Recent vulnerabilities

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2026-21303	5.5 (3.1)	Substance3D - Modeler \| Out-of-bounds Read (CWE-125)	Adobe	Substance3D - Modeler	2026-01-13T20:20:17.246Z	2026-01-14T18:52:30.126Z
CVE-2022-50807	N/A	This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue.	N/A	N/A	2026-01-13T22:51:40.976Z	2026-01-14T18:51:30.411Z
CVE-2022-50934	N/A	This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue.	N/A	N/A	2026-01-13T22:52:00.967Z	2026-01-14T18:51:13.322Z
CVE-2023-53356	5.5 (3.1)	usb: gadget: u_serial: Add null pointer check in gseri…	Linux	Linux	2025-09-17T14:56:46.113Z	2026-01-14T18:43:04.391Z
CVE-2023-53355	5.5 (3.1)	staging: pi433: fix memory leak with using debugfs_lookup()	Linux	Linux	2025-09-17T14:56:45.400Z	2026-01-14T18:43:04.234Z
CVE-2023-53354	5.5 (3.1)	skbuff: skb_segment, Call zero copy functions before u…	Linux	Linux	2025-09-17T14:56:44.388Z	2026-01-14T18:43:04.063Z
CVE-2023-53353	5.5 (3.1)	accel/habanalabs: postpone mem_mgr IDR destruction to …	Linux	Linux	2025-09-17T14:56:43.543Z	2026-01-14T18:43:03.920Z
CVE-2023-53352	5.5 (3.1)	drm/ttm: check null pointer before accessing when swapping	Linux	Linux	2025-09-17T14:56:42.698Z	2026-01-14T18:43:03.742Z
CVE-2023-53351	5.5 (3.1)	drm/sched: Check scheduler work queue before calling t…	Linux	Linux	2025-09-17T14:56:42.006Z	2026-01-14T18:43:03.575Z
CVE-2023-53350	5.5 (3.1)	accel/qaic: Fix slicing memory leak	Linux	Linux	2025-09-17T14:56:41.212Z	2026-01-14T18:43:03.434Z
CVE-2023-53349	5.5 (3.1)	media: ov2740: Fix memleak in ov2740_init_controls()	Linux	Linux	2025-09-17T14:56:40.510Z	2026-01-14T18:43:03.285Z
CVE-2023-53348	5.5 (3.1)	btrfs: fix deadlock when aborting transaction during r…	Linux	Linux	2025-09-17T14:56:39.800Z	2026-01-14T18:43:03.123Z
CVE-2023-53347	5.5 (3.1)	net/mlx5: Handle pairing of E-switch via uplink un/load APIs	Linux	Linux	2025-09-17T14:56:39.084Z	2026-01-14T18:43:02.972Z
CVE-2023-53346	5.5 (3.1)	kernel/fail_function: fix memory leak with using debug…	Linux	Linux	2025-09-17T14:56:38.400Z	2026-01-14T18:43:02.833Z
CVE-2023-53345	4.7 (3.1)	rxrpc: Fix potential data race in rxrpc_wait_to_be_con…	Linux	Linux	2025-09-17T14:56:37.707Z	2026-01-14T18:43:02.675Z
CVE-2023-53344	5.5 (3.1)	can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vf…	Linux	Linux	2025-09-17T14:56:37.024Z	2026-01-14T18:43:02.515Z
CVE-2023-53343	5.5 (3.1)	icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev…	Linux	Linux	2025-09-17T14:56:36.285Z	2026-01-14T18:43:02.344Z
CVE-2023-53342	5.5 (3.1)	net: marvell: prestera: fix handling IPv4 routes with nhid	Linux	Linux	2025-09-17T14:56:35.574Z	2026-01-14T18:43:02.092Z
CVE-2023-53341	5.5 (3.1)	of/fdt: run soc memory setup when early_init_dt_scan_m…	Linux	Linux	2025-09-17T14:56:34.671Z	2026-01-14T18:43:01.930Z
CVE-2023-53340	7.8 (3.1)	net/mlx5: Collect command failures data only for known…	Linux	Linux	2025-09-17T14:56:33.917Z	2026-01-14T18:43:01.728Z
CVE-2023-53338	7.8 (3.1)	lwt: Fix return values of BPF xmit ops	Linux	Linux	2025-09-17T14:56:32.302Z	2026-01-14T18:43:01.329Z
CVE-2023-53337	5.5 (3.1)	nilfs2: do not write dirty data after degenerating to …	Linux	Linux	2025-09-17T14:56:31.582Z	2026-01-14T18:43:01.138Z
CVE-2023-53336	5.5 (3.1)	media: ipu-bridge: Fix null pointer deref on SSDB/PLD …	Linux	Linux	2025-09-17T14:56:30.752Z	2026-01-14T18:43:00.972Z
CVE-2023-53335	5.5 (3.1)	RDMA/cxgb4: Fix potential null-ptr-deref in pass_establish()	Linux	Linux	2025-09-17T14:56:29.672Z	2026-01-14T18:43:00.832Z
CVE-2022-50374	5.5 (3.1)	Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem…	Linux	Linux	2025-09-17T14:56:28.974Z	2026-01-14T18:43:00.681Z
CVE-2022-50373	4.7 (3.1)	fs: dlm: fix race in lowcomms	Linux	Linux	2025-09-17T14:56:28.282Z	2026-01-14T18:43:00.519Z
CVE-2022-50372	5.5 (3.1)	cifs: Fix memory leak when build ntlmssp negotiate blo…	Linux	Linux	2025-09-17T14:56:27.577Z	2026-01-14T18:43:00.339Z
CVE-2022-50371	5.5 (3.1)	led: qcom-lpg: Fix sleeping in atomic	Linux	Linux	2025-09-17T14:56:26.854Z	2026-01-14T18:42:59.970Z
CVE-2022-50370	5.5 (3.1)	i2c: designware: Fix handling of real but unexpected d…	Linux	Linux	2025-09-17T14:56:26.015Z	2026-01-14T18:42:59.823Z
CVE-2022-50369	5.5 (3.1)	drm/vkms: Fix null-ptr-deref in vkms_release()	Linux	Linux	2025-09-17T14:56:24.889Z	2026-01-14T18:42:59.660Z

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2025-68617	7 (3.1)	Use after free in fluidsynth	FluidSynth	fluidsynth	2025-12-23T22:41:28.861Z	2025-12-24T14:53:35.537Z
CVE-2025-14253	6.9 (4.0) 4.9 (3.1)	Galaxy Software Services｜Vitals ESP - Arbitrary File Read	Galaxy Software Services	Vitals ESP	2025-12-08T07:38:09.479Z	2025-12-08T14:14:28.725Z
CVE-2025-14254	7.1 (4.0) 6.5 (3.1)	Galaxy Software Services｜Vitals ESP - SQL Injection	Galaxy Software Services	Vitals ESP	2025-12-08T07:41:01.379Z	2025-12-08T14:46:02.412Z
CVE-2025-14255	7.1 (4.0) 6.5 (3.1)	Galaxy Software Services｜Vitals ESP - SQL Injection	Galaxy Software Services	Vitals ESP	2025-12-08T07:43:22.584Z	2025-12-08T18:53:24.822Z
CVE-2025-15372	4.8 (4.0) 2.4 (3.1) 2.4 (3.0)	youlaitech vue3-element-admin Notice index.vue cross s…	youlaitech	vue3-element-admin	2025-12-31T02:02:06.787Z	2026-01-02T14:37:49.898Z
CVE-2025-12533	N/A	This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	N/A	N/A		2026-01-14T22:19:29.979Z
CVE-2026-22605	4.3 (3.1)	OpenProject is Vulnerable to Insecure Direct Object Re…	opf	openproject	2026-01-10T01:07:10.412Z	2026-01-12T19:15:27.143Z
CVE-2026-22604	6.9 (4.0)	OpenProject is vulnerable to user enumeration via the …	opf	openproject	2026-01-10T01:07:02.555Z	2026-01-12T19:16:12.780Z
CVE-2026-22603	6.9 (4.0)	OpenProject has no protection against brute-force atta…	opf	openproject	2026-01-10T01:06:28.742Z	2026-01-13T19:59:34.458Z
CVE-2026-22602	3.5 (3.1)	OpenProject is Vulnerable to User Enumeration via User ID	opf	openproject	2026-01-10T01:06:12.921Z	2026-01-13T20:07:25.275Z
CVE-2026-22601	8.6 (4.0)	OpenProject is Vulnerable to Code Execution in E-Mail …	opf	openproject	2026-01-10T01:06:05.430Z	2026-01-12T19:16:44.111Z
CVE-2026-22600	9.1 (3.1)	OpenProject is Vulnerable to Arbitrary File Read via I…	opf	openproject	2026-01-10T01:06:00.502Z	2026-01-13T20:07:53.470Z
CVE-2026-0852	6.9 (4.0) 7.3 (3.1) 7.3 (3.0)	code-projects Online Music Site AdminUpdateUser.php sq…	code-projects	Online Music Site	2026-01-12T00:02:06.128Z	2026-01-12T15:58:49.390Z
CVE-2026-0851	6.9 (4.0) 7.3 (3.1) 7.3 (3.0)	code-projects Online Music Site AdminAddUser.php sql i…	code-projects	Online Music Site	2026-01-11T23:32:07.010Z	2026-01-12T16:37:46.944Z
CVE-2025-62000	7.1 (3.1) 6.9 (4.0)	BullWall Ransomware Containment incomplete file inspection	BullWall	Ransomware Containment	2025-12-18T20:32:02.910Z	2026-01-15T19:50:39.114Z
CVE-2025-55462	6.5 (3.1)	A CORS misconfiguration in Eramba Community and E…	n/a	n/a	2026-01-13T00:00:00.000Z	2026-01-14T21:30:01.077Z
CVE-2025-14242	6.5 (3.1)	Vsftpd: vsftpd: denial of service via integer overflow…	Red Hat	Red Hat Enterprise Linux 10	2026-01-14T15:23:03.708Z	2026-01-14T21:50:37.086Z
CVE-2026-0850	5.1 (4.0) 4.7 (3.1) 4.7 (3.0)	code-projects Intern Membership Management System dele…	code-projects	Intern Membership Management System	2026-01-11T23:02:06.162Z	2026-01-12T16:50:15.555Z
CVE-2025-58149	7.5 (3.1)	Incorrect removal of permissions on PCI device unplug	Xen	Xen	2025-10-31T11:50:39.536Z	2025-11-04T21:13:31.524Z
CVE-2025-58148	7.5 (3.1)	x86: Incorrect input sanitisation in Viridian hypercalls	Xen	Xen	2025-10-31T11:50:28.407Z	2025-11-04T21:13:30.190Z
CVE-2025-58147	7.5 (3.1)	x86: Incorrect input sanitisation in Viridian hypercalls	Xen	Xen	2025-10-31T11:50:28.282Z	2025-11-04T21:13:28.853Z
CVE-2025-60050	8.2 (3.1)	WordPress Panda theme <= 1.21 - Local File Inclusion v…	axiomthemes	Panda	2025-12-18T07:22:01.712Z	2025-12-18T15:04:28.185Z
CVE-2025-60049	8.2 (3.1)	WordPress Soleil theme <= 1.17 - Local File Inclusion …	axiomthemes	Soleil	2025-12-18T07:22:01.475Z	2025-12-18T15:07:08.173Z
CVE-2025-60048	8.1 (3.1)	WordPress Tripster theme <= 1.0.10 - Local File Inclus…	axiomthemes	Tripster	2025-12-18T07:22:01.281Z	2025-12-18T16:47:26.036Z
CVE-2025-60210	9.8 (3.1)	WordPress Everest Forms - Frontend Listing plugin <= 1…	wpeverest	Everest Forms - Frontend Listing	2025-10-22T14:32:43.171Z	2025-11-13T10:33:44.796Z
CVE-2025-57981	6.5 (3.1)	WordPress WP Social Widget Plugin <= 2.3.1 - Cross Sit…	catchsquare	WP Social Widget	2025-09-22T18:24:29.794Z	2025-09-23T14:29:29.031Z
CVE-2024-32444	9.8 (3.1)	WordPress RealHomes theme <= 4.3.6 - Privilege Escalat…	InspiryThemes	RealHomes	2025-09-03T06:55:35.317Z	2025-09-03T19:42:29.922Z
CVE-2025-59922	6.8 (3.1)	An improper neutralization of special elements us…	Fortinet	FortiClientEMS	2026-01-13T16:32:28.715Z	2026-01-14T09:16:14.334Z
CVE-2025-67685	3.4 (3.1)	A Server-Side Request Forgery (SSRF) vulnerabilit…	Fortinet	FortiSandbox	2026-01-13T16:32:29.301Z	2026-01-14T09:19:01.948Z
CVE-2025-64155	9.4 (3.1)	An improper neutralization of special elements us…	Fortinet	FortiSIEM	2026-01-13T16:32:28.665Z	2026-01-14T09:16:05.278Z

