheden verholpen in SolarWinds Serv-U | 2026-02-25T10:39:38.154815Z | 2026-02-25T10:39:38.154815Z |
| ncsc-2026-0068 | Kwetsbaarheden verholpen in Splunk Enterprise en Splunk Cloud Platform | 2026-02-23T14:27:28.865278Z | 2026-02-23T14:27:28.865278Z |
| ncsc-2026-0043 | Zeroday-kwetsbaarheden verholpen in Ivanti Endpoint Manager Mobile | 2026-01-29T19:15:04.575371Z | 2026-02-20T14:47:02.047999Z |
| ncsc-2026-0067 | Kwetsbaarheden verholpen in GitHub Enterprise Server | 2026-02-20T10:13:39.540778Z | 2026-02-20T10:13:39.540778Z |
| ncsc-2026-0066 | Kwetsbaarheid verholpen in Google Chrome | 2026-02-19T08:29:30.712590Z | 2026-02-19T08:29:30.712590Z |
| ncsc-2026-0065 | Kwetsbaarheid verholpen in Dell RecoverPoint for Virtual Machines | 2026-02-18T13:18:23.815384Z | 2026-02-18T13:18:23.815384Z |
| ncsc-2026-0064 | Kwetsbaarheden verholpen in Apple iOS en iPadOS | 2026-02-13T13:35:03.870920Z | 2026-02-13T13:35:03.870920Z |
| ncsc-2026-0063 | Kwetsbaarheden verholpen in Apple macOS | 2026-02-13T13:24:06.433550Z | 2026-02-13T13:24:06.433550Z |
| ncsc-2026-0048 | Kwetsbaarheid verholpen in BeyondTrust Remote Support | 2026-02-09T10:27:57.867529Z | 2026-02-13T12:54:32.614217Z |
| ncsc-2026-0062 | Kwetsbaarheden verholpen in GitLab CE/EE | 2026-02-11T11:45:05.986313Z | 2026-02-11T11:45:05.986313Z |
| ncsc-2026-0061 | Kwetsbaarheden verholpen in Fortinet FortiOS | 2026-02-11T11:34:50.888067Z | 2026-02-11T11:34:50.888067Z |
| ncsc-2026-0060 | Kwetsbaarheden verholpen in Fortinet FortiSandbox, FortiAuthenticator en FortiClient | 2026-02-11T11:34:36.684955Z | 2026-02-11T11:34:36.684955Z |
| ncsc-2026-0059 | Kwetsbaarheden verholpen in Ivanti Endpoint Manager | 2026-02-11T08:16:27.583936Z | 2026-02-11T08:16:27.583936Z |
| ncsc-2026-0058 | Kwetsbaarheden verholpen in Microsoft Office | 2026-02-10T19:11:42.825147Z | 2026-02-10T19:11:42.825147Z |
| ncsc-2026-0057 | Kwetsbaarheden verholpen in Microsoft Azure | 2026-02-10T19:08:27.878305Z | 2026-02-10T19:08:27.878305Z |
| ncsc-2026-0056 | Kwetsbaarheden verholpen in Microsoft Developer Tools | 2026-02-10T19:07:16.028511Z | 2026-02-10T19:07:16.028511Z |
| ncsc-2026-0055 | Kwetsbaarheid verholpen in Microsoft SQL Server | 2026-02-10T19:05:45.729972Z | 2026-02-10T19:05:45.729972Z |
| ncsc-2026-0054 | Kwetsbaarheid verholpen in Microsoft Exchange | 2026-02-10T19:04:51.366294Z | 2026-02-10T19:04:51.366294Z |
| ncsc-2026-0053 | Kwetsbaarheden verholpen in Microsoft Windows | 2026-02-10T19:01:45.561771Z | 2026-02-10T19:01:45.561771Z |
| ncsc-2026-0052 | Kwetsbaarheden verholpen in SAP producten | 2026-02-10T12:28:40.531069Z | 2026-02-10T12:28:40.531069Z |
| ncsc-2026-0051 | Kwetsbaarheden verholpen in Siemens producten | 2026-02-10T12:27:40.637581Z | 2026-02-10T12:27:40.637581Z |
| ncsc-2026-0050 | Kwetsbaarheid verholpen in PEAR | 2026-02-09T10:41:43.856342Z | 2026-02-09T10:41:43.856342Z |
| ncsc-2026-0049 | Kwetsbaarheden verholpen in n8n | 2026-02-09T10:39:40.792744Z | 2026-02-09T10:39:40.792744Z |
| ncsc-2026-0047 | Kwetsbaarheid verholpen in Fortinet FortiClient EMS | 2026-02-09T10:16:18.048622Z | 2026-02-09T10:16:18.048622Z |
| ncsc-2026-0046 | Kwetsbaarheden verholpen in Samsung mobile | 2026-02-09T07:48:28.751473Z | 2026-02-09T07:48:28.751473Z |
| ncsc-2026-0040 | Kwetsbaarheid verholpen in SmarterTools SmarterMail | 2026-01-27T10:51:39.476320Z | 2026-02-06T09:25:57.008166Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| tssa-2025-00001 | Project CSAF document | 2025-10-06T11:54:52.856Z | 2025-10-06T11:54:52.856Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-613116 | SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1 | 2025-08-12T00:00:00Z | 2026-02-24T00:00:00Z |
| ssa-355557 | SSA-355557: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.2 | 2025-08-12T00:00:00Z | 2026-02-24T00:00:00Z |
| ssa-089022 | SSA-089022: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.3 | 2026-01-28T00:00:00Z | 2026-02-24T00:00:00Z |
| ssa-965753 | SSA-965753: Multiple File Parsing Vulnerabilities in Simcenter Femap and Nastran Before V2512 | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-864900 | SSA-864900: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices | 2025-05-13T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-783261 | SSA-783261: Denial of Service Vulnerability in Automation License Manager (ALM) Before V5.2 | 2012-12-12T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-674753 | SSA-674753: Denial-of-Service Vulnerability in ET 200 Devices | 2026-01-13T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-625934 | SSA-625934: Improper Access Control Vulnerability in the Webhooks Implementation of Siveillance Video Management Servers | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-599451 | SSA-599451: Multiple Vulnerabilities in SiPass integrated | 2025-10-14T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-535115 | SSA-535115: Data Validation Vulnerability in NX Before V2512 | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-513708 | SSA-513708: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices | 2025-06-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-507364 | SSA-507364: Heap Based Buffer Overflow Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-445819 | SSA-445819: Out of Bounds Read in PS/IGES Parasolid Translator Component in Solid Edge | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-311973 | SSA-311973: Multiple Local Privilege Escalation Vulnerabilities in SINEC NMS and User Management Component (UMC) | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-282044 | SSA-282044: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery | 2025-08-12T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-265688 | SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 | 2024-04-09T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-216014 | SSA-216014: Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs | 2025-03-11T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-212953 | SSA-212953: Multiple Vulnerabilities in COMOS | 2025-12-09T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-130874 | SSA-130874: Buffer Overflow Vulnerability in SCALANCE X Switches | 2012-04-05T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-082556 | SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5 | 2025-06-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-035571 | SSA-035571: Cross Site Scripting Vulnerability in Polarion Before V2506 | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-978177 | SSA-978177: Vulnerability in Nozomi Guardian/CMC Before 25.4.0 on RUGGEDCOM APE1808 Devices | 2025-08-12T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-928984 | SSA-928984: Heap-based Buffer Overflow Vulnerability in User Management Component (UMC) | 2024-12-16T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-912274 | SSA-912274: Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17 | 2025-12-09T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-858251 | SSA-858251: Authentication Bypass Vulnerabilities in OPC UA | 2025-03-11T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-832273 | SSA-832273: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.3 on RUGGEDCOM APE1808 Devices | 2024-03-12T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-827968 | SSA-827968: Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices | 2026-01-13T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-698820 | SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices | 2024-07-09T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-693776 | SSA-693776: Multiple Vulnerabilities in Industrial Communication Devices based on SINEC OS before V3.2 | 2025-06-10T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-366067 | SSA-366067: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.1 on RUGGEDCOM APE1808 Devices | 2024-03-12T00:00:00Z | 2026-01-13T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2026:2765 | Red Hat Security Advisory: Satellite 6.16.6.1 Async Update | 2026-02-16T21:33:28+00:00 | 2026-02-17T12:41:50+00:00 |
| rhsa-2026:2769 | Red Hat Security Advisory: Red Hat Ceph Storage 7.1 security and bug fix updates | 2026-02-17T00:55:59+00:00 | 2026-02-17T12:41:47+00:00 |
| rhsa-2026:2764 | Red Hat Security Advisory: Satellite 6.17.6.3 Async Update | 2026-02-16T19:06:28+00:00 | 2026-02-17T12:41:47+00:00 |
| rhsa-2026:2762 | Red Hat Security Advisory: Red Hat Quay 3.10.18 | 2026-02-16T17:44:31+00:00 | 2026-02-17T12:41:47+00:00 |
| rhsa-2026:2760 | Red Hat Security Advisory: Satellite 6.18.3 Async Update | 2026-02-16T16:52:18+00:00 | 2026-02-17T12:41:47+00:00 |
| rhsa-2026:2572 | Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes v2.14.2 security update | 2026-02-11T16:14:44+00:00 | 2026-02-17T12:41:47+00:00 |
| rhsa-2026:2754 | Red Hat Security Advisory: Red Hat Quay 3.9.18 | 2026-02-16T15:43:51+00:00 | 2026-02-17T12:41:46+00:00 |
| rhsa-2026:2728 | Red Hat Security Advisory: python-urllib3 security update | 2026-02-16T11:56:59+00:00 | 2026-02-17T12:41:46+00:00 |
| rhsa-2026:2723 | Red Hat Security Advisory: python-urllib3 security update | 2026-02-16T11:26:37+00:00 | 2026-02-17T12:41:45+00:00 |
| rhsa-2026:2718 | Red Hat Security Advisory: python-urllib3 security update | 2026-02-16T11:40:57+00:00 | 2026-02-17T12:41:45+00:00 |
| rhsa-2026:2717 | Red Hat Security Advisory: python-urllib3 security update | 2026-02-16T11:34:12+00:00 | 2026-02-17T12:41:45+00:00 |
| rhsa-2026:2695 | Red Hat Security Advisory: RHOAI 2.25.2 - Red Hat OpenShift AI | 2026-02-12T22:43:13+00:00 | 2026-02-17T12:41:45+00:00 |
| rhsa-2026:2681 | Red Hat Security Advisory: Red Hat Quay 3.16.2 | 2026-02-12T17:29:21+00:00 | 2026-02-17T12:41:45+00:00 |
| rhsa-2026:2675 | Red Hat Security Advisory: Red Hat Developer Hub 1.8.3 release. | 2026-02-12T15:30:56+00:00 | 2026-02-17T12:41:45+00:00 |
| rhsa-2026:2654 | Red Hat Security Advisory: Release of components for Service Telemetry Framework 1.5.7 | 2026-02-12T13:46:10+00:00 | 2026-02-17T12:41:44+00:00 |
| rhsa-2026:2571 | Red Hat Security Advisory: multicluster engine for Kubernetes v2.9.2 security update | 2026-02-11T15:58:30+00:00 | 2026-02-17T12:41:43+00:00 |
| rhsa-2026:2563 | Red Hat Security Advisory: Red Hat Update Infrastructure 5 security update | 2026-02-11T14:34:45+00:00 | 2026-02-17T12:41:43+00:00 |
| rhsa-2026:2500 | Red Hat Security Advisory: Red Hat multicluster global hub 1.4.4 security update | 2026-02-11T05:02:44+00:00 | 2026-02-17T12:41:43+00:00 |