ID	Description	Published	Updated
fkie_cve-2025-68617	FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 t…	2025-12-23T23:15:44.757	2026-01-15T02:01:38.707
fkie_cve-2025-14253	Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing…	2025-12-08T08:15:51.883	2026-01-15T01:42:38.810
fkie_cve-2025-14254	Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authen…	2025-12-08T08:15:52.260	2026-01-15T01:42:14.107
fkie_cve-2025-14255	Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authen…	2025-12-08T08:15:52.567	2026-01-15T01:41:52.707
fkie_cve-2025-15372	A weakness has been identified in youlaitech vue3-element-admin up to 3.4.0. This issue affects som…	2025-12-31T03:15:53.820	2026-01-15T01:41:04.930
fkie_cve-2025-12533	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	2026-01-14T23:15:55.210	2026-01-14T23:15:55.210
fkie_cve-2026-22605	OpenProject is an open-source, web-based project management software. OpenProject versions prior to…	2026-01-10T02:15:49.487	2026-01-14T22:27:55.377
fkie_cve-2026-22604	OpenProject is an open-source, web-based project management software. For OpenProject versions from…	2026-01-10T02:15:49.343	2026-01-14T22:27:23.780
fkie_cve-2026-22603	OpenProject is an open-source, web-based project management software. Prior to version 16.6.2, Open…	2026-01-10T02:15:49.200	2026-01-14T22:27:03.023
fkie_cve-2026-22602	OpenProject is an open-source, web-based project management software. Prior to version 16.6.2, a lo…	2026-01-10T02:15:49.057	2026-01-14T22:26:18.717
fkie_cve-2026-22601	OpenProject is an open-source, web-based project management software. For OpenProject version 16.6.…	2026-01-10T02:15:48.913	2026-01-14T22:26:03.920
fkie_cve-2026-22600	OpenProject is an open-source, web-based project management software. A Local File Read (LFR) vulne…	2026-01-10T02:15:48.743	2026-01-14T22:25:56.047
fkie_cve-2026-0852	A security flaw has been discovered in code-projects Online Music Site 1.0. The impacted element is…	2026-01-12T01:15:49.950	2026-01-14T22:19:33.933
fkie_cve-2026-0851	A vulnerability was identified in code-projects Online Music Site 1.0. The affected element is an u…	2026-01-12T00:15:52.763	2026-01-14T22:18:02.417
fkie_cve-2025-62000	BullWall Ransomware Containment may not always detect an encrypted file. This issue affects a speci…	2025-12-18T21:15:53.800	2026-01-14T22:15:50.893
fkie_cve-2025-55462	A CORS misconfiguration in Eramba Community and Enterprise Editions v3.26.0 allows an attacker-cont…	2026-01-13T15:15:58.950	2026-01-14T22:15:50.717
fkie_cve-2025-14242	A flaw was found in vsftpd. This vulnerability allows a denial of service (DoS) via an integer over…	2026-01-14T16:15:55.967	2026-01-14T22:15:49.780
fkie_cve-2026-0850	A vulnerability was determined in code-projects Intern Membership Management System 1.0. Impacted i…	2026-01-11T23:15:46.090	2026-01-14T22:09:35.817
fkie_cve-2025-58149	When passing through PCI devices, the detach logic in libxl won't remove access permissions to any …	2025-10-31T12:15:35.143	2026-01-14T22:04:31.723
fkie_cve-2025-58148	[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilit…	2025-10-31T12:15:35.037	2026-01-14T22:03:32.010
fkie_cve-2025-58147	[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilit…	2025-10-31T12:15:34.590	2026-01-14T22:03:18.957
fkie_cve-2025-60050	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-18T08:16:04.613	2026-01-14T21:48:28.980
fkie_cve-2025-60049	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-18T08:16:04.490	2026-01-14T21:48:11.250
fkie_cve-2025-60048	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-18T08:16:04.357	2026-01-14T21:47:44.213
fkie_cve-2025-60210	Deserialization of Untrusted Data vulnerability in wpeverest Everest Forms - Frontend Listing evere…	2025-10-22T15:15:58.123	2026-01-14T21:46:24.270
fkie_cve-2025-57981	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-09-22T19:15:58.153	2026-01-14T21:42:22.203
fkie_cve-2024-32444	Incorrect Privilege Assignment vulnerability in InspiryThemes RealHomes allows Privilege Escalation…	2025-09-03T07:15:32.100	2026-01-14T21:40:46.957
fkie_cve-2025-59922	An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerabili…	2026-01-13T17:15:58.147	2026-01-14T21:38:33.547
fkie_cve-2025-67685	A Server-Side Request Forgery (SSRF) vulnerability [CWE-918] vulnerability in Fortinet FortiSandbox…	2026-01-13T17:15:58.873	2026-01-14T21:38:01.700
fkie_cve-2025-64155	An improper neutralization of special elements used in an os command ('os command injection') vulne…	2026-01-13T17:15:58.440	2026-01-14T21:37:40.197

ID	Severity	Description	Published	Updated
ghsa-fr4j-65pv-gjjj	6.7 (3.1)	Renovate vulnerable to arbitrary command injection via npm manager and malicious Renovate configuration	2026-01-13T20:28:16Z	2026-01-13T20:28:16Z
ghsa-xv56-3wq5-9997	6.7 (3.1)	Renovate vulnerable to arbitrary command injection via kustomize manager and malicious helm repository	2026-01-13T19:57:06Z	2026-01-13T19:57:06Z
ghsa-pfq2-hh62-7m96	6.7 (3.1)	Renovate vulnerable to arbitrary command injection via Gradle Wrapper and malicious `distributionUrl`	2026-01-13T19:54:29Z	2026-01-13T19:54:29Z
ghsa-3558-j79f-vvm6	7.3 (4.0)	Gin-vue-admin has arbitrary file upload vulnerability caused by path traversal	2026-01-13T19:15:13Z	2026-01-13T19:15:13Z
ghsa-mwr6-3gp8-9jmj	9.3 (4.0)	orval MCP client is vulnerable to a code injection attack.	2026-01-13T19:12:22Z	2026-01-13T19:12:22Z
ghsa-m86r-wr74-693h	3.3 (3.1) 1.9 (4.0)	AcademySoftwareFoundation OpenColorIO has an out-of-bounds vulnerability	2026-01-11T12:30:27Z	2026-01-13T19:06:56Z
ghsa-xf94-h87h-g9wr	3.5 (3.1) 2.0 (4.0)	QuestDB UI's Web Console is Vulnerable to Cross-Site Scripting	2026-01-10T15:31:22Z	2026-01-13T19:03:20Z
ghsa-562r-8445-54r2	7.5 (3.1)	ComfyUI-Manager is Vulnerable to CRLF Injection in Configuration Handler	2026-01-13T19:02:52Z	2026-01-13T19:02:52Z
ghsa-59jp-pj84-45mr	5.8 (3.1)	Fulcio is vulnerable to Server-Side Request Forgery (SSRF) via MetaIssuer Regex Bypass	2026-01-13T18:47:57Z	2026-01-13T18:47:57Z
ghsa-xrwg-mqj6-6m22	8.8 (3.1)	Envoy Extension Policy lua scripts injection causes arbitrary command execution	2026-01-13T18:47:34Z	2026-01-13T18:47:34Z
ghsa-597g-3phw-6986	4.5 (3.1)	virtualenv Has TOCTOU Vulnerabilities in Directory Creation	2026-01-13T18:45:57Z	2026-01-13T18:45:57Z
ghsa-qmgc-5h2g-mvrw	5.3 (3.1)	filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock	2026-01-13T18:44:55Z	2026-01-13T18:44:55Z
ghsa-grg2-63fw-f2qr	6.5 (3.1)	vLLM is vulnerable to DoS in Idefics3 vision models via image payload with ambiguous dimensions	2026-01-13T18:44:15Z	2026-01-13T18:44:15Z
ghsa-mjjp-xjfg-97wg	3.3 (3.1) 1.9 (4.0)	LIEF is vulnerable to segmentation fault	2026-01-10T12:30:16Z	2026-01-13T18:31:53Z
ghsa-xqxc-72vf-v8f5	6.4 (3.1)	Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificat…	2026-01-13T18:31:11Z	2026-01-13T18:31:11Z
ghsa-wvw4-rf55-ww3f	4.6 (3.1)	Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft O…	2026-01-13T18:31:11Z	2026-01-13T18:31:11Z
ghsa-wvh3-vgpw-w4mr	7.0 (3.1)	Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.	2026-01-13T18:31:11Z	2026-01-13T18:31:11Z
ghsa-wv7r-h676-ghph	7.8 (3.1)	Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to…	2026-01-13T18:31:11Z	2026-01-13T18:31:11Z
ghsa-v6cw-63j5-79wf	7.8 (3.1)	Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute …	2026-01-13T18:31:11Z	2026-01-13T18:31:11Z
ghsa-r498-r54r-pxqh	7.5 (3.1)	Improper verification of cryptographic signature in Windows Admin Center allows an authorized attac…	2026-01-13T18:31:11Z	2026-01-13T18:31:11Z
ghsa-mwx8-frg3-85qq	8.4 (3.1)	Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.	2026-01-13T18:31:11Z	2026-01-13T18:31:11Z
ghsa-m985-797h-4f3f	5.4 (3.1)	Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to …	2026-01-13T18:31:11Z	2026-01-13T18:31:11Z
ghsa-jrvw-38hm-3w72	7.8 (3.1)	Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute …	2026-01-13T18:31:11Z	2026-01-13T18:31:11Z
ghsa-f2rm-crh3-7xrr	7.0 (3.1)	Concurrent execution using shared resource with improper synchronization ('race condition') in Capa…	2026-01-13T18:31:11Z	2026-01-13T18:31:11Z
ghsa-9426-g97r-954q	7.8 (3.1)	Stack-based buffer overflow in Azure Connected Machine Agent allows an authorized attacker to eleva…	2026-01-13T18:31:11Z	2026-01-13T18:31:11Z
ghsa-8vvr-98pg-3p3c	7.8 (3.1)	Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.	2026-01-13T18:31:11Z	2026-01-13T18:31:11Z
ghsa-6pv3-4577-4j8m	8.4 (3.1)	Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.	2026-01-13T18:31:11Z	2026-01-13T18:31:11Z
ghsa-6gr2-qwj5-4xcx	4.4 (3.1)	Use of uninitialized resource in Dynamic Root of Trust for Measurement (DRTM) allows an authorized …	2026-01-13T18:31:11Z	2026-01-13T18:31:11Z
ghsa-5vr8-9cf6-r7px	8.8 (3.1)	Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to e…	2026-01-13T18:31:11Z	2026-01-13T18:31:11Z
ghsa-xwx4-9g53-56rj	7.8 (3.1)	Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.	2026-01-13T18:31:10Z	2026-01-13T18:31:10Z

ID	Description	Package	Published	Updated
pysec-2023-52	vantage6 is a privacy preserving federated learning infrastructure for secure insight exc…	vantage6	2023-03-01T17:15:00Z	2023-05-04T03:49:48.490711Z
pysec-2023-51	ubireader_extract_files is vulnerable to path traversal when run against specifically cra…	ubi-reader	2023-01-31T10:15:00Z	2023-05-04T03:49:48.432460Z
pysec-2022-43015	In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary …	torch	2022-11-26T02:15:00Z	2023-05-04T03:49:48.383740Z
pysec-2023-50	Streamlit, software for turning data scripts into web applications, had a cross-site scri…	streamlit	2023-03-16T21:15:00Z	2023-05-04T03:49:48.326940Z
pysec-2023-49	Starlite is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to version 1…	starlite	2023-02-15T15:15:00Z	2023-05-04T03:49:48.263994Z
pysec-2023-48	There MultipartParser usage in Encode's Starlette python framework before versions 0.25.0…	starlette	2023-04-21T16:15:00Z	2023-05-04T03:49:48.202946Z
pysec-2022-43014	A vulnerability, which was classified as problematic, has been found in cocagne pysrp up …	srp	2022-12-27T11:15:00Z	2023-05-04T03:49:48.139972Z
pysec-2023-47	Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute a…	salt	2023-02-17T18:15:00Z	2023-05-04T03:49:48.043803Z
pysec-2022-43010	Improper Access Control in GitHub repository ikus060/rdiffweb prior to 2.5.5.	rdiffweb	2022-12-27T15:15:00Z	2023-05-04T03:49:47.879238Z
pysec-2022-43009	Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffwe…	rdiffweb	2022-12-27T15:15:00Z	2023-05-04T03:49:47.817934Z
pysec-2022-43008	Authentication Bypass by Primary Weakness in GitHub repository ikus060/rdiffweb prior to 2.5.5.	rdiffweb	2022-12-27T15:15:00Z	2023-05-04T03:49:47.756258Z
pysec-2022-43007	Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) i…	rdiffweb	2022-12-27T15:15:00Z	2023-05-04T03:49:47.700028Z
pysec-2022-43006	Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5.	rdiffweb	2022-12-27T15:15:00Z	2023-05-04T03:49:47.643896Z
pysec-2022-43005	Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5.	rdiffweb	2022-12-27T15:15:00Z	2023-05-04T03:49:47.587629Z
pysec-2022-43004	Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.5.4.	rdiffweb	2022-12-22T02:15:00Z	2023-05-04T03:49:47.530589Z
pysec-2022-43003	Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.4.	rdiffweb	2022-12-22T01:15:00Z	2023-05-04T03:49:47.471955Z
pysec-2023-44	In Apache Spark versions prior to 3.4.0, applications using spark-submit can specify a 'p…	pyspark	2023-04-17T08:15:00Z	2023-05-04T03:49:47.415944Z
pysec-2023-43	A vulnerability has been found in NYUCCL psiTurk up to 3.2.0 and classified as critical. …	psiturk	2023-01-28T23:15:00Z	2023-05-04T03:49:47.366068Z
pysec-2023-42	rami.io pretix before 4.17.1 allows OAuth application authorization from a logged-out ses…	pretix	2023-03-06T23:15:00Z	2023-05-04T03:49:47.315146Z
pysec-2023-41	pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature). …	pretalx	2023-04-20T21:15:00Z	2023-05-04T03:49:47.257209Z
pysec-2023-40	pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature). …	pretalx	2023-04-20T21:15:00Z	2023-05-04T03:49:47.207450Z
pysec-2023-39	OpenZeppelin Contracts for Cairo is a library for secure smart contract development writt…	openzeppelin-cairo-contracts	2023-02-03T20:15:00Z	2023-05-04T03:49:47.155676Z
pysec-2023-38	Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the e…	onnx	2023-01-26T21:15:00Z	2023-05-04T03:49:47.105559Z
pysec-2023-37	Nautobot is a Network Source of Truth and Network Automation Platform. All users of Nauto…	nautobot	2023-02-21T21:15:00Z	2023-05-04T03:49:47.044688Z
pysec-2023-36	Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.1.0.	modoboa	2023-04-21T13:15:00Z	2023-05-04T03:49:46.989399Z
pysec-2023-35	Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0.	modoboa	2023-04-21T13:15:00Z	2023-05-04T03:49:46.938934Z
pysec-2023-34	Weak Password Requirements in GitHub repository modoboa/modoboa prior to 2.1.0.	modoboa	2023-04-18T16:15:00Z	2023-05-04T03:49:46.887089Z
pysec-2023-33	Cross-site Scripting (XSS) - Reflected in GitHub repository modoboa/modoboa prior to 2.0.5.	modoboa	2023-02-22T09:15:00Z	2023-05-04T03:49:46.836234Z
pysec-2023-32	Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4.	modoboa	2023-02-10T19:15:00Z	2023-05-04T03:49:46.777940Z
pysec-2023-31	Cross-site Scripting (XSS) - Stored in GitHub repository modoboa/modoboa prior to 2.0.4.	modoboa	2023-01-26T23:15:00Z	2023-05-04T03:49:46.722786Z

ID	Description	Type

ID	Description	Updated
gsd-2024-33265	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.633689Z
gsd-2024-33149	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.633232Z
gsd-2024-33374	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.632805Z
gsd-2024-33242	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.632369Z
gsd-2024-33508	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.631914Z
gsd-2024-33448	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.631490Z
gsd-2024-33283	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.630959Z
gsd-2024-33260	Jerryscript commit cefd391 was discovered to contain a segmentation violation via the com…	2024-04-24T05:02:09.630501Z
gsd-2024-33363	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.630067Z
gsd-2024-33343	D-Link DIR-822+ V1.0.5 was found to contain a command injection in ChgSambaUserSettings f…	2024-04-24T05:02:09.629632Z
gsd-2024-33289	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.629216Z
gsd-2024-33293	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.628768Z
gsd-2024-33434	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.628304Z
gsd-2024-33039	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.627850Z
gsd-2024-33101	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.627436Z
gsd-2024-33332	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.627010Z
gsd-2024-33317	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.626500Z
gsd-2024-33099	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.626066Z
gsd-2024-33071	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.625514Z
gsd-2024-33093	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.625100Z
gsd-2024-33047	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.624631Z
gsd-2024-33458	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.624212Z
gsd-2024-33062	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.623763Z
gsd-2024-33479	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.623322Z
gsd-2024-33370	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.622882Z
gsd-2024-33369	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.622410Z
gsd-2024-33297	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.621980Z
gsd-2024-33331	REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-33891. Reason: This c…	2024-04-24T05:02:09.621553Z
gsd-2024-33070	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.621129Z
gsd-2024-33498	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.620725Z

ID	Description	Published	Updated
mal-2025-192746	Malicious code in excluder-mcp (npm)	2025-12-23T18:19:20Z	2025-12-24T00:53:17Z
mal-2025-192744	Malicious code in huangmingming-demo (npm)	2025-12-23T16:56:23Z	2025-12-24T00:53:17Z
mal-2025-192795	Malicious code in elf-stats-whimsical-satchel-586 (npm)	2025-12-23T08:11:46Z	2025-12-24T00:53:16Z
mal-2025-192794	Malicious code in elf-stats-whimsical-cocoa-613 (npm)	2025-12-23T08:11:33Z	2025-12-24T00:53:16Z
mal-2025-192793	Malicious code in elf-stats-whimsical-cocoa-243 (npm)	2025-12-23T08:11:32Z	2025-12-24T00:53:16Z
mal-2025-192792	Malicious code in elf-stats-velvet-sparkler-555 (npm)	2025-12-23T08:11:31Z	2025-12-24T00:53:16Z
mal-2025-192791	Malicious code in elf-stats-velvet-bow-244 (npm)	2025-12-23T08:11:29Z	2025-12-24T00:53:16Z
mal-2025-192790	Malicious code in elf-stats-sprucey-giftbox-118 (npm)	2025-12-23T08:10:50Z	2025-12-24T00:53:16Z
mal-2025-192789	Malicious code in elf-stats-sprucey-cookie-492 (npm)	2025-12-23T08:10:49Z	2025-12-24T00:53:16Z
mal-2025-192788	Malicious code in elf-stats-sparkly-train-831 (npm)	2025-12-23T08:10:48Z	2025-12-24T00:53:16Z
mal-2025-192787	Malicious code in elf-stats-sparkly-toolkit-703 (npm)	2025-12-23T08:10:46Z	2025-12-24T00:53:16Z
mal-2025-192786	Malicious code in elf-stats-sparkly-sled-484 (npm)	2025-12-23T08:10:45Z	2025-12-24T00:53:16Z
mal-2025-192785	Malicious code in elf-stats-sleighing-hammer-902 (npm)	2025-12-23T08:10:05Z	2025-12-24T00:53:16Z
mal-2025-192784	Malicious code in elf-stats-silvered-toolkit-914 (npm)	2025-12-23T08:10:02Z	2025-12-24T00:53:16Z
mal-2025-192783	Malicious code in elf-stats-silvered-bow-679 (npm)	2025-12-23T08:09:51Z	2025-12-24T00:53:16Z
mal-2025-192782	Malicious code in elf-stats-shimmering-fir-491 (npm)	2025-12-23T08:09:49Z	2025-12-24T00:53:16Z
mal-2025-192781	Malicious code in elf-stats-rooftop-pinecone-887 (npm)	2025-12-23T08:09:47Z	2025-12-24T00:53:16Z
mal-2025-192780	Malicious code in elf-stats-rooftop-mitten-324 (npm)	2025-12-23T08:09:46Z	2025-12-24T00:53:16Z
mal-2025-192779	Malicious code in elf-stats-piney-train-884 (npm)	2025-12-23T08:09:34Z	2025-12-24T00:53:16Z
mal-2025-192778	Malicious code in elf-stats-nutmeg-fir-716 (npm)	2025-12-23T08:09:29Z	2025-12-24T00:53:16Z
mal-2025-192777	Malicious code in elf-stats-mistletoe-muffin-976 (npm)	2025-12-23T08:09:15Z	2025-12-24T00:53:16Z
mal-2025-192776	Malicious code in elf-stats-mistletoe-cookie-256 (npm)	2025-12-23T08:09:14Z	2025-12-24T00:53:16Z
mal-2025-192775	Malicious code in elf-stats-merry-sparkler-797 (npm)	2025-12-23T08:09:02Z	2025-12-24T00:53:16Z
mal-2025-192774	Malicious code in elf-stats-joyous-saddlebag-967 (npm)	2025-12-23T08:08:33Z	2025-12-24T00:53:16Z
mal-2025-192773	Malicious code in elf-stats-jolly-snowglobe-266 (npm)	2025-12-23T08:08:32Z	2025-12-24T00:53:16Z
mal-2025-192772	Malicious code in elf-stats-holly-fir-593 (npm)	2025-12-23T08:08:29Z	2025-12-24T00:53:16Z
mal-2025-192771	Malicious code in elf-stats-glittering-cookie-844 (npm)	2025-12-23T08:08:17Z	2025-12-24T00:53:16Z
mal-2025-192770	Malicious code in elf-stats-ginger-bow-370 (npm)	2025-12-23T08:08:02Z	2025-12-24T00:53:16Z
mal-2025-192769	Malicious code in elf-stats-fuzzy-ribbon-205 (npm)	2025-12-23T08:08:00Z	2025-12-24T00:53:16Z
mal-2025-192768	Malicious code in elf-stats-flickering-satchel-815 (npm)	2025-12-23T08:07:45Z	2025-12-24T00:53:16Z