| rhsa-2026:2456 | Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.26.0 Release. | 2026-02-10T17:06:01+00:00 | 2026-02-17T12:41:43+00:00 |
| rhsa-2026:2454 | Red Hat Security Advisory: DevWorkspace Operator 0.39.0 release. | 2026-02-10T15:32:22+00:00 | 2026-02-17T12:41:43+00:00 |
| rhsa-2026:2441 | Red Hat Security Advisory: go-toolset:rhel8 security update | 2026-02-10T13:45:07+00:00 | 2026-02-17T12:41:43+00:00 |
| rhsa-2026:2376 | Red Hat Security Advisory: Red Hat Web Terminal Operator 1.14.0 release. | 2026-02-09T23:40:14+00:00 | 2026-02-17T12:41:42+00:00 |
| rhsa-2026:2375 | Red Hat Security Advisory: Red Hat Web Terminal Operator 1.15.0 release. | 2026-02-09T22:06:53+00:00 | 2026-02-17T12:41:42+00:00 |
| rhsa-2026:2374 | Red Hat Security Advisory: Red Hat Web Terminal Operator 1.13.0 release. | 2026-02-09T21:56:53+00:00 | 2026-02-17T12:41:41+00:00 |
| rhsa-2026:2371 | Red Hat Security Advisory: Red Hat Web Terminal Operator 1.12.1 release. | 2026-02-09T20:49:08+00:00 | 2026-02-17T12:41:41+00:00 |
| rhsa-2026:2367 | Red Hat Security Advisory: Red Hat Web Terminal Operator 1.11.1 release. | 2026-02-09T18:49:52+00:00 | 2026-02-17T12:41:41+00:00 |
| rhsa-2026:2343 | Red Hat Security Advisory: Red Hat OpenShift API for Data Protection | 2026-02-09T14:20:06+00:00 | 2026-02-17T12:41:41+00:00 |
| rhsa-2026:2334 | Red Hat Security Advisory: go-toolset:rhel8 security update | 2026-02-09T12:48:48+00:00 | 2026-02-17T12:41:41+00:00 |
| rhsa-2026:2323 | Red Hat Security Advisory: git-lfs security update | 2026-02-09T11:51:28+00:00 | 2026-02-17T12:41:41+00:00 |
| rhsa-2026:2320 | Red Hat Security Advisory: golang security update | 2026-02-09T11:08:53+00:00 | 2026-02-17T12:41:40+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-26-057-10 | Copeland XWEB and XWEB Pro | 2026-02-26T07:00:00.000000Z | 2026-02-26T07:00:00.000000Z |
| icsa-26-057-09 | Yokogawa CENTUM VP R6, R7 | 2026-02-26T07:00:00.000000Z | 2026-02-26T07:00:00.000000Z |
| icsa-26-057-08 | Mobility46 mobility46.se | 2026-02-26T07:00:00.000000Z | 2026-02-26T07:00:00.000000Z |
| icsa-26-057-07 | EV Energy ev.energy | 2026-02-26T07:00:00.000000Z | 2026-02-26T07:00:00.000000Z |
| icsa-26-057-06 | SWITCH EV swtchenergy.com | 2026-02-26T07:00:00.000000Z | 2026-02-26T07:00:00.000000Z |
| icsa-26-057-05 | Chargemap chargemap.com | 2026-02-26T07:00:00.000000Z | 2026-02-26T07:00:00.000000Z |
| icsa-26-057-04 | EV2GO ev2go.io | 2026-02-26T07:00:00.000000Z | 2026-02-26T07:00:00.000000Z |
| icsa-26-057-03 | CloudCharge cloudcharge.se | 2026-02-26T07:00:00.000000Z | 2026-02-26T07:00:00.000000Z |
| icsa-26-057-02 | Pelco, Inc. Sarix Pro 3 Series IP Cameras | 2026-02-26T07:00:00.000000Z | 2026-02-26T07:00:00.000000Z |
| icsa-26-057-01 | Johnson Controls, Inc. Frick Controls Quantum HD | 2026-02-26T07:00:00.000000Z | 2026-02-26T07:00:00.000000Z |
| icsa-26-048-04 | Honeywell HIB2PI and HDZ Series CCTV Cameras (Update A) | 2026-02-17T07:00:00.000000Z | 2026-02-26T07:00:00.000000Z |
| icsa-25-133-02 | Hitachi Energy Relion 670/650/SAM600-IO Series (Update C) | 2023-11-28T00:00:00.000000Z | 2026-02-26T07:00:00.000000Z |
| icsa-26-043-06 | Siemens SINEC OS | 2026-01-28T00:00:00.000000Z | 2026-02-25T07:00:00.000000Z |
| icsa-26-027-01 | iba Systems ibaPDA | 2026-01-27T07:00:00.000000Z | 2026-02-25T07:00:00.000000Z |
| icsa-25-226-15 | Siemens SINEC OS | 2025-08-12T00:00:00.000000Z | 2026-02-25T07:00:00.000000Z |
| icsa-25-226-07 | Siemens Third-Party Components in SINEC OS | 2025-08-12T00:00:00.000000Z | 2026-02-25T07:00:00.000000Z |
| icsa-26-055-02 | Schneider Electric EcoStruxure Building Operation Workstation | 2026-02-10T08:00:00.000000Z | 2026-02-24T07:00:00.000000Z |
| icsa-26-055-01 | InSAT MasterSCADA BUK-TS | 2026-02-24T07:00:00.000000Z | 2026-02-24T07:00:00.000000Z |
| icsa-25-070-01 | Schneider Electric Uni-Telway Driver (Update C) | 2025-02-11T05:00:00.000000Z | 2026-02-24T07:00:00.000000Z |
| icsa-24-296-01 | Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update C) | 2024-10-22T06:00:00.000000Z | 2026-02-24T07:00:00.000000Z |
| icsa-22-202-04 | ICONICS Suite and Mitsubishi Electric MC Works64 Products (Update C) | 2022-07-26T06:00:00.000000Z | 2026-02-24T07:00:00.000000Z |
| icsa-26-055-03 | Gardyn Home Kit | 2026-02-24T06:00:00.000000Z | 2026-02-24T06:00:00.000000Z |
| icsa-26-020-01 | Schneider Electric EcoStruxure Foxboro DCS (Update A) | 2025-12-09T08:00:00.000000Z | 2026-02-24T06:00:00.000000Z |
| va-25-297-01 | IBM DOORS Next Generation multiple vulnerabilities | 2025-10-22T18:45:47Z | 2026-02-18T00:00:00Z |
| icsa-26-048-03 | GE Vernova Enervista UR Setup | 2026-02-17T07:00:00.000000Z | 2026-02-17T07:00:00.000000Z |
| icsa-26-048-02 | Delta Electronics ASDA-Soft | 2026-02-17T07:00:00.000000Z | 2026-02-17T07:00:00.000000Z |
| icsa-26-048-01 | Siemens Simcenter Femap and Nastran | 2026-02-10T00:00:00.000000Z | 2026-02-17T07:00:00.000000Z |
| icsa-26-043-10 | Airleader Master | 2026-02-12T07:00:00.000000Z | 2026-02-12T07:00:00.000000Z |
| icsa-26-043-09 | Hitachi Energy SuprOS | 2026-01-27T00:00:00.000000Z | 2026-02-12T07:00:00.000000Z |
| icsa-26-043-08 | Siemens NX | 2026-02-10T00:00:00.000000Z | 2026-02-12T07:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-ucsm-cmdinj-gvxlpesb | Cisco UCS Manager Software Command Injection Vulnerability | 2026-02-25T16:00:00+00:00 | 2026-02-25T16:00:00+00:00 |
| cisco-sa-ucsm-afwae-mogufyln | Cisco UCS Manager Software Privilege Escalation Vulnerability | 2026-02-25T16:00:00+00:00 | 2026-02-25T16:00:00+00:00 |
| cisco-sa-ucsfxosxss-7skve8zv | Cisco FXOS and UCS Manager Software Stored Cross-Site Scripting Vulnerability | 2026-02-25T16:00:00+00:00 | 2026-02-25T16:00:00+00:00 |
| cisco-sa-ucsciv-wgytc78q | Cisco FXOS and UCS Manager Software Command Injection Vulnerability | 2026-02-25T16:00:00+00:00 | 2026-02-25T16:00:00+00:00 |
| cisco-sa-sdwan-rpa-ehchtzk | Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability | 2026-02-25T16:00:00+00:00 | 2026-02-25T16:00:00+00:00 |
| cisco-sa-sdwan-authbp-qwcx8d4v | Cisco Catalyst SD-WAN Vulnerabilities | 2026-02-25T16:00:00+00:00 | 2026-02-25T16:00:00+00:00 |
| cisco-sa-nxos-ether-dos-kv8ynwz4 | Cisco Nexus 3600 and 9500-R Series Switching Platforms Layer 2 Loop Denial of Service Vulnerability | 2026-02-25T16:00:00+00:00 | 2026-02-25T16:00:00+00:00 |
| cisco-sa-nxos-dsnmp-cnn39uh | Cisco Nexus 9000 Series Fabric Switches in ACI Mode SNMP Denial of Service Vulnerability | 2026-02-25T16:00:00+00:00 | 2026-02-25T16:00:00+00:00 |
| cisco-sa-nxos-cpdos-qlsv6pfd | Cisco Nexus 9000 Series Fabric Switches in ACI Mode Denial of Service Vulnerability | 2026-02-25T16:00:00+00:00 | 2026-02-25T16:00:00+00:00 |
| cisco-sa-n3kn9k_aci_lldp_dos-ndgrrra3 | Cisco NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability | 2026-02-25T16:00:00+00:00 | 2026-02-25T16:00:00+00:00 |
| cisco-sa-apic-dos-rnus8efw | Cisco Application Policy Infrastructure Controller Denial of Service Vulnerability | 2026-02-25T16:00:00+00:00 | 2026-02-25T16:00:00+00:00 |
| cisco-sa-wsa-archive-bypass-scx2e8zf | Cisco Secure Web Appliance Real-Time Scanning Archive File Bypass Vulnerability | 2026-02-04T16:00:00+00:00 | 2026-02-20T21:08:47+00:00 |
| cisco-sa-voice-rce-morhqy4b | Cisco Unified Communications Products Remote Code Execution Vulnerability | 2026-01-21T16:00:00+00:00 | 2026-02-13T15:21:01+00:00 |
| cisco-sa-snort3-mime-vulns-ttl8pgvh | Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities | 2025-10-15T16:00:00+00:00 | 2026-02-12T18:38:13+00:00 |
| cisco-sa-tce-roomos-dos-9v9jrc2q | Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability | 2026-02-04T16:00:00+00:00 | 2026-02-12T17:37:39+00:00 |
| cisco-sa-snort3-dcerpc-vulns-j9hnf4th | Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities | 2026-01-07T16:00:00+00:00 | 2026-02-10T20:42:07+00:00 |
| cisco-sa-pi-xss-byevkcd | Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability | 2026-02-04T16:00:00+00:00 | 2026-02-04T16:00:00+00:00 |
| cisco-sa-epnm-pi-redirect-6sx82dn | Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Open Redirect Vulnerability | 2026-02-04T16:00:00+00:00 | 2026-02-04T16:00:00+00:00 |
| cisco-sa-cmm-file-up-ky47n8kk | Cisco Meeting Management Arbitrary File Upload Vulnerability | 2026-02-04T16:00:00+00:00 | 2026-02-04T16:00:00+00:00 |
| cisco-sa-ucce-pcce-xss-2jvyg3ud | Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities | 2026-01-21T16:00:00+00:00 | 2026-01-21T16:00:00+00:00 |
| cisco-sa-intersight-privesc-p6tbm6jk | Cisco Intersight Virtual Appliance Privilege Escalation Vulnerability | 2026-01-21T16:00:00+00:00 | 2026-01-21T16:00:00+00:00 |
| cisco-sa-iec6400-pem5uq7v | Cisco IEC6400 Wireless Backhaul Edge Compute Software SSH Denial of Service Vulnerability | 2026-01-21T16:00:00+00:00 | 2026-01-21T16:00:00+00:00 |
| cisco-sa-sma-attack-n9bf4 | Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager | 2025-12-17T16:00:00+00:00 | 2026-01-15T16:01:43+00:00 |
| cisco-sa-ise-xss-9tdh2kx | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability | 2026-01-15T16:00:00+00:00 | 2026-01-15T16:00:00+00:00 |
| cisco-sa-ise-xss-964cdxw5 | Cisco Identity Services Engine Cross-Site Scripting Vulnerability | 2026-01-15T16:00:00+00:00 | 2026-01-15T16:00:00+00:00 |
| cisco-sa-epnm-pi-stored-xss-gekx8ywk | Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability | 2026-01-15T16:00:00+00:00 | 2026-01-15T16:00:00+00:00 |
| cisco-sa-ise-xxe-jwsbsdkt | Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability | 2026-01-07T16:00:00+00:00 | 2026-01-07T16:00:00+00:00 |
| cisco-sa-react-flight-tyw32ddb | Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025 | 2025-12-04T16:00:00+00:00 | 2025-12-17T22:37:17+00:00 |
| cisco-sa-ise-multiple-vulns-o9beswjh | Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-12-04T14:23:54+00:00 |
| cisco-sa-cc-mult-vuln-gk4tfxsn | Multiple Cisco Contact Center Products Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-18T14:49:09+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| sca-2026-0005 | Vulnerabilities affecting SICK LMS1000 and SICK MRS1000 | 2026-02-27T14:00:00.000Z | 2026-02-27T14:00:00.000Z |
| sca-2026-0004 | Eclipse Cyclone DDS Vulnerabilities have no impact on SICK picoScan150 & SICK picoScan120 products | 2026-02-13T14:00:00.000Z | 2026-02-13T14:00:00.000Z |
| sca-2026-0003 | Vulnerability affecting SICK nanoScan3 and microScan3 | 2026-01-26T14:00:00.000Z | 2026-01-26T14:00:00.000Z |
| sca-2026-0002 | Vulnerabilities affecting SICK Incoming Goods Suite | 2026-01-15T14:00:00.000Z | 2026-01-22T19:00:00.000Z |
| sca-2026-0001 | Vulnerabilities affecting SICK TDC-X401GL | 2026-01-15T14:00:00.000Z | 2026-01-15T14:00:00.000Z |
| sca-2025-0013 | Vulnerabilities affecting SICK TLOC100-100 | 2025-10-27T14:00:00.000Z | 2025-11-11T14:00:00.000Z |
| sca-2025-0014 | CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC | 2025-11-03T11:00:00.000Z | 2025-11-03T14:00:00.000Z |
| sca-2025-0012 | Sudo vulnerability affects SICK SID products | 2025-10-27T11:00:00.000Z | 2025-10-27T14:00:00.000Z |
| sca-2025-0011 | Vulnerabilities affecting Endress+Hauser SSG-E210GC | 2025-10-02T13:00:00.000Z | 2025-10-02T13:00:00.000Z |
| sca-2025-0010 | Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products | 2025-10-02T13:00:00.000Z | 2025-10-02T13:00:00.000Z |
| sca-2025-0009 | Vulnerabilities affecting SICK TDC-E210GC | 2025-08-01T13:00:00.000Z | 2025-08-01T13:00:00.000Z |
| sca-2025-0008 | Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 | 2025-07-03T13:00:00.000Z | 2025-07-03T13:00:00.000Z |
| sca-2025-0007 | Multiple vulnerabilities in SICK Field Analytics and SICK Media Server | 2025-06-12T13:00:00.000Z | 2025-06-12T13:00:00.000Z |
| sca-2025-0003 | FreeRTOS Vulnerabilities have no impact on SICK Products | 2025-02-28T00:00:00.000Z | 2025-05-20T11:00:00.000Z |
| sca-2025-0006 | Vulnerability affecting picoScan and multiScan | 2025-04-28T13:00:00.000Z | 2025-04-28T13:00:00.000Z |
| sca-2025-0005 | Vulnerabilities in SICK Flexi Compact | 2025-04-28T10:00:00.000Z | 2025-04-28T10:00:00.000Z |
| sca-2025-0004 | Critical vulnerabilities in SICK DL100-2xxxxxxx | 2025-03-14T11:00:00.000Z | 2025-03-14T11:00:00.000Z |
| sca-2025-0001 | Multiple vulnerabilities in SICK MEAC300 | 2025-02-14T14:00:00.000Z | 2025-02-21T14:00:00.000Z |
| sca-2025-0002 | Vulnerability in SICK Lector8xx and SICK InspectorP8xx | 2025-02-14T10:19:00.000Z | 2025-02-14T10:19:00.000Z |
| sca-2024-0007 | Vulnerability in SICK OLM | 2024-12-31T00:00:00.000Z | 2024-12-31T00:00:00.000Z |
| sca-2024-0006 | Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx | 2024-12-06T00:00:00.000Z | 2024-12-06T00:00:00.000Z |
| sca-2024-0005 | Vulnerability in SICK Incoming Goods Suite | 2024-11-19T00:00:00.000Z | 2024-11-19T00:00:00.000Z |
| sca-2024-0004 | Third party vulnerabilities in SICK CDE-100 | 2024-11-07T12:00:00.000Z | 2024-11-07T12:00:00.000Z |
| sca-2024-0003 | Critical vulnerability in multiple SICK products | 2024-10-17T13:00:00.000Z | 2024-10-17T13:00:00.000Z |
| sca-2024-0002 | Vulnerability in SICK MSC800 | 2024-09-11T23:00:00.000Z | 2024-09-11T23:00:00.000Z |
| sca-2024-0001 | Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics | 2024-01-29T00:00:00.000Z | 2024-01-29T00:00:00.000Z |
| sca-2023-0011 | Vulnerability in multiple SICK Flexi Soft Gateways | 2023-10-23T11:00:00.000Z | 2023-10-23T11:00:00.000Z |
| sca-2023-0010 | Vulnerabilities in SICK Application Processing Unit | 2023-10-09T11:00:00.000Z | 2023-10-09T11:00:00.000Z |
| sca-2023-0008 | Vulnerability in SICK SIM1012 | 2023-09-29T13:00:00.000Z | 2023-09-29T13:00:00.000Z |
| sca-2023-0009 | Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products | 2023-09-29T10:00:00.000Z | 2023-09-29T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| nn-2025:15-01 | Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:14-01 | HTML injection in Asset List in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:13-01 | Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:12-01 | HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:11-01 | Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 | 2025-11-25T11:00:00.000Z | 2025-11-26T11:00:00.000Z |
| nn-2025:9-01 | Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:8-01 | Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:7-01 | Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:6-01 | Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:5-01 | Incorrect authorization for CLI in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:4-01 | Client-side path traversal in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:10-01 | Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:3-01 | Incorrect authorization for traces request/download in CMC before 25.1.0 | 2025-08-26T11:00:00.000Z | 2025-08-26T11:00:00.000Z |
| nn-2025:2-01 | Privilege escalation in Guardian/CMC before 24.6.0 | 2025-06-10T11:00:00.000Z | 2025-06-10T11:00:00.000Z |
| nn-2025:1-01 | Authenticated RCE in update functionality in Guardian/CMC before 24.6.0 | 2025-06-10T11:00:00.000Z | 2025-06-10T11:00:00.000Z |
| nn-2024:2-01 | Incorrect authorization for Reports configuration in Guardian/CMC before 24.2.0 | 2024-09-11T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2024:1-01 | DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:9-01 | Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:8-01 | Session Fixation in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:7-01 | DoS via SAML configuration in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:6-01 | Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:4-01 | Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:3-01 | Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:2-01 | Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:17-01 | Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:15-01 | Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0 | 2024-05-15T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:12-01 | Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 | 2024-01-15T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:11-01 | SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:10-01 | DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2022:2-02 | Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| oxdc-adv-2025-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 | 2025-10-31T00:00:00+00:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0003 | OX App Suite Security Advisory OXAS-ADV-2025-0003 | 2025-09-24T00:00:00+02:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0002 | OX App Suite Security Advisory OXAS-ADV-2025-0002 | 2025-08-12T00:00:00+02:00 | 2025-10-31T00:00:00+00:00 |
| oxas-adv-2025-0001 | OX App Suite Security Advisory OXAS-ADV-2025-0001 | 2025-01-27T00:00:00+01:00 | 2025-04-07T00:00:00+00:00 |
| oxdc-adv-2024-0003 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| oxdc-adv-2024-0002 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| oxas-adv-2024-0005 | OX App Suite Security Advisory OXAS-ADV-2024-0005 | 2024-07-08T00:00:00+02:00 | 2024-09-09T00:00:00+00:00 |
| oxdc-adv-2024-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001 | 2024-09-02T00:00:00+02:00 | 2024-09-06T00:00:00+00:00 |
| oxas-adv-2024-0004 | OX App Suite Security Advisory OXAS-ADV-2024-0004 | 2024-06-13T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| oxas-adv-2024-0003 | OX App Suite Security Advisory OXAS-ADV-2024-0003 | 2024-04-24T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| oxas-adv-2024-0002 | OX App Suite Security Advisory OXAS-ADV-2024-0002 | 2024-03-06T00:00:00+01:00 | 2024-05-06T00:00:00+00:00 |
| oxas-adv-2024-0001 | OX App Suite Security Advisory OXAS-ADV-2024-0001 | 2024-02-08T00:00:00+01:00 | 2024-04-25T00:00:00+00:00 |
| oxas-adv-2023-0007 | OX App Suite Security Advisory OXAS-ADV-2023-0007 | 2023-12-11T00:00:00+01:00 | 2024-02-16T00:00:00+00:00 |
| oxas-adv-2023-0006 | OX App Suite Security Advisory OXAS-ADV-2023-0006 | 2023-09-25T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0005 | OX App Suite Security Advisory OXAS-ADV-2023-0005 | 2023-09-19T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0004 | OX App Suite Security Advisory OXAS-ADV-2023-0004 | 2023-08-01T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0003 | OX App Suite Security Advisory OXAS-ADV-2023-0003 | 2023-05-02T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0002 | OX App Suite Security Advisory OXAS-ADV-2023-0002 | 2023-03-20T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0001 | OX App Suite Security Advisory OXAS-ADV-2023-0001 | 2023-02-06T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2022-0002 | OX App Suite Security Advisory OXAS-ADV-2022-0002 | 2022-11-02T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2022-0001 | OX App Suite Security Advisory OXAS-ADV-2022-0001 | 2022-08-10T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2026-21523 | GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability | 2026-02-10T08:00:00.000Z | 2026-02-27T08:00:00.000Z |
| msrc_cve-2026-21518 | GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability | 2026-02-10T08:00:00.000Z | 2026-02-27T08:00:00.000Z |
| msrc_cve-2026-21620 | TFTP Path Traversal | 2026-02-02T00:00:00.000Z | 2026-02-27T01:36:54.000Z |
| msrc_cve-2026-27571 | nats-server websockets are vulnerable to pre-auth memory DoS | 2026-02-02T00:00:00.000Z | 2026-02-27T01:01:45.000Z |
| msrc_cve-2025-69873 | ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., "^(a|a)*$") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation. | 2026-02-02T00:00:00.000Z | 2026-02-27T01:01:37.000Z |
| msrc_cve-2026-27969 | Vitess users with backup storage access can write to arbitrary file paths on restore | 2026-02-02T00:00:00.000Z | 2026-02-27T01:01:29.000Z |
| msrc_cve-2026-27965 | Vitess users with backup storage access can gain unauthorized access to production deployment environments | 2026-02-02T00:00:00.000Z | 2026-02-27T01:01:23.000Z |
| msrc_cve-2026-21863 | Malformed Valkey Cluster bus message can lead to Remote DoS | 2026-02-02T00:00:00.000Z | 2026-02-26T14:36:37.000Z |
| msrc_cve-2025-67733 | Valkey Affected by RESP Protocol Injection via Lua error_reply | 2026-02-02T00:00:00.000Z | 2026-02-26T14:36:30.000Z |
| msrc_cve-2025-61144 | libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. | 2026-02-02T00:00:00.000Z | 2026-02-26T14:36:23.000Z |
| msrc_cve-2025-61143 | libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c. | 2026-02-02T00:00:00.000Z | 2026-02-26T14:36:13.000Z |
| msrc_cve-2026-27211 | Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse | 2026-02-02T00:00:00.000Z | 2026-02-26T14:36:00.000Z |
| msrc_cve-2025-65637 | A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. | 2025-12-02T00:00:00.000Z | 2026-02-26T14:35:34.000Z |
| msrc_cve-2026-23225 | sched/mmcid: Don't assume CID is CPU owned on mode switch | 2026-02-02T00:00:00.000Z | 2026-02-26T01:37:47.000Z |
| msrc_cve-2026-23224 | erofs: fix UAF issue for file-backed mounts w/ directio option | 2026-02-02T00:00:00.000Z | 2026-02-26T01:37:41.000Z |