ID	Description	Published	Updated
wid-sec-w-2022-1350	Ansible: Schwachstelle ermöglicht Offenlegung von Informationen	2021-01-17T23:00:00.000+00:00	2025-11-23T23:00:00.000+00:00
wid-sec-w-2022-1349	Ansible: Schwachstelle ermöglicht Offenlegung von Informationen	2021-01-11T23:00:00.000+00:00	2025-11-23T23:00:00.000+00:00
wid-sec-w-2025-2656	MELDUNG ZURÜCKGEZOGEN	2025-11-20T23:00:00.000+00:00	2025-11-20T23:00:00.000+00:00
wid-sec-w-2025-2654	MongoDB (Server): Schwachstelle ermöglicht Denial of Service	2025-11-20T23:00:00.000+00:00	2025-11-20T23:00:00.000+00:00
wid-sec-w-2025-2653	Microsoft Visual Studio Code: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-11-20T23:00:00.000+00:00	2025-11-20T23:00:00.000+00:00
wid-sec-w-2025-2652	Red Hat Satellite: Schwachstelle ermöglicht Offenlegung von Informationen	2025-11-20T23:00:00.000+00:00	2025-11-20T23:00:00.000+00:00
wid-sec-w-2025-2649	Google Cloud Platform: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-11-19T23:00:00.000+00:00	2025-11-20T23:00:00.000+00:00
wid-sec-w-2025-2647	SonicWall Email Security: Mehrere Schwachstellen	2025-11-19T23:00:00.000+00:00	2025-11-20T23:00:00.000+00:00
wid-sec-w-2025-2640	SonicWall SSL-VPN: Schwachstelle ermöglicht Denial of Service	2025-11-19T23:00:00.000+00:00	2025-11-20T23:00:00.000+00:00
wid-sec-w-2025-2464	OpenSMTP: Schwachstelle ermöglicht Denial of Service	2025-11-02T23:00:00.000+00:00	2025-11-20T23:00:00.000+00:00
wid-sec-w-2025-2236	GitLab: Mehrere Schwachstellen	2025-10-08T22:00:00.000+00:00	2025-11-20T23:00:00.000+00:00
wid-sec-w-2025-2152	IBM WebSphere Application Server: Schwachstelle ermöglicht Denial of Service	2025-09-29T22:00:00.000+00:00	2025-11-20T23:00:00.000+00:00
wid-sec-w-2025-1828	PAM (linux-pam package): Schwachstelle ermöglicht Erlangen von Administratorrechten	2025-08-13T22:00:00.000+00:00	2025-11-20T23:00:00.000+00:00
wid-sec-w-2025-1790	Microsoft Windows und Windows Server: Mehrere Schwachstellen	2025-08-12T22:00:00.000+00:00	2025-11-20T23:00:00.000+00:00
wid-sec-w-2025-1261	CoreDNS: Schwachstelle ermöglicht Denial of Service	2025-06-09T22:00:00.000+00:00	2025-11-20T23:00:00.000+00:00
wid-sec-w-2023-2978	GnuTLS: Schwachstelle ermöglicht Offenlegung von Informationen	2023-11-20T23:00:00.000+00:00	2025-11-20T23:00:00.000+00:00
wid-sec-w-2025-2648	IBM AIX und VIOS: Mehrere Schwachstellen	2025-11-19T23:00:00.000+00:00	2025-11-19T23:00:00.000+00:00
wid-sec-w-2025-2646	Progress Software MOVEit: Schwachstelle ermöglicht Offenlegung von Informationen	2025-11-19T23:00:00.000+00:00	2025-11-19T23:00:00.000+00:00
wid-sec-w-2025-2644	Pega Platform: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-11-19T23:00:00.000+00:00	2025-11-19T23:00:00.000+00:00
wid-sec-w-2025-2642	MongoDB: Schwachstelle ermöglicht Offenlegung von Informationen	2025-11-19T23:00:00.000+00:00	2025-11-19T23:00:00.000+00:00
wid-sec-w-2025-2150	Red Hat Enterprise Linux: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-09-29T22:00:00.000+00:00	2025-11-19T23:00:00.000+00:00
wid-sec-w-2025-1826	Apache Tomcat: Schwachstelle ermöglicht Session-Fixation	2025-08-13T22:00:00.000+00:00	2025-11-19T23:00:00.000+00:00
wid-sec-w-2025-1165	Apache Tomcat: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-05-29T22:00:00.000+00:00	2025-11-19T23:00:00.000+00:00
wid-sec-w-2025-0613	xpdf: Schwachstelle ermöglicht Denial of Service	2025-03-20T23:00:00.000+00:00	2025-11-19T23:00:00.000+00:00
wid-sec-w-2024-1871	xpdf: Mehrere Schwachstellen ermöglichen Denial of Service	2024-08-15T22:00:00.000+00:00	2025-11-19T23:00:00.000+00:00
wid-sec-w-2024-1162	xpdf: Schwachstelle ermöglicht Denial of Service	2024-05-15T22:00:00.000+00:00	2025-11-19T23:00:00.000+00:00
wid-sec-w-2024-1043	xpdf: Schwachstelle ermöglicht Denial of Service	2024-05-06T22:00:00.000+00:00	2025-11-19T23:00:00.000+00:00
wid-sec-w-2024-0963	xpdf: Schwachstelle ermöglicht Denial of Service	2024-04-24T22:00:00.000+00:00	2025-11-19T23:00:00.000+00:00
wid-sec-w-2024-0927	Xpdf: Schwachstelle ermöglicht Denial of Service	2024-04-18T22:00:00.000+00:00	2025-11-19T23:00:00.000+00:00
wid-sec-w-2024-0774	xpdf: Schwachstelle ermöglicht Denial of Service	2024-04-03T22:00:00.000+00:00	2025-11-19T23:00:00.000+00:00

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated
rhsa-2010:0347	Red Hat Security Advisory: nss_db security update	2010-04-13T21:21:00+00:00	2026-01-08T09:34:12+00:00
rhba-2015:2246	Red Hat Bug Fix Advisory: open-vm-tools bug fix and enhancement update	2015-11-19T04:11:27+00:00	2026-01-08T09:34:12+00:00
rhsa-2012:0304	Red Hat Security Advisory: vixie-cron security, bug fix, and enhancement update	2012-02-21T02:21:00+00:00	2026-01-08T09:24:12+00:00
rhsa-2012:0125	Red Hat Security Advisory: glibc security and bug fix update	2012-02-13T20:30:00+00:00	2026-01-08T09:24:12+00:00
rhsa-2011:1811	Red Hat Security Advisory: netpbm security update	2011-12-12T20:57:00+00:00	2026-01-08T09:24:12+00:00
rhsa-2011:1386	Red Hat Security Advisory: kernel security, bug fix, and enhancement update	2011-10-20T17:20:00+00:00	2026-01-08T09:24:11+00:00
rhsa-2011:1219	Red Hat Security Advisory: samba security update	2011-08-29T17:19:00+00:00	2026-01-08T09:24:09+00:00
rhsa-2011:0909	Red Hat Security Advisory: ruby security update	2011-06-28T17:27:00+00:00	2026-01-08T09:24:09+00:00
rhsa-2011:0908	Red Hat Security Advisory: ruby security update	2011-06-28T17:21:00+00:00	2026-01-08T09:24:09+00:00
rhsa-2011:0879	Red Hat Security Advisory: Red Hat Network Satellite server spacewalk-java security update	2011-06-16T18:57:00+00:00	2026-01-08T09:24:08+00:00
rhsa-2011:0412	Red Hat Security Advisory: glibc security update	2011-04-04T20:01:00+00:00	2026-01-08T09:24:06+00:00
rhsa-2011:0265	Red Hat Security Advisory: ccs security update	2011-02-16T15:08:00+00:00	2026-01-08T09:24:06+00:00
rhsa-2011:0027	Red Hat Security Advisory: python security, bug fix, and enhancement update	2011-01-13T10:55:00+00:00	2026-01-08T09:24:06+00:00
rhsa-2011:0264	Red Hat Security Advisory: rgmanager security and bug fix update	2011-02-16T15:02:00+00:00	2026-01-08T09:24:05+00:00
rhsa-2011:0260	Red Hat Security Advisory: python security and bug fix update	2011-02-16T14:17:00+00:00	2026-01-08T09:24:05+00:00
rhsa-2010:0919	Red Hat Security Advisory: php security update	2010-11-29T21:31:00+00:00	2026-01-08T09:24:04+00:00
rhsa-2010:0882	Red Hat Security Advisory: kernel security and bug fix update	2010-11-12T09:36:00+00:00	2026-01-08T09:24:03+00:00
rhsa-2010:0858	Red Hat Security Advisory: bzip2 security update	2010-11-10T19:00:00+00:00	2026-01-08T09:24:03+00:00
rhsa-2010:0636	Red Hat Security Advisory: acroread security update	2010-08-20T11:40:00+00:00	2026-01-08T09:24:02+00:00
rhsa-2010:0771	Red Hat Security Advisory: kernel-rt security and bug fix update	2010-10-14T15:26:00+00:00	2026-01-08T09:24:01+00:00
rhsa-2010:0703	Red Hat Security Advisory: bzip2 security update	2010-09-21T01:04:00+00:00	2026-01-08T09:24:00+00:00
rhsa-2010:0635	Red Hat Security Advisory: Red Hat High Performance Computing (HPC) Solution 5.5	2010-08-20T02:42:00+00:00	2026-01-08T09:24:00+00:00
rhsa-2010:0633	Red Hat Security Advisory: qspice security update	2010-08-19T21:25:00+00:00	2026-01-08T09:23:59+00:00
rhsa-2010:0631	Red Hat Security Advisory: kernel-rt security and bug fix update	2010-08-17T15:52:00+00:00	2026-01-08T09:23:59+00:00
rhsa-2010:0624	Red Hat Security Advisory: flash-plugin security update	2010-08-11T19:46:00+00:00	2026-01-08T09:23:58+00:00
rhsa-2010:0623	Red Hat Security Advisory: flash-plugin security update	2010-08-11T19:44:00+00:00	2026-01-08T09:23:58+00:00
rhsa-2010:0574	Red Hat Security Advisory: java-1.4.2-ibm security update	2010-07-29T16:39:00+00:00	2026-01-08T09:23:58+00:00
rhsa-2010:0622	Red Hat Security Advisory: rhev-hypervisor security and bug fix update	2010-08-19T21:45:00+00:00	2026-01-08T09:23:57+00:00
rhsa-2010:0586	Red Hat Security Advisory: java-1.4.2-ibm-sap security update	2010-08-02T20:43:00+00:00	2026-01-08T09:23:57+00:00
rhsa-2010:0547	Red Hat Security Advisory: firefox security update	2010-07-21T01:00:00+00:00	2026-01-08T09:23:56+00:00