| msrc_cve-2026-23223 | xfs: fix UAF in xchk_btree_check_block_owner | 2026-02-02T00:00:00.000Z | 2026-02-26T01:37:34.000Z |
| msrc_cve-2025-71230 | hfs: ensure sb->s_fs_info is always cleaned up | 2026-02-02T00:00:00.000Z | 2026-02-26T01:37:27.000Z |
| msrc_cve-2026-23229 | crypto: virtio - Add spinlock protection with virtqueue notification | 2026-02-02T00:00:00.000Z | 2026-02-26T01:37:21.000Z |
| msrc_cve-2025-11563 | wcurl path traversal with percent-encoded slashes | 2026-02-02T00:00:00.000Z | 2026-02-26T01:02:25.000Z |
| msrc_cve-2025-62878 | Local Path Provisioner vulnerable to Path Traversal via parameters.pathPattern | 2026-02-02T00:00:00.000Z | 2026-02-26T01:02:12.000Z |
| msrc_cve-2025-61145 | libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c. | 2026-02-02T00:00:00.000Z | 2026-02-26T01:01:48.000Z |
| msrc_cve-2021-20233 | A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2026-02-26T01:01:23.000Z |
| msrc_cve-2021-20225 | A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2026-02-26T01:01:16.000Z |
| msrc_cve-2026-26960 | node-tar has Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in Extraction | 2026-02-02T00:00:00.000Z | 2026-02-25T01:38:11.000Z |
| msrc_cve-2025-68973 | In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.) | 2025-12-02T00:00:00.000Z | 2026-02-25T01:36:51.000Z |
| msrc_cve-2026-2739 | This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod(), and other methods to enter an infinite loop, hanging the process indefinitely. | 2026-02-02T00:00:00.000Z | 2026-02-25T01:03:52.000Z |
| msrc_cve-2025-38656 | wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() | 2025-08-02T00:00:00.000Z | 2026-02-25T01:03:29.000Z |
| msrc_cve-2023-53543 | vdpa: Add max vqp attr to vdpa_nl_policy for nlattr length check | 2025-10-02T00:00:00.000Z | 2026-02-25T01:03:25.000Z |
| msrc_cve-2026-27199 | Werkzeug safe_join() allows Windows special device names | 2026-02-02T00:00:00.000Z | 2026-02-25T01:03:19.000Z |
| msrc_cve-2025-38553 | net/sched: Restrict conditions for adding duplicating netems to qdisc tree | 2025-08-02T00:00:00.000Z | 2026-02-24T14:46:20.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| 3adr011525 | ABB Automation Builder Gateway for Windows with insecure defaults | 2026-02-24T00:30:00.000Z | 2026-02-24T00:30:00.000Z |
| 3adr011524 | AC500 V3 Multiple vulnerabilities | 2026-02-24T00:30:00.000Z | 2026-02-24T00:30:00.000Z |
| sa25p007 | B&R Automation Studio Update of SQLite version | 2026-02-18T00:30:00.000Z | 2026-02-18T00:30:00.000Z |
| sa26p001 | PVI Insertion of Sensitive Information into Logfile | 2026-01-29T00:30:00.000Z | 2026-01-29T00:30:00.000Z |
| sa24p003 | B&R PCs vulnerable to PixieFail attack | 2026-01-29T00:30:00.000Z | 2026-01-29T00:30:00.000Z |
| 7paa013309 | System 800xA SECURITY Advisory - ABB 800xA Base 6.0.x, 6.1.x CSLib communication DoS vulnerability | 2024-06-05T00:30:00.000Z | 2026-01-23T00:30:00.000Z |
| sa25p005 | B&R Automation Runtime Improper Handling of Flooding conditions on ANSL Server | 2026-01-19T00:30:00.000Z | 2026-01-19T00:30:00.000Z |
| sa25p004 | Automation Studio Insufficient Server Certificate Validation | 2026-01-19T00:30:00.000Z | 2026-01-19T00:30:00.000Z |
| 9akk108472a1331 | ABB Ability™ OPTIMAX® Authentication Bypass in Single-Sign On with Azure Active Directory | 2026-01-16T00:30:00.000Z | 2026-01-16T00:30:00.000Z |
| 2crt000009 | WebPro SNMP Card PowerValue Multiple Vulnerabilities | 2026-01-07T00:30:00.000Z | 2026-01-07T00:30:00.000Z |
| 9akk108471a8107 | Terra AC wallbox Heap Memory Corruption Vulnerability | 2025-09-16T00:30:00.000Z | 2025-11-28T08:00:00.000Z |
| 4hzm000603 | ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC) | 2025-11-27T00:30:00.000Z | 2025-11-28T00:30:00.000Z |
| 7paa022088 | Edgenius Management Portal Authentication Bypass | 2025-11-20T00:30:00.000Z | 2025-11-20T00:30:00.000Z |
| 2nga002813 | PCM600 SharpZip library vulnerability | 2025-11-03T00:30:00.000Z | 2025-11-03T00:30:00.000Z |
| 4tz00000006007 | ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations | 2025-10-20T00:30:00.000Z | 2025-10-23T00:30:00.000Z |
| 9akk108471a8948 | Terra AC wallbox Heap Memory Corruption Vulnerability | 2025-10-20T00:30:00.000Z | 2025-10-21T00:30:00.000Z |
| 3kxg200000r4801 | CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability | 2025-04-16T00:30:00.000Z | 2025-10-20T00:30:00.000Z |
| sa25p003 | B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM) | 2025-10-07T00:30:00.000Z | 2025-10-14T00:30:00.000Z |
| 4tz00000006008 | LVS MConfig Insecure memory handling | 2025-10-08T00:30:00.000Z | 2025-10-08T00:30:00.000Z |
| sa25p002 | B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) | 2025-10-07T00:30:00.000Z | 2025-10-07T00:30:00.000Z |
| 9akk108471a7808 | EIBPORT Reflected XSS | 2025-10-07T00:30:00.000Z | 2025-10-07T00:30:00.000Z |
| 9akk108471a7121 | FLXeon Controllers Multiple vulnerabilities | 2025-09-09T00:30:00.000Z | 2025-09-18T00:30:00.000Z |
| 9akk108471a4462 | ELSB/BLBA ASPECT advisory several CVEs | 2025-08-11T00:30:00.000Z | 2025-09-04T00:30:00.000Z |
| 9akk108471a3623 | RMC - 100 Vulnerabilities in web UI (REST Interface) | 2025-07-03T00:30:00.000Z | 2025-08-18T00:30:00.000Z |
| 2nga002743 | ABB AbilityTM zenon Remote Transport Vulnerability | 2025-08-12T00:30:00.000Z | 2025-08-12T00:30:00.000Z |
| 3adr011407 | ABB Automation Builder Vulnerabilities in user management and access control | 2025-04-30T00:00:00.000Z | 2025-07-25T00:00:00.000Z |
| 3adr011432 | AC500 V2 Buffer overread on Modbus protocol | 2025-07-23T00:30:00.000Z | 2025-07-23T00:30:00.000Z |
| 9akk108471a4556 | Busch-Welcome® 2 wire Door opener actuator by default in compatibility mode. | 2025-07-21T00:30:00.000Z | 2025-07-21T00:30:00.000Z |
| 2crt000008 | Lite Panel Pro Vulnerability in Session Management | 2025-06-26T00:30:00.000Z | 2025-06-26T00:30:00.000Z |
| 9akk108470a8948 | ELSB/Home Solutions Outdated SW Components in ABB Welcome IP-Gateway. | 2025-05-29T00:30:00.000Z | 2025-06-05T00:30:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201507-0645 | D-Link is an internationally renowned provider of network equipment and solutions, includ… | 2025-12-23T00:12:08.164000Z |
| var-201011-0225 | Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent … | 2025-12-23T00:11:40.995000Z |
| var-201109-0089 | Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used… | 2025-12-23T00:10:18.602000Z |
| var-201112-0173 | The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, … | 2025-12-23T00:05:56.162000Z |
| var-201103-0371 | SAP Crystal Reports Server is a complete reporting solution for creating, managing, and d… | 2025-12-23T00:04:00.173000Z |
| var-201807-0341 | ABB Panel Builder 800 all versions has an improper input validation vulnerability which m… | 2025-12-23T00:03:51.024000Z |
| var-200702-0378 | Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 … | 2025-12-23T00:03:37.932000Z |
| var-201805-1147 | WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffe… | 2025-12-23T00:01:35.037000Z |
| var-200607-0396 | Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) b… | 2025-12-23T00:00:47.326000Z |
| var-201208-0222 | Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow r… | 2025-12-23T00:00:27.061000Z |
| var-202001-0832 | A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistic… | 2025-12-23T00:00:23.174000Z |
| var-202001-0833 | A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe mo… | 2025-12-23T00:00:23.098000Z |
| var-201702-0423 | An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoft… | 2025-12-22T23:59:50.708000Z |
| var-201109-0081 | Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in S… | 2025-12-22T23:57:06.902000Z |
| var-201112-0097 | Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 a… | 2025-12-22T23:57:03.107000Z |
| var-201904-0181 | Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow… | 2025-12-22T23:55:40.719000Z |
| var-202407-0233 | Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data … | 2025-12-22T23:55:32.693000Z |
| var-200202-0006 | Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause… | 2025-12-22T23:55:29.383000Z |
| var-201407-0233 | Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote atta… | 2025-12-22T23:54:37.672000Z |
| var-201806-1058 | Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices befo… | 2025-12-22T23:54:32.706000Z |
| var-201810-0396 | Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabili… | 2025-12-22T23:54:32.435000Z |
| var-201402-0026 | Buffer overflow in the process_ra function in the router advertisement daemon (radvd) bef… | 2025-12-22T23:52:50.537000Z |
| var-201402-0028 | The process_rs function in the router advertisement daemon (radvd) before 1.8.2, when Uni… | 2025-12-22T23:52:50.479000Z |
| var-201402-0027 | The process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows re… | 2025-12-22T23:52:50.408000Z |
| var-201803-1810 | A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial … | 2025-12-22T23:52:40.263000Z |
| var-201906-1029 | In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulne… | 2025-12-22T23:52:37.978000Z |
| var-201908-0863 | Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE… | 2025-12-22T23:52:37.116000Z |
| var-202005-0008 | Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buf… | 2025-12-22T23:52:36.251000Z |
| var-200512-0643 | Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to exe… | 2025-12-22T23:51:40.221000Z |
| var-200512-0297 | Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbit… | 2025-12-22T23:51:40.129000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2026-000031 | Improper file access permission settings in the installers for multiple Soliton Systems products | 2026-02-27T15:41+09:00 | 2026-02-27T15:41+09:00 |
| jvndb-2026-000030 | IM-LogicDesigner module of intra-mart Accel Platform vulnerable to untrusted data deserialization | 2026-02-27T15:41+09:00 | 2026-02-27T15:41+09:00 |
| jvndb-2026-000029 | Multiple vulnerabilities in the installer of FinalCode Client | 2026-02-26T14:24+09:00 | 2026-02-26T14:24+09:00 |
| jvndb-2026-004811 | Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager | 2026-02-26T11:02+09:00 | 2026-02-26T11:02+09:00 |
| jvndb-2026-004810 | Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager | 2026-02-26T11:02+09:00 | 2026-02-26T11:02+09:00 |
| jvndb-2026-000026 | Lanscope Endpoint Manager (On-Premises) vulnerable to path traversal | 2026-02-25T15:14+09:00 | 2026-02-25T15:14+09:00 |