ID	Description	Published	Updated
icsa-25-153-01	Schneider Electric Wiser Home Automation	2025-06-03T06:00:00.000000Z	2025-06-03T06:00:00.000000Z
icsma-25-148-01	Santesoft Sante DICOM Viewer Pro	2025-05-29T06:00:00.000000Z	2025-05-29T06:00:00.000000Z
va-25-147-01	Craft CMS stores user-provided content session files	2025-05-28T20:57:43Z	2025-05-28T20:57:43Z
va-25-148-01	ZKTeco BioTime multiple vulnerabilities	2025-05-28T15:28:55Z	2025-05-28T15:28:55Z
icsa-25-160-02	Hitachi Energy Relion 670 650 SAM600-IO Series	2023-06-27T12:30:00.000000Z	2025-05-27T12:30:00.000000Z
icsa-25-155-02	Hitachi Energy Relion 670 650 series and SAM600-IO Product	2021-12-16T13:30:00.000000Z	2025-05-27T12:30:00.000000Z
icsa-25-133-02	Hitachi Energy Relion 670/650/SAM600-IO Series (Update A)	2023-11-28T13:30:00.000000Z	2025-05-27T12:30:00.000000Z
icsa-23-089-01	Hitachi Energy IEC 61850 MMS-Server	2023-02-14T13:30:00.000000Z	2025-05-27T12:30:00.000000Z
icsa-23-068-05	Hitachi Energy Relion 670, 650 and SAM600-IO Series	2023-02-28T13:30:00.000000Z	2025-05-27T12:30:00.000000Z
icsa-21-336-05	Hitachi Energy Relion 670/650/SAM600-IO	2021-11-04T13:30:00.000000Z	2025-05-27T12:30:00.000000Z
icsa-25-146-01	Johnson Controls iSTAR Configuration Utility (ICU) tool	2025-05-27T06:00:00.000000Z	2025-05-27T06:00:00.000000Z
icsa-25-142-02	Rockwell Automation FactoryTalk Historian ThingWorx	2025-05-22T06:00:00.000000Z	2025-05-22T06:00:00.000000Z
icsa-25-142-01	Lantronix Device Installer	2025-05-22T06:00:00.000000Z	2025-05-22T06:00:00.000000Z
icsa-25-140-10	Vertiv Liebert RDU101 and UNITY	2025-05-20T06:00:00.000000Z	2025-05-20T06:00:00.000000Z
icsa-25-140-09	AutomationDirect MB-Gateway	2025-05-20T06:00:00.000000Z	2025-05-20T06:00:00.000000Z
icsa-25-140-02	National Instruments Circuit Design Suite	2025-05-20T06:00:00.000000Z	2025-05-20T06:00:00.000000Z
icsa-25-140-01	ABUP IoT Cloud Platform	2025-05-20T06:00:00.000000Z	2025-05-20T06:00:00.000000Z
va-25-119-01	MSP360 Backup insecure filesystem permissions	2025-04-29T15:59:52Z	2025-05-19T00:00:00Z
icsa-25-135-20	Schneider Electric EcoStruxure Power Build Rapsody	2025-05-15T06:00:00.000000Z	2025-05-15T06:00:00.000000Z
icsa-24-200-01	Mitsubishi Electric MELSOFT MaiLab and MELSOFT VIXIO (Update A)	2024-07-18T06:00:00.000000Z	2025-05-15T06:00:00.000000Z
icsa-25-140-05	Siemens Siveillance Video	2025-05-14T00:00:00.000000Z	2025-05-14T00:00:00.000000Z
icsa-25-133-04	ABB Automation Builder	2025-05-13T06:00:00.000000Z	2025-05-13T06:00:00.000000Z
icsa-25-153-02	Schneider Electric EcoStruxure Power Build Rapsody	2025-05-13T04:00:00.000000Z	2025-05-13T04:00:00.000000Z
icsa-25-140-06	Schneider Electric PrismaSeT Active - Wireless Panel Server	2025-05-13T04:00:00.000000Z	2025-05-13T04:00:00.000000Z
icsa-25-037-01	Schneider Electric EcoStruxure Power Monitoring Expert (PME) (Update B)	2024-10-08T04:00:00.000000Z	2025-05-13T04:00:00.000000Z
icsa-25-023-05	Schneider Electric EcoStruxure Power Build Rapsody	2025-01-14T00:00:00.000000Z	2025-05-13T04:00:00.000000Z
icsa-25-148-02	Siemens SiPass Integrated	2025-05-13T00:00:00.000000Z	2025-05-13T00:00:00.000000Z
icsa-25-135-18	Siemens SCALANCE LPE9403	2025-05-13T00:00:00.000000Z	2025-05-13T00:00:00.000000Z
icsa-25-135-16	Siemens MS/TP Point Pickup Module	2025-05-13T00:00:00.000000Z	2025-05-13T00:00:00.000000Z
icsa-25-135-14	Siemens APOGEE PXC and TALON TC Series	2025-05-13T00:00:00.000000Z	2025-05-13T00:00:00.000000Z

ID	Description	Published	Updated
cisco-sa-sb-wap-inject-mp9fsdg	Cisco Small Business 100, 300, and 500 Series Wireless Access Points Command Injection Vulnerabilities	2021-05-19T16:00:00+00:00	2021-08-03T15:59:45+00:00
cisco-sa-scr-web-priv-esc-k3hcgjz	Cisco Web Security Appliance Privilege Escalation Vulnerability	2021-07-07T16:00:00+00:00	2021-07-30T14:10:43+00:00
cisco-sa-cvp-xss-yve6l8zq	Cisco Unified Customer Voice Portal Cross-Site Scripting Vulnerability	2021-07-21T16:00:00+00:00	2021-07-28T14:50:38+00:00
cisco-sa-cuic-xss-cshudtrl	Cisco Unified Intelligence Center Reflected Cross-Site Scripting Vulnerability	2021-06-16T16:00:00+00:00	2021-07-21T19:55:20+00:00
cisco-sa-ucsi2-iptaclbp-l8dzs8m8	Cisco Intersight Virtual Appliance IPv4 and IPv6 Forwarding Vulnerabilities	2021-07-21T16:00:00+00:00	2021-07-21T16:00:00+00:00
cisco-sa-ucsi2-dtcinj-yh5u4rsx	Cisco Intersight Virtual Appliance Vulnerabilities	2021-07-21T16:00:00+00:00	2021-07-21T16:00:00+00:00
cisco-sa-sdwan-vmanage-infdis-lggop9se	Cisco SD-WAN vManage Software Information Disclosure Vulnerability	2021-07-21T16:00:00+00:00	2021-07-21T16:00:00+00:00
cisco-sa-sdw-mpls-infodisclos-mssrfkzq	Cisco SD-WAN Software Information Disclosure Vulnerability	2021-07-21T16:00:00+00:00	2021-07-21T16:00:00+00:00
cisco-sa-imc-openred-zayru6d2	Cisco Integrated Management Controller Open Redirect Vulnerability	2021-05-05T16:00:00+00:00	2021-07-16T17:37:29+00:00
cisco-sa-asa-ftd-ipsec-dos-tfkqbgwc	Cisco Adaptive Security Appliance Software Release 9.16.1 and Cisco Firepower Threat Defense Software Release 7.0.0 IPsec Denial of Service Vulnerability	2021-07-15T16:00:00+00:00	2021-07-16T14:57:55+00:00
cisco-sa-proximity-ssl-cert-gbbu3rb	Cisco Intelligent Proximity SSL Certificate Validation Vulnerability	2020-03-04T16:00:00+00:00	2021-07-15T14:50:11+00:00
cisco-sa-20190515-nxos-cmdinj-1735	Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)	2019-05-15T16:00:00+00:00	2021-07-12T14:24:27+00:00
cisco-sa-20190515-nxos-conf-bypass	Cisco FXOS and NX-OS Software Secure Configuration Bypass Vulnerability	2019-05-15T16:00:00+00:00	2021-07-12T14:24:25+00:00
cisco-sa-20190515-nxos-snmp-dos	Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service Vulnerability	2019-05-15T16:00:00+00:00	2021-07-12T14:24:24+00:00
cisco-sa-broad-as-inf-disc-zuxgffxq	Cisco BroadWorks Application Server Information Disclosure Vulnerability	2021-07-07T16:00:00+00:00	2021-07-09T18:17:57+00:00
cisco-sa-sdwan-vmaninfdis3-ovdr6uu8	Cisco SD-WAN vManage Software Information Disclosure Vulnerability	2021-05-05T16:00:00+00:00	2021-07-07T19:45:23+00:00
cisco-sa-vvb-xss-wg4zxrp3	Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability	2021-07-07T16:00:00+00:00	2021-07-07T16:00:00+00:00
cisco-sa-ipcamera-lldp-mem-wgqundtq	Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Memory Leak Vulnerabilities	2021-07-07T16:00:00+00:00	2021-07-07T16:00:00+00:00
cisco-sa-brcm-mxc-jul2021-26lquzuh	Broadcom MediaxChange Vulnerability Affecting Cisco Products: July 2021	2021-07-07T16:00:00+00:00	2021-07-07T16:00:00+00:00
cisco-sa-bpa-priv-esc-dgubwbh4	Cisco Business Process Automation Privilege Escalation Vulnerabilities	2021-07-07T16:00:00+00:00	2021-07-07T16:00:00+00:00
cisco-sa-ipcamera-lldpcdp-mem-ytqdmjro	Cisco Video Surveillance 7000 Series IP Cameras Cisco Discovery Protocol and Link Layer Discovery Protocol Memory Leak Vulnerabilities	2021-06-02T16:00:00+00:00	2021-07-07T15:55:28+00:00
cisco-sa-asaftd-xss-multiple-fcb3vpze	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities	2020-10-21T16:00:00+00:00	2021-06-28T15:14:27+00:00
cisco-sa-ade-xcvaqeoz	Cisco ADE-OS Local File Inclusion Vulnerability	2021-05-19T16:00:00+00:00	2021-06-24T14:24:36+00:00
cisco-sa-sdwanbo-qkcabns2	Cisco SD-WAN Solution Buffer Overflow Vulnerability	2020-03-18T16:00:00+00:00	2021-06-23T18:22:48+00:00
cisco-sa-sdwpresc-ysjgve9	Cisco SD-WAN Solution Privilege Escalation Vulnerability	2020-03-18T16:00:00+00:00	2021-06-23T18:09:31+00:00
cisco-sa-jabber-guc5mlwg	Cisco Jabber Desktop and Mobile Client Software Vulnerabilities	2021-06-16T16:00:00+00:00	2021-06-17T20:25:14+00:00
cisco-sa-meetingserver-dos-nzvwmmqt	Cisco Meeting Server API Denial of Service Vulnerability	2021-06-16T16:00:00+00:00	2021-06-16T16:00:00+00:00
cisco-sa-esa-wsa-cert-vali-n8l97rw	Cisco Email Security Appliance and Cisco Web Security Appliance Certificate Validation Vulnerability	2021-06-16T16:00:00+00:00	2021-06-16T16:00:00+00:00
cisco-sa-dnac-certvalid-usej2czk	Cisco DNA Center Certificate Validation Vulnerability	2021-06-16T16:00:00+00:00	2021-06-16T16:00:00+00:00
cisco-sa-ciscosb-multivulns-wwyb7s5e	Cisco Small Business 220 Series Smart Switches Vulnerabilities	2021-06-16T16:00:00+00:00	2021-06-16T16:00:00+00:00

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated
msrc_cve-2025-55552	pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randn_like are used together.	2025-09-02T00:00:00.000Z	2025-12-07T01:37:33.000Z
msrc_cve-2025-13230	Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	2025-11-02T00:00:00.000Z	2025-12-07T01:37:30.000Z
msrc_cve-2025-10158	Rsync: Out of bounds array access via negative index	2025-11-02T00:00:00.000Z	2025-12-07T01:36:46.000Z
msrc_cve-2025-21885	RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers	2025-03-02T00:00:00.000Z	2025-12-07T01:36:42.000Z
msrc_cve-2025-55560	An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor.	2025-09-02T00:00:00.000Z	2025-12-07T01:36:29.000Z
msrc_cve-2025-21892	RDMA/mlx5: Fix the recovery flow of the UMR QP	2025-03-02T00:00:00.000Z	2025-12-07T01:36:21.000Z
msrc_cve-2018-7159	The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.	2018-05-02T00:00:00.000Z	2025-12-07T01:36:21.000Z
msrc_cve-2025-46152	In PyTorch before 2.7.0, bitwise_right_shift produces incorrect output for certain out-of-bounds values of the "other" argument.	2025-09-02T00:00:00.000Z	2025-12-07T01:36:18.000Z
msrc_cve-2025-12748	Libvirt: denial of service in xml parsing	2025-11-02T00:00:00.000Z	2025-12-07T01:36:12.000Z
msrc_cve-2025-40202	ipmi: Rework user message limit handling	2025-11-02T00:00:00.000Z	2025-12-07T01:35:54.000Z
msrc_cve-2025-58354	Kata Containers coco-tdx malicious host can circumvent initdata verification	2025-09-02T00:00:00.000Z	2025-12-07T01:35:50.000Z
msrc_cve-2024-25740	A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released.	2024-02-02T08:00:00.000Z	2025-12-07T01:35:44.000Z
msrc_cve-2024-53201	drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe	2024-12-02T00:00:00.000Z	2025-12-07T01:35:43.000Z
msrc_cve-2025-40204	sctp: Fix MAC comparison to be constant-time	2025-11-02T00:00:00.000Z	2025-12-07T01:35:42.000Z
msrc_cve-2023-52485	drm/amd/display: Wake DMCUB before sending a command	2024-02-02T08:00:00.000Z	2025-12-07T01:35:33.000Z
msrc_cve-2025-40193	xtensa: simdisk: add input size check in proc_write_simdisk	2025-11-02T00:00:00.000Z	2025-12-07T01:35:30.000Z
msrc_cve-2022-4543	A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.	2023-01-04T00:00:00.000Z	2025-12-07T01:35:17.000Z
msrc_cve-2025-12817	PostgreSQL CREATE STATISTICS does not check for schema CREATE privilege	2025-11-02T00:00:00.000Z	2025-12-06T14:40:04.000Z
msrc_cve-2024-47866	RGW DoS attack with empty HTTP header in S3 object copy	2025-11-02T00:00:00.000Z	2025-12-06T14:39:56.000Z
msrc_cve-2025-10966	missing SFTP host verification with wolfSSH	2025-11-02T00:00:00.000Z	2025-12-06T14:39:15.000Z
msrc_cve-2025-9086	Out of bounds read for cookie path	2025-09-02T00:00:00.000Z	2025-12-06T14:37:40.000Z
msrc_cve-2025-8277	Libssh: memory exhaustion via repeated key exchange in libssh	2025-09-02T00:00:00.000Z	2025-12-06T14:37:35.000Z
msrc_cve-2025-5916	Libarchive: integer overflow while reading warc files at archive_read_support_format_warc.c	2025-06-02T00:00:00.000Z	2025-12-06T14:36:42.000Z
msrc_cve-2025-5918	Libarchive: reading past eof may be triggered for piped file streams	2025-06-02T00:00:00.000Z	2025-12-06T14:36:36.000Z
msrc_cve-2025-5917	Libarchive: off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c	2025-06-02T00:00:00.000Z	2025-12-06T14:36:30.000Z
msrc_cve-2025-4435	Tarfile extracts filtered members when errorlevel=0	2025-06-02T00:00:00.000Z	2025-12-06T14:36:23.000Z
msrc_cve-2023-45229	Out-of-Bounds Read in EDK II Network Package	2024-01-01T08:00:00.000Z	2025-12-06T14:36:13.000Z
msrc_cve-2024-38796	Integer overflow in PeCoffLoaderRelocateImage	2024-09-01T07:00:00.000Z	2025-12-06T14:36:03.000Z
msrc_cve-2023-45231	Out-of-Bounds Read in EDK II Network Package	2024-01-01T08:00:00.000Z	2025-12-06T14:35:58.000Z
msrc_cve-2022-4304	Timing Oracle in RSA Decryption	2023-02-01T00:00:00.000Z	2025-12-06T14:35:53.000Z

ID	Description	Published	Updated

ID	Description	Updated
var-201912-0510	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2025-12-22T21:01:42.340000Z
var-200906-0612	drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earli…	2025-12-22T21:01:14.187000Z
var-201512-0483	crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remo…	2025-12-22T21:01:13.980000Z
var-202206-1900	curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverrespon…	2025-12-22T21:01:12.024000Z
var-201310-0349	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, J…	2025-12-22T21:01:03.297000Z
var-202001-1866	xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certai…	2025-12-22T21:01:02.508000Z
var-201412-0612	The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute afte…	2025-12-22T21:01:02.068000Z
var-201909-1526	There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the …	2025-12-22T21:00:26.930000Z
var-201409-1155	GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed functi…	2025-12-22T21:00:24.338000Z
var-201708-0039	Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows re…	2025-12-22T20:58:38.340000Z
var-202205-1313	A memory corruption issue was addressed with improved state management. This issue is fix…	2025-12-22T20:58:38.097000Z
var-200704-0222	URLMount in Apple Mac OS X 10.3.9 through 10.4.9 passes the username and password credent…	2025-12-22T20:57:34.214000Z
var-201912-0578	A memory corruption issue was addressed with improved input validation. This issue is fix…	2025-12-22T20:57:31.102000Z
var-201904-0753	A memory corruption issue was addressed with improved validation. This issue affected ver…	2025-12-22T20:57:00.871000Z
var-200904-0819	Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.…	2025-12-22T20:57:00.188000Z
var-200809-0188	Integer overflow in Apple QuickTime before 7.5.5 on Windows allows remote attackers to ex…	2025-12-22T20:56:59.967000Z
var-202109-1360	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2025-12-22T20:56:23.643000Z
var-201711-0447	An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari be…	2025-12-22T20:55:52.317000Z
var-200611-0210	The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through …	2025-12-22T20:54:51.601000Z
var-201107-0102	Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execut…	2025-12-22T20:54:50.935000Z
var-201607-0235	Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52…	2025-12-22T20:54:50.845000Z
var-200703-0027	Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files …	2025-12-22T20:54:50.125000Z
var-201302-0248	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java …	2025-12-22T20:54:49.909000Z
var-201912-0636	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2025-12-22T20:54:18.392000Z
var-201710-1403	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari befo…	2025-12-22T20:54:17.723000Z
var-200505-0354	Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to exe…	2025-12-22T20:54:17.618000Z
var-201806-1487	An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari …	2025-12-22T20:54:16.607000Z
var-200609-0312	Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to …	2025-12-22T20:54:14.334000Z
var-201912-1860	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2025-12-22T20:54:10.021000Z
var-202003-1778	FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between seriali…	2025-12-22T20:54:08.415000Z