| jvndb-2026-004359 | Security information for Hitachi Disk Array Systems | 2026-02-20T18:35+09:00 | 2026-02-20T18:35+09:00 |
| jvndb-2026-000027 | WordPress Plugin "Survey Maker" vulnerable to cross-site scripting | 2026-02-20T12:32+09:00 | 2026-02-20T12:32+09:00 |
| jvndb-2026-000028 | Installer for Job log aggregation/analysis software RICOH Job Log Aggregation Tool may insecurely load Dynamic Link Libraries | 2026-02-20T12:31+09:00 | 2026-02-20T12:31+09:00 |
| jvndb-2026-003912 | Vulnerability in Cosminexus HTTP Server and Hitachi Web Server | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003911 | Vulnerability in Cosminexus HTTP Server | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003910 | Multiple Vulnerabilities in Cosminexus HTTP Server | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003909 | Multiple Vulnerabilities in Hitachi Command Suite products | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003908 | Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003907 | Multiple Vulnerabilities in JP1 | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003906 | Multiple Vulnerabilities in Cosminexus | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003905 | Multiple Vulnerabilities in Cosminexus HTTP Server and Hitachi Web Server | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-000025 | Joomla! CMS vulnerable to cross-site scripting | 2026-02-17T12:46+09:00 | 2026-02-17T12:46+09:00 |
| jvndb-2026-000023 | FileZen vulnerable to OS command injection | 2026-02-13T16:51+09:00 | 2026-02-13T17:08+09:00 |
| jvndb-2026-000024 | Installer of M-Audio M-Track Duo HD may insecurely load Dynamic Link Libraries | 2026-02-12T13:32+09:00 | 2026-02-12T13:32+09:00 |
| jvndb-2026-000022 | Oki Electric Industry products and OEM products register Windows services with unquoted file paths | 2026-02-09T15:21+09:00 | 2026-02-09T15:21+09:00 |
| jvndb-2026-000021 | web2py vulnerable to open redirect | 2026-02-05T15:01+09:00 | 2026-02-05T15:01+09:00 |
| jvndb-2026-000017 | Improper file access permission settings in Mitsubishi Small-Capacity UPS Shutdown Software FREQSHIP-mini for Windows | 2026-02-03T14:57+09:00 | 2026-02-05T14:41+09:00 |
| jvndb-2026-000020 | Multiple vulnerabilities in Movable Type | 2026-02-04T16:15+09:00 | 2026-02-04T16:15+09:00 |
| jvndb-2026-000016 | Installer for Roland Cloud Manager may insecurely load Dynamic Link Libraries | 2026-02-03T14:57+09:00 | 2026-02-04T12:39+09:00 |
| jvndb-2024-002831 | ELECOM wireless LAN routers vulnerable to OS command injection | 2024-02-22T08:15+09:00 | 2026-02-04T12:02+09:00 |
| jvndb-2025-000041 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2025-06-24T14:50+09:00 | 2026-02-03T15:35+09:00 |
| jvndb-2024-000078 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2024-07-30T15:34+09:00 | 2026-02-03T15:35+09:00 |
| jvndb-2026-000019 | Multiple vulnerabilities in ELECOM wireless LAN products | 2026-02-03T14:57+09:00 | 2026-02-03T14:57+09:00 |
| jvndb-2026-000015 | Sonatype Nexus Repository vulnerable to server-side request forgery | 2026-02-02T15:18+09:00 | 2026-02-02T15:18+09:00 |
| ID | Description | Updated |
|---|---|---|
| ts-2026-001 | TS-2026-001 | 2026-01-15T00:00 |
| ts-2025-008 | TS-2025-008 | 2025-11-19T00:00 |
| ts-2025-007 | TS-2025-007 | 2025-11-07T00:00 |
| ts-2025-006 | TS-2025-006 | 2025-10-28T00:00 |
| ts-2025-005 | TS-2025-005 | 2025-08-07T00:00 |
| ts-2025-004 | TS-2025-004 | 2025-05-27T00:00 |
| ts-2025-003 | TS-2025-003 | 2025-05-21T00:00 |
| ts-2025-002 | TS-2025-002 | 2025-05-15T00:00 |
| ts-2025-001 | TS-2025-001 | 2025-03-07T00:00 |
| ts-2024-013 | TS-2024-013 | 2024-12-04T00:00 |
| ts-2024-012 | TS-2024-012 | 2024-10-02T00:00 |
| ts-2024-011 | TS-2024-011 | 2024-07-22T00:00 |
| ts-2024-010 | TS-2024-010 | 2024-07-19T00:00 |
| ts-2024-009 | TS-2024-009 | 2024-06-27T00:00 |
| ts-2024-008 | TS-2024-008 | 2024-06-14T00:00 |
| ts-2024-007 | TS-2024-007 | 2024-06-12T00:00 |
| ts-2024-006 | TS-2024-006 | 2024-05-22T00:00 |
| ts-2024-005 | TS-2024-005 | 2024-05-08T00:00 |
| ts-2024-004 | TS-2024-004 | 2024-05-06T00:00 |
| ts-2024-003 | TS-2024-003 | 2024-04-23T00:00 |
| ts-2024-002 | TS-2024-002 | 2024-01-30T00:00 |
| ts-2024-001 | TS-2024-001 | 2024-01-08T00:00 |
| ts-2023-009 | TS-2023-009 | 2023-12-22T00:00 |
| ts-2023-008 | TS-2023-008 | 2023-11-01T00:00 |
| ts-2023-007 | TS-2023-007 | 2023-10-26T00:00 |
| ts-2023-006 | TS-2023-006 | 2023-08-22T00:00 |
| ts-2023-005 | TS-2023-005 | 2023-04-28T00:00 |
| ts-2023-004 | TS-2023-004 | 2023-04-04T00:00 |
| ts-2023-003 | TS-2023-003 | 2023-03-22T00:00 |
| ts-2023-002 | TS-2023-002 | 2023-01-24T00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2026:0670-1 | Security update for ucode-intel | 2026-02-26T15:21:41Z | 2026-02-26T15:21:41Z |
| suse-su-2026:0669-1 | Security update for ucode-intel | 2026-02-26T15:21:31Z | 2026-02-26T15:21:31Z |
| suse-su-2026:0668-1 | Security update for ucode-intel | 2026-02-26T15:21:13Z | 2026-02-26T15:21:13Z |
| suse-su-2026:0667-1 | Security update for redis7 | 2026-02-26T15:19:55Z | 2026-02-26T15:19:55Z |
| suse-su-2026:0666-1 | Security update for docker | 2026-02-26T15:17:25Z | 2026-02-26T15:17:25Z |
| suse-su-2026:0665-1 | Security update for frr | 2026-02-26T15:16:24Z | 2026-02-26T15:16:24Z |
| suse-su-2026:0664-1 | Security update for python3 | 2026-02-26T15:15:20Z | 2026-02-26T15:15:20Z |
| suse-su-2026:0663-1 | Security update for python | 2026-02-26T15:13:11Z | 2026-02-26T15:13:11Z |
| suse-su-2026:0662-1 | Security update for qemu | 2026-02-26T15:12:26Z | 2026-02-26T15:12:26Z |
| suse-su-2026:0661-1 | Security update for erlang | 2026-02-26T15:10:09Z | 2026-02-26T15:10:09Z |
| suse-su-2026:0659-1 | Security update for docker-stable | 2026-02-26T15:08:37Z | 2026-02-26T15:08:37Z |
| suse-su-2026:0658-1 | Security update for libsoup | 2026-02-26T15:07:42Z | 2026-02-26T15:07:42Z |
| suse-su-2026:0657-1 | Security update for libsoup2 | 2026-02-26T15:07:11Z | 2026-02-26T15:07:11Z |
| suse-su-2026:0656-1 | Security update for freerdp | 2026-02-26T15:06:36Z | 2026-02-26T15:06:36Z |
| suse-su-2026:0642-1 | Security update for python313 | 2026-02-26T11:53:34Z | 2026-02-26T11:53:34Z |
| suse-su-2026:0650-1 | Security update for redis | 2026-02-25T16:33:31Z | 2026-02-25T16:33:31Z |
| suse-su-2026:0649-1 | Security update for freerdp | 2026-02-25T16:31:37Z | 2026-02-25T16:31:37Z |
| suse-su-2026:0648-1 | Security update for libjxl | 2026-02-25T16:30:57Z | 2026-02-25T16:30:57Z |
| suse-su-2026:0647-1 | Security update for expat | 2026-02-25T16:30:09Z | 2026-02-25T16:30:09Z |
| suse-su-2026:0646-1 | Security update for expat | 2026-02-25T16:29:24Z | 2026-02-25T16:29:24Z |
| suse-su-2026:0645-1 | Security update for python3 | 2026-02-25T16:29:02Z | 2026-02-25T16:29:02Z |
| suse-su-2026:0644-1 | Security update for python312 | 2026-02-25T16:28:23Z | 2026-02-25T16:28:23Z |
| suse-su-2026:0643-1 | Security update for python39 | 2026-02-25T16:27:51Z | 2026-02-25T16:27:51Z |
| suse-su-2026:0641-1 | Security update for docker-stable | 2026-02-25T16:25:10Z | 2026-02-25T16:25:10Z |
| suse-su-2026:0619-1 | Security update for openvswitch | 2026-02-24T15:36:20Z | 2026-02-24T15:36:20Z |
| suse-su-2026:0618-1 | Security update for protobuf | 2026-02-24T15:35:39Z | 2026-02-24T15:35:39Z |
| suse-su-2026:0617-1 | Security update for the Linux Kernel | 2026-02-24T15:19:04Z | 2026-02-24T15:19:04Z |
| suse-su-2026:0616-1 | Security update for postgresql14 | 2026-02-24T15:16:11Z | 2026-02-24T15:16:11Z |
| suse-su-2026:0615-1 | Security update for postgresql15 | 2026-02-24T15:15:59Z | 2026-02-24T15:15:59Z |
| suse-su-2026:0614-1 | Security update for postgresql16 | 2026-02-24T15:15:47Z | 2026-02-24T15:15:47Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2026:10256-1 | regclient-0.11.2-1.1 on GA media | 2026-02-25T00:00:00Z | 2026-02-25T00:00:00Z |
| opensuse-su-2026:10255-1 | docker-stable-24.0.9_ce-17.1 on GA media | 2026-02-25T00:00:00Z | 2026-02-25T00:00:00Z |
| opensuse-su-2026:10254-1 | cockpit-tukit-0.1.7~git0.61e54f1-3.1 on GA media | 2026-02-25T00:00:00Z | 2026-02-25T00:00:00Z |
| opensuse-su-2026:10253-1 | cockpit-subscriptions-14.4-4.1 on GA media | 2026-02-25T00:00:00Z | 2026-02-25T00:00:00Z |
| opensuse-su-2026:10252-1 | cockpit-repos-4.7-4.1 on GA media | 2026-02-25T00:00:00Z | 2026-02-25T00:00:00Z |
| opensuse-su-2026:10251-1 | cockpit-packages-4.1-4.1 on GA media | 2026-02-25T00:00:00Z | 2026-02-25T00:00:00Z |
| opensuse-su-2026:10250-1 | cockpit-machines-348-1.1 on GA media | 2026-02-25T00:00:00Z | 2026-02-25T00:00:00Z |
| opensuse-su-2026:10249-1 | cmctl-2.4.1-1.1 on GA media | 2026-02-25T00:00:00Z | 2026-02-25T00:00:00Z |
| opensuse-su-2026:10248-1 | MozillaThunderbird-140.8.0-1.1 on GA media | 2026-02-25T00:00:00Z | 2026-02-25T00:00:00Z |
| opensuse-su-2026:10240-1 | weblate-5.16-1.1 on GA media | 2026-02-23T00:00:00Z | 2026-02-23T00:00:00Z |
| opensuse-su-2026:10239-1 | warewulf4-4.6.5-2.1 on GA media | 2026-02-23T00:00:00Z | 2026-02-23T00:00:00Z |
| opensuse-su-2026:10238-1 | python311-PyPDF2-2.11.1-4.1 on GA media | 2026-02-23T00:00:00Z | 2026-02-23T00:00:00Z |
| opensuse-su-2026:10237-1 | libopenssl-3-devel-3.5.3-2.1 on GA media | 2026-02-23T00:00:00Z | 2026-02-23T00:00:00Z |
| opensuse-su-2026:10236-1 | heroic-games-launcher-2.20.0-1.1 on GA media | 2026-02-23T00:00:00Z | 2026-02-23T00:00:00Z |
| opensuse-su-2026:10235-1 | cosign-3.0.5-1.1 on GA media | 2026-02-23T00:00:00Z | 2026-02-23T00:00:00Z |
| opensuse-su-2026:10233-1 | kyverno-1.17.1-1.1 on GA media | 2026-02-20T00:00:00Z | 2026-02-20T00:00:00Z |
| opensuse-su-2026:10232-1 | cosign-3.0.4-2.1 on GA media | 2026-02-20T00:00:00Z | 2026-02-20T00:00:00Z |
| opensuse-su-2026:10231-1 | busybox-1.37.0-9.1 on GA media | 2026-02-20T00:00:00Z | 2026-02-20T00:00:00Z |
| opensuse-su-2026:10224-1 | rclone-1.73.1-1.1 on GA media | 2026-02-18T00:00:00Z | 2026-02-18T00:00:00Z |
| opensuse-su-2026:10223-1 | python313-3.13.12-1.1 on GA media | 2026-02-18T00:00:00Z | 2026-02-18T00:00:00Z |
| opensuse-su-2026:10222-1 | python312-3.12.12-5.1 on GA media | 2026-02-18T00:00:00Z | 2026-02-18T00:00:00Z |
| opensuse-su-2026:10221-1 | python311-3.11.14-4.1 on GA media | 2026-02-18T00:00:00Z | 2026-02-18T00:00:00Z |
| opensuse-su-2026:10220-1 | istioctl-1.28.4-1.1 on GA media | 2026-02-18T00:00:00Z | 2026-02-18T00:00:00Z |
| opensuse-su-2026:10219-1 | dnsdist-2.0.2-1.1 on GA media | 2026-02-18T00:00:00Z | 2026-02-18T00:00:00Z |
| opensuse-su-2026:10218-1 | MozillaThunderbird-140.7.2-1.1 on GA media | 2026-02-18T00:00:00Z | 2026-02-18T00:00:00Z |
| opensuse-su-2026:10210-1 | python311-pip-26.0.1-1.1 on GA media | 2026-02-16T00:00:00Z | 2026-02-16T00:00:00Z |
| opensuse-su-2026:10209-1 | libsoup-2_4-1-2.74.3-16.1 on GA media | 2026-02-16T00:00:00Z | 2026-02-16T00:00:00Z |
| opensuse-su-2026:10208-1 | libsoup-3_0-0-3.6.5-13.1 on GA media | 2026-02-16T00:00:00Z | 2026-02-16T00:00:00Z |
| opensuse-su-2026:10207-1 | frr-10.2.1-4.1 on GA media | 2026-02-16T00:00:00Z | 2026-02-16T00:00:00Z |
| opensuse-su-2026:10200-1 | python310-3.10.19-4.1 on GA media | 2026-02-13T00:00:00Z | 2026-02-13T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| sevd-2026-041-02 | Multiple Vulnerabilities on EcoStruxure™ Building Operation Workstation and EcoStruxure™ Building Operation Webstation | 2026-02-10T08:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2026-041-01 | Improper Check for Unusual or Exceptional Conditions on Multiple Products | 2026-02-10T08:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2025-343-01 | EcoStruxure™ Foxboro DCS | 2025-12-09T08:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2025-189-03 | EcoStruxure™ Power Operation | 2025-07-08T04:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2025-042-02 | Improper Input Validation Vulnerability in Uni-Telway Driver | 2025-02-11T05:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2026-013-04 | Multiple Vulnerabilities on EcoStruxure Power Build Rapsody | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2026-013-03 | Multiple Vulnerabilities on Zigbee Products | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2026-013-02 | Incorrect Default Permissions Vulnerability on EcoStruxure™ Process Expert | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2026-013-01 | Multiple Third-Party Vulnerabilities on ProLeiT Plant iT/Brewmaxx | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2025-014-06 | RemoteConnect and SCADAPack™ x70 Utilities | 2025-01-14T00:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2024-317-03 | Modicon Controllers M340 / Momentum / MC80 | 2024-11-12T05:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2025-343-02 | EcoStruxure™ Foxboro DCS Advisor | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| sevd-2025-252-01 | Multiple Altivar Process Drives and Communication Modules | 2025-09-09T04:00:00.000Z | 2025-12-09T08:00:00.000Z |
| sevd-2023-192-04 | CODESYS Runtime Vulnerabilities | 2023-07-11T07:15:18.000Z | 2025-12-09T08:00:00.000Z |
| sevd-2021-159-04 | ISaGRAF Vulnerabilities in IEC 61131-3 Programming and Engineering Tools | 2021-06-08T04:36:25.000Z | 2025-11-15T00:00:00.000Z |
| sevd-2022-284-03 | ISaGRAF Workbench for SAGE RTU | 2022-10-10T22:13:16.000Z | 2025-11-14T06:30:00.000Z |
| sevd-2025-315-02 | EcoStruxure™ Machine SCADA Expert & Pro-face BLUE Open Studio | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| sevd-2025-315-01 | PowerChute™ Serial Shutdown | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| sevd-2025-224-02 | EcoStruxure™ Power Monitoring Expert Software & EcoStruxure™ Power Operation (EPO) and EcoStruxure™ Power SCADA Operation (PSO) | 2025-08-12T04:00:00.000Z | 2025-11-11T08:00:00.000Z |
| sevd-2025-224-01 | Saitel DR & Saitel DP Remote Terminal Unit | 2025-08-12T04:00:00.000Z | 2025-11-11T08:00:00.000Z |
| sevd-2025-014-07 | FlexNet Publisher Vulnerability | 2025-01-14T07:00:00.000Z | 2025-11-11T08:00:00.000Z |
| sevd-2025-287-01 | EcoStruxure™ OPC UA Server Expert and EcoStruxure™ Modicon Communication Server | 2025-10-14T07:00:00.000Z | 2025-10-14T07:00:00.000Z |
| sevd-2025-133-01 | Modicon Controllers M241/M251/M258/LMC058 | 2025-05-13T04:00:00.000Z | 2025-10-14T07:00:00.000Z |
| sevd-2024-345-03 | Modicon M241 / M251 / M258 / LMC058 | 2024-12-10T05:00:00.000Z | 2025-10-14T07:00:00.000Z |
| sevd-2024-191-04 | Modicon Controllers M241/ M251, M258 / LMC058 and M262 | 2024-07-09T00:00:00.000Z | 2025-10-14T07:00:00.000Z |
| sevd-2025-133-05 | Galaxy VS, Galaxy VL, Galaxy VXL | 2025-05-13T04:00:00.000Z | 2025-09-24T04:00:00.000Z |
| sevd-2025-252-02 | Saitel DR & Saitel DP Remote Terminal Unit | 2025-09-09T04:00:00.000Z | 2025-09-09T04:00:00.000Z |
| sevd-2025-224-04 | EcoStruxure™ Building Operation Enterprise Server, EcoStruxure™ Building Operation Enterprise Central, and EcoStruxure™ Workstation | 2025-08-12T04:00:00.000Z | 2025-09-09T04:00:00.000Z |
| sevd-2025-224-03 | Schneider Electric Software Update | 2025-08-12T04:00:00.000Z | 2025-09-09T04:00:00.000Z |
| sevd-2025-014-02 | Pro-face GP-Pro EX and Remote HMI | 2025-01-14T00:00:00.000Z | 2025-09-09T04:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-pytorch-2025-2149 | PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization | 2026-02-26T15:23:05.500Z | 2026-02-26T15:46:51.306Z |
| bit-pytorch-2025-2148 | PyTorch Tuple torch.ops.profiler._call_end_callbacks_on_jit_fut memory corruption | 2026-02-26T15:23:02.496Z | 2026-02-26T15:46:51.306Z |
| bit-neo4j-2026-1337 | Insufficient escaping of unicode characters in query log | 2026-02-26T15:16:17.899Z | 2026-02-26T15:46:51.306Z |
| bit-valkey-2026-27623 | Valkey has Pre-Authentication DOS from malformed RESP request | 2026-02-26T08:53:22.415Z | 2026-02-26T09:13:58.886Z |
| bit-valkey-2026-21863 | Malformed Valkey Cluster bus message can lead to Remote DoS | 2026-02-26T08:53:20.799Z | 2026-02-26T09:13:58.886Z |
| bit-valkey-2025-67733 | Valkey Affected by RESP Protocol Injection via Lua error_reply | 2026-02-26T08:53:18.978Z | 2026-02-26T09:13:58.886Z |
| bit-superset-2026-23983 | Apache Superset: Sensitive Data Exposure via REST API (disabled by default) | 2026-02-26T08:54:03.107Z | 2026-02-26T09:13:58.886Z |
| bit-superset-2026-23982 | Apache Superset: Improper Authorization in Dataset Creation Allows Access Control Bypass | 2026-02-26T08:54:01.397Z | 2026-02-26T09:13:58.886Z |
| bit-superset-2026-23980 | Apache Superset: Improper Neutralization of Special Elements used in a SQL Command | 2026-02-26T08:53:59.760Z | 2026-02-26T09:13:58.886Z |
| bit-mongodb-2026-25613 | An unsafe cast in the MongoDB query planner can result in a segmentation fault. | 2026-02-26T08:47:48.322Z | 2026-02-26T09:13:58.886Z |
| bit-mongodb-2026-25610 | Invalid $geoNear index hint may cause server crash | 2026-02-26T08:47:46.620Z | 2026-02-26T09:13:58.886Z |
| bit-mongodb-2026-25609 | profile command may permit unauthorized configuration | 2026-02-26T08:47:44.983Z | 2026-02-26T09:13:58.886Z |
| bit-mongodb-2026-1850 | An authorized user may disable the MongoDB server by issuing a certain type of complex query due to boolean expression simplification | 2026-02-26T08:47:43.390Z | 2026-02-26T09:13:58.886Z |
| bit-mongodb-2026-1849 | Mongod can run out of stack memory when expressions create deeply nested documents | 2026-02-26T08:47:41.788Z | 2026-02-26T09:13:58.886Z |
| bit-mongodb-2026-1848 | Connections received from the proxy port may not count towards total accepted connections | 2026-02-26T08:47:40.094Z | 2026-02-26T09:13:58.886Z |
| bit-mongodb-2026-1847 | MongoDB Server may crash when inserting large documents | 2026-02-26T08:47:38.190Z | 2026-02-26T09:13:58.886Z |
| bit-bpftool-2025-29481 | 2025-04-16T07:06:29.453Z | 2026-02-26T09:13:58.886Z | |
| bit-appsmith-2026-24042 | Appsmith public apps can execute unpublished actions (viewMode confusion) | 2026-01-29T08:36:35.250Z | 2026-02-26T09:13:58.886Z |
| bit-apache-2021-41773 | Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 | 2024-03-06T10:54:39.310Z | 2026-02-26T09:13:58.886Z |
| bit-airflow-2025-68675 | Apache Airflow: proxy credentials for various providers might leak in task logs | 2026-01-21T08:39:24.383Z | 2026-02-26T09:13:58.886Z |
| bit-airflow-2025-27555 | Apache Airflow: Connection Secrets not masked in UI when Connection are added via Airflow cli | 2026-02-26T08:39:17.851Z | 2026-02-26T09:13:58.886Z |
| bit-airflow-2024-56373 | Apache Airflow: SSTI to Code Execution in Airflow through Shared DB Information | 2026-02-26T08:39:15.266Z | 2026-02-26T09:13:58.886Z |
| bit-apache-2022-28614 | read beyond bounds via ap_rwrite() | 2024-03-06T10:52:51.677Z | 2026-02-25T15:48:08.458Z |
| bit-tensorflow-2021-37691 | Division by zero in LSH in TensorFlow Lite | 2024-03-06T11:16:41.709Z | 2026-02-24T21:09:55.900Z |
| bit-superset-2021-37839 | Improper access to dataset metadata information | 2025-02-05T07:29:47.009Z | 2026-02-24T21:09:55.900Z |
| bit-grafana-2021-39226 | Snapshot authentication bypass in grafana | 2024-03-06T10:59:36.715Z | 2026-02-24T21:09:55.900Z |
| bit-superset-2021-28125 | Apache Superset Open Redirect | 2025-02-05T07:29:54.416Z | 2026-02-24T18:11:25.008Z |
| bit-tomcat-2026-24733 | Apache Tomcat: Security constraint bypass with HTTP/0.9 | 2026-02-20T09:52:58.708Z | 2026-02-24T09:11:39.593Z |
| bit-tomcat-2025-66614 | Apache Tomcat: Client certificate verification bypass due to virtual host mapping | 2026-02-20T09:52:57.300Z | 2026-02-24T09:11:39.593Z |
| bit-python-2026-0865 | wsgiref.headers.Headers allows header newline injection | 2026-01-26T14:50:04.789Z | 2026-02-24T09:11:39.593Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-vu62737 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-02-26T00:41:56.473097Z | 2026-02-25T07:34:17Z |
| cleanstart-2026-zs11519 | Security fixes for GHSA-vc5p-v9hr-52mj applied in versions: 4.1.1-r0 | 2026-02-25T00:49:13.663387Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-xk29348 | Security fixes for GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 8.4.0-r0 | 2026-02-25T00:39:11.477214Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-wk32717 | During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ... | 2026-02-25T00:52:13.178542Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-uk11127 | During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ... | 2026-02-25T00:52:43.391940Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-rd09851 | net/url package does not set a limit on the number of query parameters in a query | 2026-02-25T00:53:44.039015Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-pm90259 | Cancelling a query (e | 2026-02-25T00:50:43.010672Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-oo47906 | Security fixes for GHSA-vc5p-v9hr-52mj applied in versions: 4.1.1-r0 | 2026-02-25T00:49:14.177631Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-ds30740 | go-git is a highly extensible git implementation library written in pure Go | 2026-02-25T00:46:12.495329Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-dn18334 | During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ... | 2026-02-25T00:39:41.622120Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-dc27717 | OpenVPN version 2 | 2026-02-25T00:39:42.192253Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-yq79300 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate | 2026-02-24T00:45:20.890998Z | 2026-02-23T12:58:32Z |
| cleanstart-2026-sp64433 | Security fixes for GHSA-6rw7-vpxm-498p, GHSA-73rr-hh4g-fpgx, GHSA-8qq5-rm4j-mr97 applied in versions: 4.2.1.1-r1 | 2026-02-24T00:44:51.180009Z | 2026-02-23T12:58:32Z |
| cleanstart-2026-lm41397 | node-tar is a full-featured Tar for Node | 2026-02-24T00:40:50.950958Z | 2026-02-23T12:58:32Z |
| cleanstart-2026-yn08405 | Security fixes for GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 7.1.1-r7 | 2026-02-19T00:39:05.944714Z | 2026-02-18T09:40:19Z |
| cleanstart-2026-oj16660 | Security fixes for GHSA-2gh3-rmm4-6rq5, GHSA-434x-w66g-qw3r, GHSA-r6v5-fh4h-64xc, GHSA-xwfj-jgwm-7wp5 applied in versions: 1.28.2-r0, 1.28.4-r0 | 2026-02-19T00:39:07.225007Z | 2026-02-18T09:40:19Z |
| cleanstart-2026-nn87556 | Security fixes for GHSA-2gh3-rmm4-6rq5, GHSA-434x-w66g-qw3r, GHSA-r6v5-fh4h-64xc, GHSA-xwfj-jgwm-7wp5 applied in versions: 1.28.2-r0, 1.29.0-r0 | 2026-02-19T00:39:07.788394Z | 2026-02-18T09:40:19Z |
| cleanstart-2026-ln12820 | vulnerability has been identified in Node | 2026-02-19T00:58:49.154512Z | 2026-02-18T09:40:19Z |
| cleanstart-2026-kn34553 | vulnerability has been identified in Node | 2026-02-19T00:58:48.926519Z | 2026-02-18T09:40:19Z |
| cleanstart-2026-kn30288 | Security fixes for GHSA-2gh3-rmm4-6rq5, GHSA-434x-w66g-qw3r, GHSA-r6v5-fh4h-64xc, GHSA-rhfx-m35p-ff5j, GHSA-xwfj-jgwm-7wp5 applied in versions: 1.27.5-r1, 1.27.6-r0 | 2026-02-19T00:39:07.163109Z | 2026-02-18T09:40:19Z |
| cleanstart-2026-zt77083 | When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers | 2026-02-18T00:40:43.959662Z | 2026-02-17T14:16:07Z |
| cleanstart-2026-rs39538 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-02-18T00:37:41.553514Z | 2026-02-17T14:16:07Z |
| cleanstart-2026-lr19699 | Within HostnameError | 2026-02-18T00:37:41.636616Z | 2026-02-17T14:16:07Z |
| cleanstart-2026-dt95939 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-02-18T00:37:41.674179Z | 2026-02-17T14:16:07Z |
| cleanstart-2026-at88149 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-02-18T00:37:41.548996Z | 2026-02-17T14:16:07Z |
| cleanstart-2026-xv54160 | Within HostnameError | 2026-02-17T00:41:15.330012Z | 2026-02-16T09:23:22Z |
| cleanstart-2026-vg57433 | Within HostnameError | 2026-02-17T00:39:45.599344Z | 2026-02-16T09:23:22Z |
| cleanstart-2026-uh39784 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-02-17T00:40:45.017480Z | 2026-02-16T09:23:22Z |
| cleanstart-2026-jr03360 | Within HostnameError | 2026-02-17T00:39:45.300172Z | 2026-02-16T09:23:22Z |
| cleanstart-2026-gg58376 | Within HostnameError | 2026-02-17T00:41:15.939977Z | 2026-02-16T09:23:22Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2026-019 | 2026-02-25T18:51:43.000Z | 2026-02-25T18:51:43.000Z | |
| drupal-contrib-2026-018 | 2026-02-25T18:51:26.000Z | 2026-02-25T18:51:26.000Z | |
| drupal-contrib-2026-017 | 2026-02-25T18:51:01.000Z | 2026-02-25T18:51:01.000Z | |
| drupal-contrib-2026-016 | 2026-02-25T18:49:59.000Z | 2026-02-25T18:49:59.000Z | |
| drupal-contrib-2026-015 | 2026-02-25T18:47:57.000Z | 2026-02-25T18:47:57.000Z | |
| drupal-contrib-2026-014 | 2026-02-25T18:46:10.000Z | 2026-02-25T18:46:10.000Z | |
| drupal-contrib-2026-013 | 2026-02-25T18:45:13.000Z | 2026-02-25T18:45:13.000Z | |
| drupal-contrib-2026-012 | 2026-02-25T18:44:38.000Z | 2026-02-25T18:44:38.000Z | |
| drupal-contrib-2026-011 | 2026-02-25T18:43:32.000Z | 2026-02-25T18:43:32.000Z | |
| drupal-contrib-2026-010 | 2026-02-11T16:54:18.000Z | 2026-02-25T17:17:46.000Z | |
| drupal-contrib-2026-009 | 2026-02-11T16:53:32.000Z | 2026-02-12T15:37:20.000Z | |
| drupal-contrib-2026-008 | 2026-02-04T17:23:40.000Z | 2026-02-04T17:23:40.000Z | |
| drupal-contrib-2026-007 | 2026-01-28T17:29:32.000Z | 2026-01-28T17:29:32.000Z | |
| drupal-contrib-2026-006 | 2026-01-28T17:28:31.000Z | 2026-01-28T17:28:31.000Z | |
| drupal-contrib-2026-005 | 2026-01-14T17:57:31.000Z | 2026-01-14T18:33:02.000Z | |
| drupal-contrib-2026-004 | 2026-01-14T17:56:28.000Z | 2026-01-14T17:56:28.000Z | |
| drupal-contrib-2026-003 | 2026-01-14T17:55:41.000Z | 2026-01-14T17:55:41.000Z | |
| drupal-contrib-2026-002 | 2026-01-14T17:54:33.000Z | 2026-01-14T17:54:33.000Z | |
| drupal-contrib-2026-001 | 2026-01-14T17:53:33.000Z | 2026-01-14T17:53:33.000Z | |
| drupal-contrib-2025-126 | 2025-12-17T17:47:13.000Z | 2025-12-17T17:47:13.000Z | |
| drupal-contrib-2025-125 | 2025-12-10T17:53:01.000Z | 2025-12-10T19:09:57.000Z | |
| drupal-contrib-2025-119 | 2025-12-03T18:48:23.000Z | 2025-12-03T19:05:53.000Z | |
| drupal-contrib-2025-124 | 2025-12-03T18:49:57.000Z | 2025-12-03T18:49:57.000Z | |
| drupal-contrib-2025-123 | 2025-12-03T18:49:40.000Z | 2025-12-03T18:49:40.000Z | |
| drupal-contrib-2025-122 | 2025-12-03T18:49:18.000Z | 2025-12-03T18:49:18.000Z | |
| drupal-contrib-2025-121 | 2025-12-03T18:48:57.000Z | 2025-12-03T18:48:57.000Z | |
| drupal-contrib-2025-120 | 2025-12-03T18:48:37.000Z | 2025-12-03T18:48:37.000Z | |
| drupal-contrib-2025-118 | 2025-12-03T18:48:10.000Z | 2025-12-03T18:48:10.000Z | |
| drupal-contrib-2025-117 | 2025-12-03T18:47:37.000Z | 2025-12-03T18:47:37.000Z | |
| drupal-contrib-2025-088 | 2025-07-09T16:37:40.000Z | 2025-11-22T09:22:47.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-10895 | WordPress插件Pixel Manager for WooCommerce信息泄露漏洞 | 2025-11-20 | 2026-02-14 |
| cnvd-2026-10894 | WordPress插件Quiz Maker信息泄露漏洞 | 2025-11-21 | 2026-02-14 |
| cnvd-2026-10893 | WordPress插件WP FullCalendar信息泄露漏洞 | 2026-01-30 | 2026-02-14 |
| cnvd-2026-10892 | WordPress插件WP Directory Kit信息泄露漏洞 | 2026-01-30 | 2026-02-14 |
| cnvd-2026-10891 | WordPress插件CubeWP – All-in-One Dynamic Content Framework信息泄露漏洞 | 2026-01-30 | 2026-02-14 |
| cnvd-2026-10890 | WordPress插件Contact Form 7 GetResponse Extension信息泄露漏洞 | 2026-01-30 | 2026-02-14 |
| cnvd-2026-10889 | WordPress插件Cargus信息泄露漏洞 | 2026-01-30 | 2026-02-14 |
| cnvd-2026-10888 | WordPress插件Booking Ultra Pro信息泄露漏洞 | 2026-01-30 | 2026-02-14 |
| cnvd-2026-10887 | MailEnable存在未明漏洞(CNVD-2026-10887) | 2025-12-18 | 2026-02-14 |
| cnvd-2026-10885 | FRRouting拒绝服务漏洞(CNVD-2026-10885) | 2025-10-31 | 2026-02-14 |
| cnvd-2026-06351 | 用友网络科技股份有限公司U8+渠道管理(高级版)存在SQL注入漏洞(CNVD-C-2025-1245200) | 2025-12-31 | 2026-02-14 |
| cnvd-2026-10886 | MailEnable存在未明漏洞 | 2025-12-18 | 2026-02-13 |
| cnvd-2026-10884 | FRRouting拒绝服务漏洞(CNVD-2026-10884) | 2025-10-31 | 2026-02-13 |
| cnvd-2026-10883 | FRRouting拒绝服务漏洞(CNVD-2026-10883) | 2025-10-31 | 2026-02-13 |
| cnvd-2026-10882 | FRRouting拒绝服务漏洞 | 2025-10-31 | 2026-02-13 |
| cnvd-2026-10881 | mall-swarm授权问题漏洞(CNVD-2026-10881) | 2025-11-18 | 2026-02-13 |
| cnvd-2026-10880 | mall-swarm存在未明漏洞 | 2025-11-18 | 2026-02-13 |
| cnvd-2026-10879 | mall-swarm授权问题漏洞(CNVD-2026-10879) | 2025-11-18 | 2026-02-13 |
| cnvd-2026-10878 | mall-swarm授权问题漏洞(CNVD-2026-10878) | 2025-11-18 | 2026-02-13 |
| cnvd-2026-10877 | mall-swarm授权问题漏洞(CNVD-2026-10877) | 2025-11-18 | 2026-02-13 |
| cnvd-2026-10876 | mall-swarm授权问题漏洞 | 2025-12-10 | 2026-02-13 |
| cnvd-2026-10875 | Huawei HarmonyOS卡框架模块多线程竞争条件漏洞 | 2026-01-19 | 2026-02-13 |
| cnvd-2026-10874 | Huawei HarmonyOS和EMUI克隆模块中间人攻击漏洞 | 2026-01-19 | 2026-02-13 |
| cnvd-2026-10873 | Huawei HarmonyOS和EMUI媒体库模块权限验证绕过漏洞(CNVD-2026-10873) | 2026-01-19 | 2026-02-13 |
| cnvd-2026-10872 | Huawei HarmonyOS和EMUI媒体库模块权限验证绕过漏洞 | 2026-01-19 | 2026-02-13 |
| cnvd-2026-10871 | WordPress插件metasync存在未明漏洞 | 2026-02-04 | 2026-02-12 |
| cnvd-2026-10870 | WordPress插件Simple User Registration访问控制错误漏洞 | 2026-02-04 | 2026-02-12 |
| cnvd-2026-10859 | Adobe Substance 3D Modeler越界写入漏洞(CNVD-2026-10859) | 2026-01-19 | 2026-02-12 |
| cnvd-2026-10858 | Adobe Substance 3D Modeler越界写入漏洞(CNVD-2026-10858) | 2026-01-19 | 2026-02-12 |
| cnvd-2026-10857 | Rockwell Automation FactoryTalk Linx权限提升漏洞(CNVD-2026-10857) | 2025-10-17 | 2026-02-12 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0227 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-02-27T00:00:00.000000 | 2026-02-27T00:00:00.000000 |
| certfr-2026-avi-0226 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-02-27T00:00:00.000000 | 2026-02-27T00:00:00.000000 |
| certfr-2026-avi-0225 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-02-27T00:00:00.000000 | 2026-02-27T00:00:00.000000 |
| certfr-2026-avi-0224 | Multiples vulnérabilités dans les produits IBM | 2026-02-27T00:00:00.000000 | 2026-02-27T00:00:00.000000 |
| certfr-2026-avi-0223 | Multiples vulnérabilités dans les produits Microsoft | 2026-02-27T00:00:00.000000 | 2026-02-27T00:00:00.000000 |
| certfr-2026-avi-0222 | Multiples vulnérabilités dans Microsoft Edge | 2026-02-27T00:00:00.000000 | 2026-02-27T00:00:00.000000 |
| certfr-2026-avi-0221 | Multiples vulnérabilités dans les produits Centreon | 2026-02-27T00:00:00.000000 | 2026-02-27T00:00:00.000000 |
| certfr-2026-avi-0220 | Multiples vulnérabilités dans les produits Elastic | 2026-02-27T00:00:00.000000 | 2026-02-27T00:00:00.000000 |
| certfr-2026-avi-0219 | Vulnérabilité dans Stormshield Network Security | 2026-02-27T00:00:00.000000 | 2026-02-27T00:00:00.000000 |
| certfr-2026-avi-0218 | Multiples vulnérabilités dans les produits VMware | 2026-02-26T00:00:00.000000 | 2026-02-26T00:00:00.000000 |
| certfr-2026-avi-0217 | Multiples vulnérabilités dans SPIP | 2026-02-26T00:00:00.000000 | 2026-02-26T00:00:00.000000 |
| certfr-2026-avi-0216 | Vulnérabilité dans PostgreSQL | 2026-02-26T00:00:00.000000 | 2026-02-26T00:00:00.000000 |
| certfr-2026-avi-0215 | Multiples vulnérabilités dans les produits Microsoft | 2026-02-26T00:00:00.000000 | 2026-02-26T00:00:00.000000 |
| certfr-2026-avi-0214 | Vulnérabilité dans Juniper Networks Junos OS Evolved | 2026-02-26T00:00:00.000000 | 2026-02-26T00:00:00.000000 |
| certfr-2026-avi-0213 | Multiples vulnérabilités dans les produits Cisco | 2026-02-26T00:00:00.000000 | 2026-02-26T00:00:00.000000 |
| certfr-2026-avi-0212 | Multiples vulnérabilités dans les produits Centreon | 2026-02-26T00:00:00.000000 | 2026-02-26T00:00:00.000000 |
| certfr-2026-avi-0211 | Multiples vulnérabilités dans Wireshark | 2026-02-26T00:00:00.000000 | 2026-02-26T00:00:00.000000 |
| certfr-2026-avi-0210 | Multiples vulnérabilités dans Cisco Catalyst SD-WAN | 2026-02-25T00:00:00.000000 | 2026-02-25T00:00:00.000000 |
| certfr-2026-avi-0209 | Multiples vulnérabilités dans les produits VMware | 2026-02-25T00:00:00.000000 | 2026-02-25T00:00:00.000000 |
| certfr-2026-avi-0208 | Vulnérabilité dans les produits Synology | 2026-02-25T00:00:00.000000 | 2026-02-25T00:00:00.000000 |
| certfr-2026-avi-0207 | Multiples vulnérabilités dans GitLab | 2026-02-25T00:00:00.000000 | 2026-02-25T00:00:00.000000 |
| certfr-2026-avi-0206 | Multiples vulnérabilités dans les produits Trend Micro | 2026-02-25T00:00:00.000000 | 2026-02-25T00:00:00.000000 |
| certfr-2026-avi-0205 | Multiples vulnérabilités dans SolarWinds Serv-U | 2026-02-25T00:00:00.000000 | 2026-02-25T00:00:00.000000 |
| certfr-2026-avi-0204 | Multiples vulnérabilités dans les produits Mozilla | 2026-02-25T00:00:00.000000 | 2026-02-25T00:00:00.000000 |
| certfr-2026-avi-0179 | Multiples vulnérabilités dans SPIP | 2026-02-18T00:00:00.000000 | 2026-02-25T00:00:00.000000 |
| certfr-2026-avi-0155 | Multiples vulnérabilités dans SPIP | 2026-02-12T00:00:00.000000 | 2026-02-25T00:00:00.000000 |
| certfr-2025-avi-0043 | Multiples vulnérabilités dans SPIP | 2025-01-17T00:00:00.000000 | 2026-02-25T00:00:00.000000 |
| certfr-2026-avi-0203 | Vulnérabilité dans Microsoft Azure Linux | 2026-02-24T00:00:00.000000 | 2026-02-24T00:00:00.000000 |
| certfr-2026-avi-0202 | Multiples vulnérabilités dans les produits SonicWall | 2026-02-24T00:00:00.000000 | 2026-02-24T00:00:00.000000 |
| certfr-2026-avi-0201 | Multiples vulnérabilités dans Mattermost Server | 2026-02-24T00:00:00.000000 | 2026-02-24T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-ale-002 | [MàJ] Vulnérabilité dans Cisco Catalyst SD-WAN | 2026-02-25T00:00:00.000000 | 2026-02-26T00:00:00.000000 |
| certfr-2025-ale-014 | [MàJ] Vulnérabilité dans React Server Components | 2025-12-05T00:00:00.000000 | 2026-02-12T00:00:00.000000 |
| certfr-2026-ale-001 | [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile | 2026-01-30T00:00:00.000000 | 2026-02-03T00:00:00.000000 |
| certfr-2025-ale-013 | [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD | 2025-09-25T00:00:00.000000 | 2025-10-06T00:00:00.000000 |
| certfr-2025-ale-012 | Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway | 2025-08-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| certfr-2025-ale-010 | [MàJ] Multiples vulnérabilités dans Microsoft SharePoint | 2025-07-21T00:00:00.000000 | 2025-08-26T00:00:00.000000 |
| certfr-2025-ale-011 | Incidents de sécurité dans les pare-feux SonicWall | 2025-08-05T00:00:00.000000 | 2025-08-18T00:00:00.000000 |
| certfr-2025-ale-009 | Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway | 2025-07-01T00:00:00.000000 | 2025-07-17T00:00:00.000000 |
| certfr-2025-ale-004 | Activités de post-exploitation dans Fortinet FortiGate | 2025-04-11T00:00:00.000000 | 2025-08-07T00:00:00.000000 |
| certfr-2025-ale-008 | [MàJ] Vulnérabilité dans Roundcube | 2025-06-05T00:00:00.000000 | 2025-07-21T00:00:00.000000 |
| certfr-2025-ale-007 | Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) | 2025-05-14T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-006 | Vulnérabilité dans les produits Fortinet | 2025-05-13T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-005 | Vulnérabilité dans SAP NetWeaver | 2025-04-28T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-003 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-04-04T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| certfr-2025-ale-002 | [MàJ] Vulnérabilité dans les produits Fortinet | 2025-05-07T00:00:00.000000 | 2025-01-14T00:00:00.000000 |
| certfr-2025-ale-001 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-01-09T00:00:00.000000 | 2025-04-01T00:00:00.000000 |
| certfr-2024-ale-014 | [MàJ] Multiples vulnérabilités dans Fortinet FortiManager | 2024-10-30T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| certfr-2024-ale-013 | Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) | 2025-03-31T00:00:00.000000 | 2024-10-25T00:00:00.000000 |
| certfr-2024-ale-015 | [MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks | 2024-11-15T00:00:00.000000 | 2024-11-18T00:00:00.000000 |
| certfr-2024-ale-012 | [MàJ] Vulnérabilités affectant OpenPrinting CUPS | 2024-09-27T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| certfr-2024-ale-011 | Vulnérabilité dans SonicWall | 2024-09-10T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| certfr-2024-ale-010 | Multiples vulnérabilités dans Roundcube | 2024-08-09T00:00:00.000000 | 2024-10-07T00:00:00.000000 |
| certfr-2024-ale-009 | Vulnérabilité dans OpenSSH | 2024-07-01T00:00:00.000000 | 2024-07-03T00:00:00.000000 |
| certfr-2024-ale-008 | [MàJ] Vulnérabilité dans les produits Check Point | 2024-05-30T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-007 | Multiples vulnérabilités dans les produits Cisco | 2024-04-25T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-006 | [MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect | 2024-04-12T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-004 | [MàJ] Vulnérabilité dans Fortinet FortiOS | 2024-02-09T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-005 | [MàJ] Vulnérabilité dans Microsoft Outlook | 2024-02-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-ale-003 | [MàJ] Incident affectant les solutions AnyDesk | 2024-02-05T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-ale-001 | [MàJ] Multiples vulnérabilités dans Ivanti Connect Secure et Policy Secure Gateways | 2024-01-11T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| GCVE-1-2026-0015 |
7.2 (4.0)
|
Threat actors use FortiCloud SSO bypass to collect LDA… |
fortinet |
fortios |
2026-02-09T09:09:00.000Z | 2026-02-09T09:14:59.004089Z |
| GCVE-1-2026-0013 |
2.1 (4.0)
|
Flask Application Username Route Collision Allows Rese… |
vulnerability-lookup |
vulnerability-lookup |
2026-02-04T19:27:00.000Z | 2026-02-04T19:32:49.787763Z |
| GCVE-1-2026-0014 |
7.4 (4.0)
|
Missing Authorization Check Allows Unauthorized Modifi… |
vulnerability-lookup |
vulnerability-lookup |
2026-02-04T19:32:14.341383Z | 2026-02-04T19:32:14.341383Z |
| GCVE-1-2026-0012 |
2.1 (4.0)
|
Authentication Error Message Allows Email Address Enum… |
vulnerability-lookup |
vulnerability-lookup |
2026-02-04T19:21:34.411344Z | 2026-02-04T19:21:34.411344Z |
| GCVE-1-2026-0011 |
8.7 (4.0)
|
Out-of-bounds memory write in the network packet … |
EA Games |
Command & Conquer: Generals |
2026-01-29T14:37:00.000Z | 2026-01-29T14:39:17.728822Z |
| GCVE-1-2026-0010 |
9.3 (4.0)
|
Improper input validation in the file transfer ha… |
EA Games |
Command & Conquer: Generals |
2026-01-29T14:33:18.822829Z | 2026-01-29T14:33:18.822829Z |
| GCVE-1-2026-0009 |
9.3 (4.0)
|
Stack-based buffer overflow in the multiplayer ne… |
EA Games |
Command & Conquer: Generals |
2026-01-29T14:30:38.596928Z | 2026-01-29T14:30:38.596928Z |
| GCVE-1-2026-0008 |
10 (4.0)
|
gpg-agent stack buffer overflow in pkdecrypt using KEM |
gnupg |
gpg-agent |
2026-01-28T13:48:12.350509Z | 2026-01-28T13:48:12.350509Z |
| GCVE-1-2026-0007 |
10 (4.0)
|
GNU InetUtils Security Advisory: remote authentication… |
gnu |
InetUtils |
2026-01-20T20:57:00.000Z | 2026-01-26T16:32:40.831364Z |
| GCVE-1-2026-0004 |
8.5 (4.0)
|
Authorization Bypass in Cerebrate IndividualsControlle… |
cerebrate |
cerebrate |
2026-01-13T15:28:00.000Z | 2026-01-13T15:38:37.744618Z |
| GCVE-1-2026-0005 |
8.5 (4.0)
|
Improper Access Control in Cerebrate Alignment Model A… |
cerebrate |
cerebrate |
2026-01-13T15:31:00.000Z | 2026-01-13T15:38:02.888546Z |
| GCVE-1-2026-0006 |
8.5 (4.0)
|
Improper Access Control in Cerebrate AuthKey and Encry… |
cerebrate |
cerebrate |
2026-01-13T15:37:17.337254Z | 2026-01-13T15:37:17.337254Z |
| GCVE-1-2026-0003 |
6.3 (4.0)
|
Stored/Reflected XSS via Unsanitized Parameters in URL… |
misp |
misp |
2026-01-13T10:50:00.000Z | 2026-01-13T10:54:13.659223Z |
| GCVE-1-2026-0002 |
10 (4.0)
|
Heap-buffer-overflow in EXIF writer for extra IFD tags |
ffmpeg |
ffmpeg |
2026-01-02T19:50:00.000Z | 2026-01-02T20:05:27.269877Z |
| GCVE-1-2026-0001 |
N/A
|
Bundle reference to gpg.fail |
gnupg |
gnupg |
2026-01-02T10:20:00.000Z | 2026-01-02T13:31:14.359346Z |
| GCVE-1-2025-0041 |
6.4 (4.0)
|
[online services] Reflected Cross-Site Scripting (XSS)… |
typo3 |
typo3 |
2025-12-19T14:25:00.000Z | 2025-12-19T14:54:51.594645Z |
| GCVE-1-2025-0032 |
10 (4.0)
|
The default configuration of WatchGuard Firebox device… |
watchguard |
firebox |
2025-12-03T16:25:00.000Z | 2025-12-19T13:48:34.570799Z |
| GCVE-1-2025-0031 |
7.1 (4.0)
|
A cross-site scripting (XSS) vulnerability was identif… |
misp |
misp |
2025-12-03T10:58:00.000Z | 2025-12-16T09:36:09.594750Z |
| GCVE-1-2025-0040 |
7.2 (4.0)
|
A cross-site scripting (XSS) vulnerability was id… |
misp |
misp |
2025-12-13T08:44:32.378924Z | 2025-12-13T08:44:32.378924Z |
| GCVE-1-2025-0039 |
8.5 (4.0)
|
XSS Reintroduced in MISP Dashboard World Map Widget Du… |
misp |
misp |
2025-12-10T14:33:52.856734Z | 2025-12-10T14:33:52.856734Z |
| GCVE-1-2025-0038 |
5 (4.0)
|
Reflected XSS in MISP Template Tag Removal and MISP Ad… |
misp |
misp |
2025-12-10T14:10:00.000Z | 2025-12-10T14:16:55.918270Z |
| GCVE-1-2025-0037 |
7 (4.0)
|
Reflected XSS in MISP Dashboard Widgets via Unescaped … |
misp |
misp |
2025-12-10T14:01:03.200804Z | 2025-12-10T14:01:03.200804Z |
| GCVE-1-2025-0036 |
8.3 (4.0)
|
A reflected cross-site scripting (XSS) vulnerability w… |
misp |
misp |
2025-12-10T13:46:07.170083Z | 2025-12-10T13:46:07.170083Z |
| GCVE-1-2025-0035 |
8.3 (4.0)
|
Insufficient sanitization of bundle metadata (availabl… |
CIRCL |
vulnerability-lookup |
2025-12-08T10:25:00.000Z | 2025-12-08T12:14:06.307298Z |
| GCVE-1-2025-0034 |
7 (4.0)
|
Missing CSRF protection on state-changing endpoints in… |
CIRCL |
vulnerability-lookup |
2025-12-08T10:19:00.000Z | 2025-12-08T12:13:24.197294Z |
| GCVE-1-2025-0033 |
8.1 (4.0)
|
Vulnerability-lookup did not track or limit failed One… |
CIRCL |
vulnerability-lookup |
2025-12-08T10:11:00.000Z | 2025-12-08T12:12:53.235996Z |
| GCVE-1-2025-0030 |
6.2 (4.0)
|
A cross-site scripting (XSS) vulnerability in the MISP… |
misp |
misp |
2025-12-03T10:53:00.000Z | 2025-12-03T10:58:55.845341Z |
| GCVE-1-2025-0028 |
8.5 (4.0)
|
Information leakage vulnerability in the MISP Feed con… |
misp |
misp |
2025-11-27T07:23:00.000Z | 2025-12-02T08:51:35.429494Z |
| GCVE-1-2025-0027 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-27T07:17:00.000Z | 2025-12-02T08:51:04.323899Z |
| GCVE-1-2025-0026 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-26T16:35:00.000Z | 2025-12-02T08:50:46.381572Z |