ID	Description	Published	Updated
jvndb-2020-000040	Chrome Extension for e-Tax Reception System vulnerable to arbitrary command execution	2020-06-24T14:25+09:00	2020-06-24T14:25+09:00
jvndb-2020-005854	Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series vulnerable to cleartext transmission of sensitive information	2020-06-24T10:32+09:00	2020-06-24T10:32+09:00
jvndb-2020-005743	Vulnerability in Cosminexus HTTP Server	2020-06-22T15:40+09:00	2020-06-22T15:40+09:00
jvndb-2020-000039	EC-CUBE vulnerable to directory traversal	2020-06-18T13:48+09:00	2020-06-18T13:48+09:00
jvndb-2020-005443	Path Traversal Vulnerability in Hitachi Automation Director and Hitachi Ops Center Automator	2020-06-15T16:29+09:00	2020-06-15T16:29+09:00
jvndb-2020-000038	Multiple vulnerabilities in Zenphoto	2020-06-11T17:17+09:00	2020-06-11T17:17+09:00
jvndb-2020-000037	Multiple SONY Wireless Headphones allow improper Bluetooth pairing	2020-06-09T15:49+09:00	2020-06-09T15:49+09:00
jvndb-2020-000036	XACK DNS vulnerable to denial-of-service (DoS)	2020-06-05T15:16+09:00	2020-06-05T15:16+09:00
jvndb-2020-000035	Multiples security updates for multiple Cybozu products	2020-05-29T15:40+09:00	2020-05-29T15:40+09:00
jvndb-2020-004667	Privilege escalation vulnerability in Hitachi Ops Center Common Services	2020-05-25T16:17+09:00	2020-05-25T16:17+09:00
jvndb-2020-000034	Cybozu Desktop for Windows vulenerable to arbitrary code execution	2020-05-25T15:09+09:00	2020-05-25T15:09+09:00
jvndb-2020-000033	WordPress Plugin "Paid Memberships Pro" vulnerable to SQL injection	2020-05-19T16:07+09:00	2020-05-19T16:07+09:00
jvndb-2020-004476	DoS Vulnerability in JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2	2020-05-19T10:38+09:00	2020-05-19T10:38+09:00
jvndb-2020-004477	Multiple Vulnerabilities in Hitachi Compute Systems Manager	2020-05-19T10:33+09:00	2020-05-19T10:33+09:00
jvndb-2020-000031	BookStack vulnerable to cross-site scripting	2020-05-13T18:06+09:00	2020-05-13T18:06+09:00
jvndb-2020-000030	Multiple vulnerabilities in Movable Type	2020-05-13T17:59+09:00	2020-05-13T17:59+09:00
jvndb-2020-000029	PALLET CONTROL vulnerable to arbitrary code execution	2020-05-11T15:16+09:00	2020-05-11T15:16+09:00
jvndb-2020-000028	Sales Force Assistant vulnerable to cross-site scripting	2020-04-28T15:49+09:00	2020-04-28T15:49+09:00
jvndb-2020-000027	Cybozu Garoon contains multiple vulnerabilities	2020-04-28T14:48+09:00	2020-04-28T14:48+09:00
jvndb-2020-003896	Directory Permission Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer	2020-04-28T12:21+09:00	2020-04-28T12:21+09:00
jvndb-2020-000026	Multiple SHARP Android devices vulnerable to information disclosure	2020-04-24T15:32+09:00	2020-04-24T15:32+09:00
jvndb-2020-000022	Multiple vulnerabilities in EasyBlocks IPv6	2020-04-08T16:12+09:00	2020-04-08T16:12+09:00
jvndb-2020-000024	Joomla! plugin "AcyMailing" vulnerable to arbitrary file uploads	2020-04-07T14:49+09:00	2020-04-07T14:49+09:00
jvndb-2020-000021	Multiple Yamaha network devices vulnerable to denial-of-service (DoS)	2020-03-31T17:44+09:00	2020-04-01T18:38+09:00
jvndb-2019-000014	The installer of Microsoft Teams may insecurely load Dynamic Link Libraries	2019-04-02T14:18+09:00	2020-04-01T16:55+09:00
jvndb-2020-002958	Denial-of-service (DoS) vulnerability in Mitsubishi Electric MELSOFT transmission port	2020-03-31T13:37+09:00	2020-04-01T14:45+09:00
jvndb-2020-000907	WL-Enq (WEB Enquete) vulnerable to OS command injection	2020-03-25T09:50+09:00	2020-03-25T09:50+09:00
jvndb-2020-000908	Keijiban Tsumiki vulnerable to OS command injection	2020-03-24T18:14+09:00	2020-03-24T18:14+09:00
jvndb-2020-000900	mailform vulnerable to cross-site scripting	2020-03-24T18:05+09:00	2020-03-24T18:05+09:00
jvndb-2020-000901	mailform vulnerable to PHP code execution	2020-03-24T17:59+09:00	2020-03-24T17:59+09:00

ID	Description	Updated

ID	Description	Published	Updated
suse-su-2025:03329-1	Security update for the Linux Kernel (Live Patch 61 for SLE 12 SP5)	2025-09-24T05:33:35Z	2025-09-24T05:33:35Z
suse-su-2025:03318-1	Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP7)	2025-09-24T02:04:44Z	2025-09-24T02:04:44Z
suse-su-2025:03321-1	Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP7)	2025-09-23T22:34:08Z	2025-09-23T22:34:08Z
suse-su-2025:03319-1	Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP7)	2025-09-23T22:05:39Z	2025-09-23T22:05:39Z
suse-su-2025:03317-1	Security update for the Linux Kernel RT (Live Patch 4 for SLE 15 SP6)	2025-09-23T21:34:19Z	2025-09-23T21:34:19Z
suse-su-2025:03315-1	Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6)	2025-09-23T21:04:31Z	2025-09-23T21:04:31Z
suse-su-2025:03314-1	Security update for the Linux Kernel	2025-09-23T18:35:03Z	2025-09-23T18:35:03Z
suse-su-2025:20757-1	Security update for nvidia-open-driver-G06-signed	2025-09-23T15:49:58Z	2025-09-23T15:49:58Z
suse-su-2025:20741-1	Security update for nvidia-open-driver-G06-signed	2025-09-23T15:49:58Z	2025-09-23T15:49:58Z
suse-su-2025:03310-1	Security update for the Linux Kernel	2025-09-23T14:35:15Z	2025-09-23T14:35:15Z
suse-su-2025:03309-1	Security update for MozillaThunderbird	2025-09-23T14:30:31Z	2025-09-23T14:30:31Z
suse-su-2025:03271-2	Security update for busybox, busybox-links	2025-09-23T14:03:30Z	2025-09-23T14:03:30Z
suse-su-2025:03271-1	Security update for busybox, busybox-links	2025-09-23T14:03:30Z	2025-09-23T14:03:30Z
suse-su-2025:02359-1	Security update for python312	2025-09-23T13:55:52Z	2025-09-23T13:55:52Z
suse-su-2025:03307-1	Security update for sevctl	2025-09-23T13:13:49Z	2025-09-23T13:13:49Z
suse-su-2025:03306-1	Security update for sevctl	2025-09-23T13:13:44Z	2025-09-23T13:13:44Z
suse-su-2025:20739-1	Security update for the Linux Kernel	2025-09-23T11:26:15Z	2025-09-23T11:26:15Z
suse-su-2025:20793-1	Security update for kernel-livepatch-MICRO-6-0-RT_Update_12	2025-09-23T09:51:38Z	2025-09-23T09:51:38Z
suse-su-2025:20740-1	Security update for kernel-livepatch-MICRO-6-0-RT_Update_12	2025-09-23T09:51:38Z	2025-09-23T09:51:38Z
suse-su-2025:20756-1	Security update for the Linux Kernel	2025-09-23T09:17:23Z	2025-09-23T09:17:23Z
suse-su-2025:20755-1	Security update for cloud-init	2025-09-23T09:05:48Z	2025-09-23T09:05:48Z
suse-su-2025:03301-1	Security update for the Linux Kernel	2025-09-23T09:05:11Z	2025-09-23T09:05:11Z
suse-su-2025:03300-1	Security update for vim	2025-09-23T09:03:45Z	2025-09-23T09:03:45Z
suse-su-2025:03299-1	Security update for vim	2025-09-23T09:02:41Z	2025-09-23T09:02:41Z
suse-su-2025:03298-1	Security update for rustup	2025-09-23T09:01:29Z	2025-09-23T09:01:29Z
suse-su-2025:03297-1	Security update for frr	2025-09-23T08:35:15Z	2025-09-23T08:35:15Z
suse-su-2025:20737-1	Security update for kernel-livepatch-MICRO-6-0-RT_Update_3	2025-09-23T07:56:26Z	2025-09-23T07:56:26Z
suse-su-2025:20791-1	Security update for kernel-livepatch-MICRO-6-0-RT_Update_10	2025-09-23T07:55:48Z	2025-09-23T07:55:48Z
suse-su-2025:20790-1	Security update for kernel-livepatch-MICRO-6-0-RT_Update_9	2025-09-23T07:55:48Z	2025-09-23T07:55:48Z
suse-su-2025:20789-1	Security update for kernel-livepatch-MICRO-6-0-RT_Update_8	2025-09-23T07:55:48Z	2025-09-23T07:55:48Z

ID	Description	Published	Updated
opensuse-su-2025:14977-1	c-ares-devel-1.34.5-1.1 on GA media	2025-04-09T00:00:00Z	2025-04-09T00:00:00Z
opensuse-su-2025:14976-1	libpoppler-cpp2-25.04.0-1.1 on GA media	2025-04-08T00:00:00Z	2025-04-08T00:00:00Z
opensuse-su-2025:14975-1	libmozjs-128-0-128.9.0-1.1 on GA media	2025-04-08T00:00:00Z	2025-04-08T00:00:00Z
opensuse-su-2025:14974-1	ffmpeg-7-7.1.1-1.1 on GA media	2025-04-08T00:00:00Z	2025-04-08T00:00:00Z
opensuse-su-2025:14973-1	etcd-3.5.21-1.1 on GA media	2025-04-08T00:00:00Z	2025-04-08T00:00:00Z
opensuse-su-2025:14972-1	apache2-mod_auth_openidc-2.4.16.11-1.1 on GA media	2025-04-08T00:00:00Z	2025-04-08T00:00:00Z
opensuse-su-2025:14971-1	MozillaFirefox-137.0-1.1 on GA media	2025-04-08T00:00:00Z	2025-04-08T00:00:00Z
opensuse-su-2025:0115-1	Security update for chromium, gn	2025-04-06T23:02:41Z	2025-04-06T23:02:41Z
opensuse-su-2025:14970-1	govulncheck-vulndb-0.0.20250402T160203-1.1 on GA media	2025-04-04T00:00:00Z	2025-04-04T00:00:00Z
opensuse-su-2025:14969-1	google-guest-agent-20250327.01-1.1 on GA media	2025-04-04T00:00:00Z	2025-04-04T00:00:00Z
opensuse-su-2025:14968-1	cyradm-3.8.4-1.1 on GA media	2025-04-04T00:00:00Z	2025-04-04T00:00:00Z
opensuse-su-2025:14967-1	chromedriver-135.0.7049.52-2.1 on GA media	2025-04-04T00:00:00Z	2025-04-04T00:00:00Z
opensuse-su-2025:14966-1	MozillaThunderbird-128.9.0-1.1 on GA media	2025-04-04T00:00:00Z	2025-04-04T00:00:00Z
opensuse-su-2025:14965-1	python311-ecdsa-0.19.1-1.1 on GA media	2025-04-03T00:00:00Z	2025-04-03T00:00:00Z
opensuse-su-2025:14964-1	gsl-2.8-4.1 on GA media	2025-04-03T00:00:00Z	2025-04-03T00:00:00Z
opensuse-su-2025:14963-1	go1.24-1.24.2-1.1 on GA media	2025-04-03T00:00:00Z	2025-04-03T00:00:00Z
opensuse-su-2025:14962-1	go1.23-1.23.8-1.1 on GA media	2025-04-03T00:00:00Z	2025-04-03T00:00:00Z
opensuse-su-2025:14961-1	firefox-esr-128.9.0-1.1 on GA media	2025-04-03T00:00:00Z	2025-04-03T00:00:00Z
opensuse-su-2025:0113-1	Security update for assimp	2025-04-02T16:31:31Z	2025-04-02T16:31:31Z
opensuse-su-2025:14960-1	perl-Data-Entropy-0.8.0-1.1 on GA media	2025-04-02T00:00:00Z	2025-04-02T00:00:00Z
opensuse-su-2025:14959-1	libsaml-devel-3.3.1-2.1 on GA media	2025-04-02T00:00:00Z	2025-04-02T00:00:00Z
opensuse-su-2025:14958-1	libmozjs-128-0-128.8.1-1.1 on GA media	2025-04-02T00:00:00Z	2025-04-02T00:00:00Z
opensuse-su-2025:14957-1	libtheora-devel-1.2.0-1.1 on GA media	2025-04-02T00:00:00Z	2025-04-02T00:00:00Z
opensuse-su-2025:14956-1	headscale-0.25.1-2.1 on GA media	2025-04-02T00:00:00Z	2025-04-02T00:00:00Z
opensuse-su-2025:14955-1	govulncheck-vulndb-0.0.20250331T171002-1.1 on GA media	2025-04-02T00:00:00Z	2025-04-02T00:00:00Z
opensuse-su-2025:14954-1	gotosocial-0.18.3-2.1 on GA media	2025-04-02T00:00:00Z	2025-04-02T00:00:00Z
opensuse-su-2025:14953-1	ghostscript-10.05.0-1.1 on GA media	2025-04-02T00:00:00Z	2025-04-02T00:00:00Z
opensuse-su-2025:14952-1	expat-2.7.1-1.1 on GA media	2025-04-02T00:00:00Z	2025-04-02T00:00:00Z
opensuse-su-2025:14951-1	aws-efs-utils-2.2.1-1.1 on GA media	2025-04-02T00:00:00Z	2025-04-02T00:00:00Z
opensuse-su-2025:14950-1	assimp-devel-5.4.3-5.1 on GA media	2025-04-02T00:00:00Z	2025-04-02T00:00:00Z

ID	Description	Published	Updated
cnvd-2025-29336	Tenda AC18栈缓冲区溢出漏洞	2024-03-15	2025-11-25
cnvd-2025-29335	Online Banquet Booking System跨站脚本漏洞	2025-07-23	2025-11-24
cnvd-2025-29334	Online Security Guards Hiring System跨站脚本漏洞	2025-07-25	2025-11-24
cnvd-2025-29333	Apple Xcode越界写入漏洞	2025-04-08	2025-11-24
cnvd-2025-29332	Apple Xcode边界检查不足漏洞	2025-11-10	2025-11-24
cnvd-2025-29331	Apple Xcode输入验证不足漏洞	2025-11-10	2025-11-24
cnvd-2025-29330	Apple macOS Sequoia权限问题漏洞（CNVD-2025-29330）	2025-11-10	2025-11-24
cnvd-2025-29329	Apple macOS Sequoia代码签名限制不足漏洞	2025-11-10	2025-11-24
cnvd-2025-29328	Apple macOS Sequoia权限问题漏洞	2025-11-10	2025-11-24
cnvd-2025-29327	Apple macOS Sequoia权限限制不足漏洞	2025-11-10	2025-11-24
cnvd-2025-29326	Apple iOS和iPadOS信息泄露漏洞	2025-11-10	2025-11-24
cnvd-2025-29325	Apple iOS和iPadOS逻辑问题检查不足漏洞	2025-11-10	2025-11-24
cnvd-2025-29324	Apple iOS和iPadOS改进检查不足漏洞	2025-11-10	2025-11-24
cnvd-2025-29323	Apple iOS和iPadOS缓存处理不当漏洞	2025-11-10	2025-11-24
cnvd-2025-29322	D-Link DAP-1325 IPAddr堆栈缓冲区溢出远程代码执行漏洞	2023-10-07	2025-11-24
cnvd-2025-29321	D-Link DAP-1325 SetAPLanSettings网关堆栈缓冲区溢出远程代码执行漏洞	2023-10-07	2025-11-24
cnvd-2025-29320	D-Link DAP-1325 SetAPLanSettings堆栈缓冲区溢出远程代码执行漏洞	2023-10-07	2025-11-24
cnvd-2025-29319	D-Link DAP-1325 get_value_of_key栈缓冲区溢出远程代码执行漏洞	2023-10-07	2025-11-24
cnvd-2025-29318	D-Link DAP-1325 get_value_from_app堆栈缓冲区溢出远程代码执行漏洞	2023-10-07	2025-11-24
cnvd-2025-29317	D-Link DAP-1325 DeviceName命令注入远程代码执行漏洞	2024-07-19	2025-11-24
cnvd-2025-29316	D-Link DAP-1325 StaticDefaultGateway命令注入远程代码执行漏洞	2024-07-19	2025-11-24
cnvd-2025-29315	D-Link DAP-1325 StaticAddress命令注入远程代码执行漏洞	2024-07-19	2025-11-24
cnvd-2025-29314	D-Link DAP-1325 IPv6Mode命令注入远程代码执行漏洞	2024-07-19	2025-11-24
cnvd-2025-29313	D-Link DAP-1325 secondaryDNS命令注入远程代码执行漏洞	2024-07-19	2025-11-24
cnvd-2025-29312	Huawei HarmonyOS和EMUI未经授权的文件访问漏洞	2024-01-23	2025-11-24
cnvd-2025-29311	Huawei HarmonyOS和EMUI权限管理漏洞	2024-01-23	2025-11-24
cnvd-2025-29310	Huawei HarmonyOS和EMUI可信关系不准确漏洞（CNVD-2025-29310）	2024-01-23	2025-11-24
cnvd-2025-29309	Huawei HarmonyOS和EMUI可信关系不准确漏洞（CNVD-2025-29309）	2024-01-23	2025-11-24
cnvd-2025-29308	Huawei HarmonyOS访问控制不当漏洞	2024-01-23	2025-11-24
cnvd-2025-29307	Huawei HarmonyOS和EMUI绕过前台服务限制漏洞	2024-01-23	2025-11-24

ID	Description	Published	Updated
certfr-2025-avi-0218	Multiples vulnérabilités dans Atlassian Jira	2025-03-19T00:00:00.000000	2025-03-19T00:00:00.000000
certfr-2025-avi-0216	Multiples vulnérabilités dans les produits Schneider Electric	2025-03-17T00:00:00.000000	2025-03-17T00:00:00.000000
certfr-2025-avi-0215	Multiples vulnérabilités dans VMware Tanzu Gemfire	2025-03-17T00:00:00.000000	2025-03-17T00:00:00.000000
certfr-2025-avi-0214	Multiples vulnérabilités dans les produits IBM	2025-03-14T00:00:00.000000	2025-03-14T00:00:00.000000
certfr-2025-avi-0213	Multiples vulnérabilités dans le noyau Linux de Red Hat	2025-03-14T00:00:00.000000	2025-03-14T00:00:00.000000
certfr-2025-avi-0212	Multiples vulnérabilités dans le noyau Linux de SUSE	2025-03-14T00:00:00.000000	2025-03-14T00:00:00.000000
certfr-2025-avi-0211	Multiples vulnérabilités dans le noyau Linux d'Ubuntu	2025-03-14T00:00:00.000000	2025-03-14T00:00:00.000000
certfr-2025-avi-0210	Multiples vulnérabilités dans VMware Tanzu	2025-03-14T00:00:00.000000	2025-03-14T00:00:00.000000
certfr-2025-avi-0209	Multiples vulnérabilités dans PHP	2025-03-14T00:00:00.000000	2025-03-14T00:00:00.000000
certfr-2025-avi-0208	Vulnérabilité dans Microsoft Dataverse	2025-03-14T00:00:00.000000	2025-03-14T00:00:00.000000
certfr-2025-avi-0207	Multiples vulnérabilités dans Cisco IOS XR	2025-03-13T00:00:00.000000	2025-03-13T00:00:00.000000
certfr-2025-avi-0206	Vulnérabilité dans Juniper Networks Junos OS	2025-03-13T00:00:00.000000	2025-03-13T00:00:00.000000
certfr-2025-avi-0205	Multiples vulnérabilités dans GitLab	2025-03-13T00:00:00.000000	2025-03-13T00:00:00.000000
certfr-2025-avi-0204	Multiples vulnérabilités dans les produits Palo Alto Networks	2025-03-13T00:00:00.000000	2025-03-13T00:00:00.000000
certfr-2025-avi-0203	Multiples vulnérabilités dans Microsoft Edge	2025-03-13T00:00:00.000000	2025-03-13T00:00:00.000000
certfr-2025-avi-0202	Vulnérabilité dans Joomla!	2025-03-12T00:00:00.000000	2025-03-12T00:00:00.000000
certfr-2025-avi-0201	Multiples vulnérabilités dans les produits Adobe	2025-03-12T00:00:00.000000	2025-03-12T00:00:00.000000
certfr-2025-avi-0200	Vulnérabilité dans Apache Tomcat	2025-03-12T00:00:00.000000	2025-03-12T00:00:00.000000
certfr-2025-avi-0199	Vulnérabilité dans les produits Apple	2025-03-12T00:00:00.000000	2025-03-12T00:00:00.000000
certfr-2025-avi-0198	Multiples vulnérabilités dans les produits Ivanti	2025-03-12T00:00:00.000000	2025-03-12T00:00:00.000000
certfr-2025-avi-0197	Multiples vulnérabilités dans les produits Fortinet	2025-03-12T00:00:00.000000	2025-03-12T00:00:00.000000
certfr-2025-avi-0196	Multiples vulnérabilités dans les produits Microsoft	2025-03-12T00:00:00.000000	2025-03-12T00:00:00.000000
certfr-2025-avi-0195	Multiples vulnérabilités dans Microsoft Azure	2025-03-12T00:00:00.000000	2025-03-12T00:00:00.000000
certfr-2025-avi-0194	Vulnérabilité dans Microsoft .Net	2025-03-12T00:00:00.000000	2025-03-12T00:00:00.000000
certfr-2025-avi-0193	Multiples vulnérabilités dans Microsoft Windows	2025-03-12T00:00:00.000000	2025-03-12T00:00:00.000000
certfr-2025-avi-0192	Multiples vulnérabilités dans Microsoft Office	2025-03-12T00:00:00.000000	2025-03-12T00:00:00.000000
certfr-2025-avi-0191	Multiples vulnérabilités dans les produits Siemens	2025-03-11T00:00:00.000000	2025-03-11T00:00:00.000000
certfr-2025-avi-0190	Multiples vulnérabilités dans les produits SAP	2025-03-11T00:00:00.000000	2025-03-11T00:00:00.000000
certfr-2025-avi-0189	Multiples vulnérabilités dans Google Chrome	2025-03-11T00:00:00.000000	2025-03-11T00:00:00.000000
certfr-2025-avi-0188	Multiples vulnérabilités dans les produits Qnap	2025-03-10T00:00:00.000000	2025-03-10T00:00:00.000000

ID	Description	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated