Recent vulnerabilities

Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
ID CVSS Description Vendor Product Published Updated
CVE-2026-40352
8.8 (3.1)
FastGPT: NoSQL Injection in updatePasswordByOld Leads … labring
FastGPT
2026-04-17T21:09:32.913Z 2026-04-17T21:09:32.913Z
CVE-2026-40306
6.9 (4.0)
DNN has same HostGUID for all new installs dnnsoftware
Dnn.Platform
2026-04-17T21:09:30.317Z 2026-04-17T21:09:30.317Z
CVE-2026-40305
4.3 (3.1)
DNN has Force Friend Request Acceptance dnnsoftware
Dnn.Platform
2026-04-17T21:06:09.237Z 2026-04-17T21:06:09.237Z
CVE-2026-40351
9.8 (3.1)
FastGPT: NoSQL Injection in loginByPassword leads to A… labring
FastGPT
2026-04-17T21:05:05.911Z 2026-04-17T21:05:05.911Z
CVE-2026-40304
5.3 (3.1)
zrok's broken ownership check in DELETE /api/v2/unacce… openziti
zrok
2026-04-17T21:04:23.648Z 2026-04-17T21:04:23.648Z
CVE-2026-40303
7.5 (3.1)
zrok allows unauthenticated DoS via unbounded memory a… openziti
zrok
2026-04-17T21:01:51.899Z 2026-04-17T21:01:51.899Z
CVE-2026-40196
8.1 (3.1)
HomeBox has Unauthorized API Access via Retained defau… sysadminsmedia
homebox
2026-04-17T21:01:18.530Z 2026-04-17T21:01:18.530Z
CVE-2026-40302
6.1 (3.1)
zrok has reflected XSS in GitHub OAuth callback via un… openziti
zrok
2026-04-17T20:56:08.368Z 2026-04-17T20:56:08.368Z
CVE-2026-40155
5.4 (3.1)
Auth0 Next.js SDK has Improper Proxy Cache Lookup auth0
nextjs-auth0
2026-04-17T20:54:38.958Z 2026-04-17T20:54:38.958Z
CVE-2026-40301
4.7 (3.1)
rhukster/dom-sanitizer: SVG <style> tag allows CSS inj… rhukster
dom-sanitizer
2026-04-17T20:51:37.226Z 2026-04-17T20:51:37.226Z
CVE-2026-40299
6.9 (4.0)
next-intl has an open redirect vulnerability amannn
next-intl
2026-04-17T20:49:05.642Z 2026-04-17T20:49:05.642Z
CVE-2026-40293
6.5 (3.1)
OpenFGA Playground Preshared Key Exposure openfga
openfga
2026-04-17T20:47:06.804Z 2026-04-17T20:47:06.804Z
CVE-2026-35603
5.4 (4.0)
Claude Code: Insecure System-Wide Configuration Loadin… anthropics
claude-code
2026-04-17T20:38:49.901Z 2026-04-17T20:38:49.901Z
CVE-2026-31927
4.9 (3.1)
Anviz CX7 Firmware Relative Path Traversal Anviz
Anviz CX7 Firmware
2026-04-17T19:24:53.893Z 2026-04-17T20:34:41.679Z
CVE-2026-35402
2.3 (4.0)
mcp-neo4j-cypher: SSRF and Data Modification via read_… neo4j-contrib
mcp-neo4j
2026-04-17T20:34:06.510Z 2026-04-17T20:34:06.510Z
CVE-2026-33569
6.5 (3.1)
Anviz Products Cleartext Transmission of Sensitive Inf… Anviz
Anviz CX7 Firmware
2026-04-17T19:30:46.066Z 2026-04-17T20:32:48.104Z
CVE-2026-35682
8.8 (3.1)
Anviz CX2 Lite Command Injection Anviz
Anviz CX2 Lite Firmware
2026-04-17T19:46:26.716Z 2026-04-17T20:30:18.510Z
CVE-2026-33436
3.1 (3.1)
Stirling-PDF: Reflected XSS through crafted filename i… Stirling-Tools
Stirling-PDF
2026-04-17T20:29:43.262Z 2026-04-17T20:29:43.262Z
CVE-2026-40434
8.1 (3.1)
Anviz CrossChex Standard Improper Verification of Sour… Anviz
Anviz CrossChex Standard
2026-04-17T19:49:28.099Z 2026-04-17T20:28:02.785Z
CVE-2026-40286
7.5 (3.1)
WeGIA has Cross-Site Scripting in Controle de Contribuição LabRedesCefetRJ
WeGIA
2026-04-17T20:27:59.131Z 2026-04-17T20:27:59.131Z
CVE-2026-32650
7.5 (3.1)
Anviz CrossChex Standard Algorithm Downgrade Anviz
Anviz CrossChex Standard
2026-04-17T19:52:45.308Z 2026-04-17T20:26:17.922Z
CVE-2026-23500
9.4 (4.0)
Dolibarr: OS Command Injection (RCE) via MAIN_ODT_AS_P… Dolibarr
dolibarr
2026-04-17T20:25:49.843Z 2026-04-17T20:25:49.843Z
CVE-2026-40285
8.8 (3.1)
WeGIA has SQL Injection via Session Variable Override … LabRedesCefetRJ
WeGIA
2026-04-17T20:25:33.185Z 2026-04-17T20:25:33.185Z
CVE-2026-40527
8.5 (4.0)
7.8 (3.1)
radare2 Command Injection via DWARF Parameter Names radareorg
radare2
2026-04-17T20:25:20.143Z 2026-04-17T20:25:20.143Z
CVE-2026-40284
6.8 (3.1)
WeGIA has stored XSS in listar_despachos.php LabRedesCefetRJ
WeGIA
2026-04-17T20:24:10.282Z 2026-04-17T20:24:10.282Z
CVE-2026-40282
6.4 (4.0)
WeGIA has stored XSS in intercorrencia_visualizar.php LabRedesCefetRJ
WeGIA
2026-04-17T20:16:46.878Z 2026-04-17T20:23:13.483Z
CVE-2026-35512
8.7 (4.0)
xrdp: Heap buffer overflow in EGFX channel neutrinolabs
xrdp
2026-04-17T20:21:59.868Z 2026-04-17T20:21:59.868Z
CVE-2026-33689
8.7 (4.0)
xrdp: Pre-authentication out-of-bounds reads in channe… neutrinolabs
xrdp
2026-04-17T20:16:31.248Z 2026-04-17T20:16:31.248Z
CVE-2026-33145
6.3 (3.1)
xrdp: Authenticated RCE via unsanitized AlternateShell… neutrinolabs
xrdp
2026-04-17T20:14:14.048Z 2026-04-17T20:15:20.525Z
CVE-2026-32324
7.7 (3.1)
Anviz CX7 Firmware Use of Hard-coded Cryptographic Key Anviz
Anviz CX7 Firmware
2026-04-17T19:22:12.097Z 2026-04-17T20:10:48.189Z
ID CVSS Description Vendor Product Published Updated
CVE-2026-35596
4.3 (3.1)
Vikunja has Broken Access Control on Label Read via SQ… go-vikunja
vikunja
2026-04-10T15:59:43.255Z 2026-04-14T14:51:51.537Z
CVE-2026-35597
5.9 (3.1)
Vikunja Affected by TOTP Brute-Force Due to Non-Functi… go-vikunja
vikunja
2026-04-10T16:03:19.636Z 2026-04-13T15:37:11.358Z
CVE-2026-35598
4.3 (3.1)
Vikunja has Missing Authorization on CalDAV Task Read go-vikunja
vikunja
2026-04-10T16:04:32.083Z 2026-04-14T14:20:44.249Z
CVE-2026-35599
6.5 (3.1)
Vikunja has an Algorithmic Complexity DoS in Repeating… go-vikunja
vikunja
2026-04-10T16:05:57.581Z 2026-04-10T18:28:29.310Z
CVE-2026-35600
5.4 (3.1)
Vikunja has HTML Injection via Task Titles in Overdue … go-vikunja
vikunja
2026-04-10T16:07:07.846Z 2026-04-14T15:01:18.724Z
CVE-2026-35601
4.1 (3.1)
Vikunja has an iCalendar Property Injection via CRLF i… go-vikunja
vikunja
2026-04-10T16:08:50.519Z 2026-04-13T15:37:03.974Z
CVE-2026-35602
5.4 (3.1)
Vikunja has a File Size Limit Bypass via Vikunja Import go-vikunja
vikunja
2026-04-10T16:10:39.630Z 2026-04-14T14:19:30.140Z
CVE-2026-29063
8.7 (4.0)
Immutable.js: Improperly Controlled Modification of Ob… immutable-js
immutable-js
2026-03-06T18:25:22.438Z 2026-03-06T19:33:31.642Z
CVE-2026-31940
7.5 (3.1)
Session Fixation in Chamilo LMS chamilo
chamilo-lms
2026-04-10T17:35:10.661Z 2026-04-14T14:12:28.550Z
CVE-2026-31941
7.7 (3.1)
Server-Side Request Forgery (SSRF) in Chamilo LMS chamilo
chamilo-lms
2026-04-10T17:37:50.948Z 2026-04-10T18:33:22.920Z
CVE-2026-32892
9.1 (3.1)
OS Command Injection in Chamilo LMS 1.11.36 chamilo
chamilo-lms
2026-04-10T17:56:57.695Z 2026-04-14T14:07:14.704Z
CVE-2025-15602
8.7 (4.0)
8.8 (3.1)
Snipe-IT < 8.3.7 Mass Assignment Vulnerability Leading… Grokability, Inc.
Snipe-IT
2026-03-06T16:16:08.531Z 2026-03-09T15:12:11.595Z
CVE-2026-32893
5.4 (3.1)
Chamilo LMS has Reflected XSS via Unsanitized http_bui… chamilo
chamilo-lms
2026-04-10T17:42:24.220Z 2026-04-15T14:51:41.852Z
CVE-2026-32894
7.1 (3.1)
Chamilo LMS has an IDOR in Gradebook Allows Cross-Cour… chamilo
chamilo-lms
2026-04-10T17:44:24.994Z 2026-04-13T15:36:28.238Z
CVE-2026-32930
7.1 (3.1)
Chamilo LMS has an IDOR in Gradebook Allows Cross-Cour… chamilo
chamilo-lms
2026-04-10T17:48:51.774Z 2026-04-10T18:32:13.726Z
CVE-2026-32931
7.5 (3.1)
Chamilo LMS has Arbitrary File Upload via MIME-Only Va… chamilo
chamilo-lms
2026-04-10T17:50:40.176Z 2026-04-15T14:56:10.732Z
CVE-2026-32932
4.7 (3.1)
Chamilo LMS has an Open Redirect via Unvalidated 'page… chamilo
chamilo-lms
2026-04-10T17:51:58.480Z 2026-04-13T15:36:22.092Z
CVE-2026-33141
6.5 (3.1)
Chamilo LMS has an IDOR in REST API Stats Endpoint Exp… chamilo
chamilo-lms
2026-04-10T18:01:26.027Z 2026-04-14T14:06:11.889Z
CVE-2026-31939
8.3 (3.1)
Path Traversal (Arbitrary File Delete) in Chamilo LMS chamilo
chamilo-lms
2026-04-10T17:32:29.252Z 2026-04-13T15:36:34.681Z
CVE-2026-34238
5.1 (3.1)
ImageMagick: Integer overflow in despeckle operation c… ImageMagick
ImageMagick
2026-04-13T21:14:07.180Z 2026-04-14T13:46:39.542Z
CVE-2026-33899
5.3 (3.1)
ImageMagick: Heap BufferOverflow write of single zero … ImageMagick
ImageMagick
2026-04-13T20:46:43.781Z 2026-04-16T13:26:40.513Z
CVE-2026-28518
8.4 (4.0)
7.8 (3.1)
OpenViking .ovpack Import ZIP Slip Path Traversal Volcengine
OpenViking
2026-03-03T14:36:13.472Z 2026-03-31T20:44:01.330Z
CVE-2026-33900
5.9 (3.1)
ImageMagick has a Heap overflow caused by integer over… ImageMagick
ImageMagick
2026-04-13T20:50:19.615Z 2026-04-14T16:28:41.536Z
CVE-2026-33894
7.5 (3.1)
Forge has signature forgery in RSA-PKCS due to ASN.1 e… digitalbazaar
forge
2026-03-27T20:45:49.583Z 2026-03-31T14:05:14.708Z
CVE-2026-40527
8.5 (4.0)
7.8 (3.1)
radare2 Command Injection via DWARF Parameter Names radareorg
radare2
2026-04-17T20:25:20.143Z 2026-04-17T20:25:20.143Z
CVE-2026-40303
7.5 (3.1)
zrok allows unauthenticated DoS via unbounded memory a… openziti
zrok
2026-04-17T21:01:51.899Z 2026-04-17T21:01:51.899Z
CVE-2026-40302
6.1 (3.1)
zrok has reflected XSS in GitHub OAuth callback via un… openziti
zrok
2026-04-17T20:56:08.368Z 2026-04-17T20:56:08.368Z
CVE-2026-40301
4.7 (3.1)
rhukster/dom-sanitizer: SVG <style> tag allows CSS inj… rhukster
dom-sanitizer
2026-04-17T20:51:37.226Z 2026-04-17T20:51:37.226Z
CVE-2026-40299
6.9 (4.0)
next-intl has an open redirect vulnerability amannn
next-intl
2026-04-17T20:49:05.642Z 2026-04-17T20:49:05.642Z
CVE-2026-40293
6.5 (3.1)
OpenFGA Playground Preshared Key Exposure openfga
openfga
2026-04-17T20:47:06.804Z 2026-04-17T20:47:06.804Z
ID Description Published Updated
fkie_cve-2026-35602 Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the Vikunja file im… 2026-04-10T17:17:03.993 2026-04-17T21:49:40.743
fkie_cve-2026-29063 Immutable.js provides many Persistent Immutable data structures. Prior to versions 3.8.3, 4.3.7, an… 2026-03-06T19:16:21.557 2026-04-17T21:32:18.947
fkie_cve-2026-31940 Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, in main/lp/aicc_hacp.… 2026-04-10T18:16:41.483 2026-04-17T21:31:36.710
fkie_cve-2026-31941 Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains … 2026-04-10T18:16:41.640 2026-04-17T21:31:11.793
fkie_cve-2026-32892 Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains … 2026-04-10T18:16:41.797 2026-04-17T21:30:50.533
fkie_cve-2025-15602 Snipe-IT versions prior to 8.3.7 contain sensitive user attributes related to account privileges th… 2026-03-06T17:16:24.600 2026-04-17T21:30:32.877
fkie_cve-2026-32893 Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, a Reflected Cross-Site Scripting … 2026-04-10T18:16:41.953 2026-04-17T21:30:03.257
fkie_cve-2026-32894 Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Insecure Direct Ob… 2026-04-10T18:16:42.117 2026-04-17T21:28:56.970
fkie_cve-2026-32930 Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Insecure Direct Ob… 2026-04-10T18:16:42.280 2026-04-17T21:28:36.707
fkie_cve-2026-32931 Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an unrestricted file … 2026-04-10T18:16:42.430 2026-04-17T21:27:59.237
fkie_cve-2026-32932 Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Open Redirect vuln… 2026-04-10T18:16:42.590 2026-04-17T21:27:32.730
fkie_cve-2026-33141 Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Referen… 2026-04-10T18:16:42.743 2026-04-17T21:24:02.230
fkie_cve-2026-31939 Chamilo LMS is a learning management system. Prior to 1.11.38, there is a path traversal in main/ex… 2026-04-10T18:16:41.313 2026-04-17T21:23:42.527
fkie_cve-2026-34238 ImageMagick is free and open-source software used for editing and manipulating digital images. In v… 2026-04-13T22:16:29.310 2026-04-17T21:22:41.077
fkie_cve-2026-33899 ImageMagick is free and open-source software used for editing and manipulating digital images. In v… 2026-04-13T21:16:25.170 2026-04-17T21:20:26.970
fkie_cve-2026-28518 OpenViking versions 0.2.1 and prior, fixed in commit 46b3e76, contain a path traversal vulnerabilit… 2026-03-03T15:16:20.593 2026-04-17T21:19:50.927
fkie_cve-2026-33900 ImageMagick is free and open-source software used for editing and manipulating digital images. In v… 2026-04-13T21:16:25.333 2026-04-17T21:19:44.483
fkie_cve-2026-33894 Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScri… 2026-03-27T21:17:25.983 2026-04-17T21:16:42.030
fkie_cve-2026-40527 radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj comman… 2026-04-17T21:16:35.373 2026-04-17T21:16:35.373
fkie_cve-2026-40303 zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, en… 2026-04-17T21:16:35.140 2026-04-17T21:16:35.140
fkie_cve-2026-40302 zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, th… 2026-04-17T21:16:34.997 2026-04-17T21:16:34.997
fkie_cve-2026-40301 DOMSanitizer is a DOM/SVG/MathML Sanitizer for PHP 7.3+. Prior to version 1.0.10, DOMSanitizer::san… 2026-04-17T21:16:34.850 2026-04-17T21:16:34.850
fkie_cve-2026-40299 next-intl provides internationalization for Next.js. Applications using the `next-intl` middleware … 2026-04-17T21:16:34.707 2026-04-17T21:16:34.707
fkie_cve-2026-40293 OpenFGA is an authorization/permission engine built for developers. In versions 0.1.4 through 1.13.… 2026-04-17T21:16:34.567 2026-04-17T21:16:34.567
fkie_cve-2026-40286 WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Sit… 2026-04-17T21:16:34.430 2026-04-17T21:16:34.430
fkie_cve-2026-40285 WeGIA is a web manager for charitable institutions. Versions prior to 3.6.10 contain a SQL injectio… 2026-04-17T21:16:34.267 2026-04-17T21:16:34.267
fkie_cve-2026-40284 WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Sit… 2026-04-17T21:16:34.140 2026-04-17T21:16:34.140
fkie_cve-2026-40282 WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Sit… 2026-04-17T21:16:34.007 2026-04-17T21:16:34.007
fkie_cve-2026-40196 HomeBox is a home inventory and organization system. Versions prior to 0.25.0 contain a vulnerabili… 2026-04-17T21:16:33.863 2026-04-17T21:16:33.863
fkie_cve-2026-40155 The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. In… 2026-04-17T21:16:33.713 2026-04-17T21:16:33.713
ID Severity Description Published Updated
ghsa-8gmg-3w2q-65f4
8.4 (3.1)
OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file over… 2026-04-17T22:21:41Z 2026-04-17T22:21:41Z
ghsa-3jfp-46x4-xgfj
6.9 (4.0)
yard: Possible arbitrary path traversal and file access via yard server 2026-04-17T22:21:03Z 2026-04-17T22:21:03Z
ghsa-85gx-3qv6-4463
8.1 (3.1)
Dapr: Service Invocation path traversal ACL bypass 2026-04-17T22:20:40Z 2026-04-17T22:20:40Z
ghsa-5cwg-9f6j-9jvx
5.4 (4.0)
Claude Code: Insecure System-Wide Configuration Loading Enables Local Privilege Escalation on Windows 2026-04-17T22:19:38Z 2026-04-17T22:19:38Z
ghsa-f7fh-qg34-x2xh
6.3 (4.0)
OpenClaw: CDP /json/version WebSocket URL could pivot to untrusted second-hop targets 2026-04-17T22:18:28Z 2026-04-17T22:18:28Z
ghsa-jhpv-5j76-m56h
6.0 (4.0)
OpenClaw: Sender policy bypass in host media attachment reads allows unauthorized local file disclosure 2026-04-17T22:17:57Z 2026-04-17T22:17:57Z
ghsa-66r7-m7xm-v49h
7.1 (4.0)
OpenClaw: QQBot media tags could read arbitrary local files through reply text 2026-04-17T22:17:05Z 2026-04-17T22:17:05Z
ghsa-2cq5-mf3v-mx44
8.6 (4.0)
OpenClaw: busybox and toybox applet execution weakened exec approval binding 2026-04-17T22:16:04Z 2026-04-17T22:16:04Z
ghsa-7jp6-r74r-995q
7.1 (4.0)
OpenClaw: Matrix profile config persistence was reachable from operator.write message tools 2026-04-17T22:15:27Z 2026-04-17T22:15:27Z
ghsa-736r-jwj6-4w23
8.3 (4.0)
OpenClaw: Sandboxed agents could escape exec routing via host=node override 2026-04-17T22:14:56Z 2026-04-17T22:14:56Z
ghsa-536q-mj95-h29h
5.3 (4.0)
OpenClaw: Browser press/type interaction routes missed complete navigation guard coverage 2026-04-17T22:14:29Z 2026-04-17T22:14:29Z
ghsa-qmwg-qprg-3j38
5.9 (4.0)
OpenClaw: Browser interaction routes could pivot into local CDP and regain file reads 2026-04-17T22:14:20Z 2026-04-17T22:14:20Z
ghsa-939r-rj45-g2rj
8.6 (4.0)
OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins 2026-04-17T22:12:49Z 2026-04-17T22:12:49Z
ghsa-527m-976r-jf79
6.3 (4.0)
OpenClaw: Existing-session browser interaction routes bypassed SSRF policy enforcement 2026-04-17T22:11:33Z 2026-04-17T22:11:33Z
ghsa-rj2p-j66c-mgqh
6.9 (4.0)
OpenClaw: Browser tabs action select and close routes bypassed SSRF policy 2026-04-17T22:01:57Z 2026-04-17T22:01:57Z
ghsa-f3h5-h452-vp3j
5.3 (4.0)
OpenClaw: Nostr profile mutation routes allowed operator.write config persistence 2026-04-17T22:00:59Z 2026-04-17T22:00:59Z
ghsa-525j-hqq2-66r4
7.5 (4.0)
OpenClaw: Sandbox browser CDP relay could expose DevTools protocol on 0.0.0.0 2026-04-17T21:59:55Z 2026-04-17T21:59:55Z
ghsa-82qx-6vj7-p8m2
7.1 (4.0)
OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows 2026-04-17T21:58:46Z 2026-04-17T21:58:46Z
ghsa-jf25-7968-h2h5
5.3 (4.0)
OpenClaw: screen_record outPath bypassed workspace-only filesystem guard 2026-04-17T21:58:24Z 2026-04-17T21:58:24Z
ghsa-53vx-pmqw-863c
6.9 (4.0)
OpenClaw: Browser SSRF policy default allowed private-network navigation 2026-04-17T21:58:15Z 2026-04-17T21:58:15Z
ghsa-xq94-r468-qwgj
6.3 (4.0)
OpenClaw: Browser SSRF hostname validation could be bypassed by DNS rebinding 2026-04-17T21:58:01Z 2026-04-17T21:58:01Z
ghsa-2767-2q9v-9326
5.3 (4.0)
OpenClaw: QQBot reply media URL handling could trigger SSRF and re-upload fetched bytes 2026-04-17T21:57:31Z 2026-04-17T21:57:31Z
ghsa-7wv4-cc7p-jhxc
6.8 (4.0)
OpenClaw: Workspace .env could inject OpenClaw runtime-control variables 2026-04-17T21:56:12Z 2026-04-17T21:56:12Z
ghsa-c9h3-5p7r-mrjh
5.3 (4.0)
OpenClaw: Discord event cover images bypassed sandbox media normalization 2026-04-17T21:56:04Z 2026-04-17T21:56:04Z
ghsa-49cg-279w-m73x
6.0 (4.0)
OpenClaw: Empty approver lists could grant explicit approval authorization 2026-04-17T21:55:54Z 2026-04-17T21:55:54Z
ghsa-7g8c-cfr3-vqqr
6.6 (4.0)
OpenClaw: Agent hook events could enqueue trusted system events from unsanitized external input 2026-04-17T21:55:20Z 2026-04-17T21:55:21Z
ghsa-vfp4-8x56-j7c5
7.1 (4.0)
OpenClaw: Exec environment denylist missed high-risk interpreter startup variables 2026-04-17T21:54:20Z 2026-04-17T21:54:21Z
ghsa-j6c7-3h5x-99g9
6.3 (4.0)
OpenClaw: Shell-wrapper detection missed env-argv assignment injection forms 2026-04-17T21:53:36Z 2026-04-17T21:53:36Z
ghsa-5gjc-grvm-m88j
4.9 (4.0)
OpenClaw: Memory dreaming config persistence was reachable from operator.write commands 2026-04-17T21:53:17Z 2026-04-17T21:53:17Z
ghsa-gc9r-867r-j85f
1.7 (4.0)
OpenClaw: Microsoft Teams SSO invoke handler missed sender authorization checks 2026-04-17T21:51:04Z 2026-04-17T21:51:04Z
ID Severity Description Package Published Updated
pysec-2025-36
9.8 (3.1)
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/valida… langflow 2025-04-07T15:15:44+00:00 2025-05-07T19:22:44.993642+00:00
pysec-2024-246
5.3 (3.1)
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in… vyper 2024-04-25T17:15:50+00:00 2025-05-05T19:21:20.899426+00:00
pysec-2024-111
9.1 (3.1)
A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langcha… langchain 2024-10-29T13:15:00Z 2025-05-02T18:39:47.588215Z
pysec-2024-245
Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated user… apache-airflow 2024-02-29T11:15:08+00:00 2025-05-01T21:22:38.598048+00:00
pysec-2025-35
7.5 (3.1)
Weblate is a web based localization tool. Prior to version 5.11, when creating a new comp… weblate 2025-04-15T21:16:04+00:00 2025-04-30T17:22:51.467257+00:00
pysec-2025-34
The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_… picklescan 2025-04-24T01:15:49+00:00 2025-04-24T03:08:15.436691+00:00
pysec-2025-33
7.5 (3.1)
Vyper is a Pythonic Smart Contract Language for the EVM. When the Vyper Compiler uses the… vyper 2025-01-14T18:16:05+00:00 2025-04-23T21:23:01.322686+00:00
pysec-2025-32
9.8 (3.1)
BentoML is a Python library for building online serving systems optimized for AI apps and… bentoml 2025-04-09T16:15:25+00:00 2025-04-22T19:21:34.073355+00:00
pysec-2025-31
vyper is a Pythonic Smart Contract Language for the EVM. Vyper handles AugAssign statemen… vyper 2025-02-21T22:15:13+00:00 2025-04-09T17:27:28.116292+00:00
pysec-2025-30
vyper is a Pythonic Smart Contract Language for the EVM. Multiple evaluation of a single … vyper 2025-02-21T22:15:13+00:00 2025-04-09T17:27:28.064106+00:00
pysec-2025-29
vyper is a Pythonic Smart Contract Language for the EVM. Vyper `sqrt()` builtin uses the … vyper 2025-02-21T22:15:13+00:00 2025-04-09T17:27:28.005382+00:00
pysec-2025-28
The Snowflake Connector for Python provides an interface for developing Python applicatio… snowflake-connector-python 2025-01-29T21:15:21+00:00 2025-04-09T17:27:27.772920+00:00
pysec-2025-27
The Snowflake Connector for Python provides an interface for developing Python applicatio… snowflake-connector-python 2025-01-29T21:15:21+00:00 2025-04-09T17:27:27.711157+00:00
pysec-2025-26
The Snowflake Connector for Python provides an interface for developing Python applicatio… snowflake-connector-python 2025-01-29T21:15:21+00:00 2025-04-09T17:27:27.645758+00:00
pysec-2021-891
7.8 (3.1)
CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 S… salt 2021-03-03T10:15:13+00:00 2025-04-09T17:27:27.582884+00:00
pysec-2025-25
6.5 (3.1)
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middle… rembg 2025-03-03T17:15:14+00:00 2025-04-09T17:27:27.532849+00:00
pysec-2025-24
7.5 (3.1)
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove… rembg 2025-03-03T17:15:14+00:00 2025-04-09T17:27:27.486485+00:00
pysec-2025-23
Versions of the package ray before 2.43.0 are vulnerable to Insertion of Sensitive Inform… ray 2025-03-06T05:15:16+00:00 2025-04-09T17:27:27.434099+00:00
pysec-2022-43179
7.3 (3.1)
Poetry is a dependency manager for Python. To handle dependencies that come from a Git re… poetry 2022-09-07T19:15:08+00:00 2025-04-09T17:27:27.255151+00:00
pysec-2025-22
9.8 (3.1)
A vulnerability, that could result in Remote Code Execution (RCE), has been found in Plot… plotai 2025-03-10T14:15:24+00:00 2025-04-09T17:27:27.203714+00:00
pysec-2023-311
5.4 (3.1)
plone.namedfile allows users to handle `File` and `Image` fields targeting, but not depen… plone-namedfile 2023-09-21T15:15:10+00:00 2025-04-09T17:27:27.153848+00:00
pysec-2025-21
9.8 (3.1)
picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model arch… picklescan 2025-03-10T12:15:12+00:00 2025-04-09T17:27:27.016747+00:00
pysec-2025-20
6.5 (3.1)
picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes i… picklescan 2025-03-10T12:15:10+00:00 2025-04-09T17:27:26.966215+00:00
pysec-2025-19
9.8 (3.1)
picklescan before 0.0.22 only considers standard pickle file extensions in the scope for … picklescan 2025-03-03T19:15:34+00:00 2025-04-09T17:27:26.916350+00:00
pysec-2025-18
picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craf… picklescan 2025-02-26T15:15:24+00:00 2025-04-09T17:27:26.867210+00:00
pysec-2023-310
7.5 (3.1)
Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NO… mobsf 2023-09-21T22:15:11+00:00 2025-04-09T17:27:26.663665+00:00
pysec-2025-17
5.5 (3.1)
In mlflow/mlflow version 2.18, an admin is able to create a new user account without sett… mlflow 2025-03-20T10:15:54+00:00 2025-04-09T17:27:26.322333+00:00
pysec-2023-309
8.8 (3.1)
Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2. mlflow 2023-12-13T00:15:07+00:00 2025-04-09T17:27:26.271200+00:00
pysec-2023-308
10.0 (3.1)
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0. mlflow 2023-07-19T01:15:10+00:00 2025-04-09T17:27:26.223213+00:00
pysec-2025-16
7.5 (3.1)
LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery (SSRF) vu… lnbits 2025-04-06T20:15:15+00:00 2025-04-09T17:27:25.872691+00:00
ID Description Updated
gsd-2024-33855 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.741239Z
gsd-2024-33851 phpecc, as used in paragonie/phpecc before 2.0.1, has a branch-based timing leak in Point… 2024-04-28T05:02:07.732559Z
gsd-2024-33879 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.727068Z
gsd-2024-4294 A vulnerability, which was classified as critical, has been found in PHPGurukul Doctor Ap… 2024-04-28T05:02:06.079201Z
gsd-2024-4292 A vulnerability classified as critical has been found in Contemporary Controls BASrouter … 2024-04-28T05:02:06.073286Z
gsd-2024-4295 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:06.068263Z
gsd-2024-4291 A vulnerability was found in Tenda A301 15.13.08.12_multi_TDE01. It has been rated as cri… 2024-04-28T05:02:06.058388Z
gsd-2024-4293 A vulnerability classified as problematic was found in PHPGurukul Doctor Appointment Mana… 2024-04-28T05:02:06.052534Z
gsd-2023-52722 An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zmisc1.c, when SAFER … 2024-04-28T05:01:28.746814Z
gsd-2022-48685 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:00:27.870720Z
gsd-2022-48684 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:00:27.715598Z
gsd-2024-24777 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:24.547536Z
gsd-2024-28875 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:20.401696Z
gsd-2024-33786 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.606155Z
gsd-2024-33697 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln… 2024-04-27T05:02:18.598872Z
gsd-2024-33722 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.598142Z
gsd-2024-33784 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.595808Z
gsd-2024-33788 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.591276Z
gsd-2024-33814 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.590797Z
gsd-2024-33701 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.589032Z
gsd-2024-33776 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.587852Z
gsd-2024-33712 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.587066Z
gsd-2024-33840 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.586722Z
gsd-2024-33838 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.585807Z
gsd-2024-33749 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.584613Z
gsd-2024-33839 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.579161Z
gsd-2024-33733 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.577869Z
gsd-2024-33845 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.569462Z
gsd-2024-33741 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.568527Z
gsd-2024-33738 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.562140Z
ID Description Published Updated
mal-2025-1994 Malicious code in requesttss (PyPI) 2025-01-25T16:53:01Z 2026-04-16T15:42:11Z
mal-2025-1984 Malicious code in nflx-metaflow (PyPI) 2025-02-05T22:04:22Z 2026-04-16T15:42:11Z
mal-2025-1980 Malicious code in mlc-ai-nightly (PyPI) 2025-01-21T18:27:56Z 2026-04-16T15:42:11Z
mal-2025-192914 Malicious code in queenbee-plugin (RubyGems) 2025-12-23T08:41:05Z 2026-04-16T15:42:11Z
mal-2025-191631 Malicious code in hexdecpy (PyPI) 2025-10-24T21:59:02Z 2026-04-16T15:42:11Z
mal-2025-191630 Malicious code in hexdecli (PyPI) 2025-10-25T16:03:26Z 2026-04-16T15:42:11Z
mal-2026-2661 Malicious code in vip-landing (npm) 2026-04-14T11:47:12Z 2026-04-16T15:42:10Z
mal-2026-2660 Malicious code in use-feature-flags-plugin (npm) 2026-04-14T11:47:12Z 2026-04-16T15:42:10Z
mal-2026-2659 Malicious code in ui-utils-udhay-alerts (npm) 2026-04-14T11:47:49Z 2026-04-16T15:42:10Z
mal-2026-2251 Malicious code in testtestsharp (npm) 2026-03-27T03:07:31Z 2026-04-16T15:42:10Z
mal-2026-2250 Malicious code in test1sharp (npm) 2026-03-27T03:07:31Z 2026-04-16T15:42:10Z
mal-2026-2196 Malicious code in tailwind-compile (npm) 2026-03-25T14:20:59Z 2026-04-16T15:42:10Z
mal-2026-1973 Malicious code in woltpickerapp (npm) 2026-03-20T04:48:44Z 2026-04-16T15:42:10Z
mal-2026-1968 Malicious code in safe-json-parsex (npm) 2026-03-20T04:41:13Z 2026-04-16T15:42:10Z
mal-2026-1926 Malicious code in tokenshower (npm) 2026-03-19T15:16:36Z 2026-04-16T15:42:10Z
mal-2026-1839 Malicious code in react-state-optimizer-core (npm) 2026-03-18T13:07:12Z 2026-04-16T15:42:10Z
mal-2026-1836 Malicious code in react-performance-suite (npm) 2026-03-18T13:07:05Z 2026-04-16T15:42:10Z
mal-2026-1835 Malicious code in react-fast-utilsa (npm) 2026-03-18T13:06:09Z 2026-04-16T15:42:10Z
mal-2026-1405 Malicious code in whatsapp-fastdesk-utils-drzak (npm) 2026-03-13T06:47:06Z 2026-04-16T15:42:10Z
mal-2026-1404 Malicious code in whatsapp-core-auth-drzak (npm) 2026-03-13T06:47:07Z 2026-04-16T15:42:10Z
mal-2026-1403 Malicious code in tradepmr-fusion-core-drzak (npm) 2026-03-13T06:47:06Z 2026-04-16T15:42:10Z
mal-2026-1402 Malicious code in tradepmr-api-utils-drzak (npm) 2026-03-13T06:47:06Z 2026-04-16T15:42:10Z
mal-2026-1374 Malicious code in spectral-corsair-my-backdoor (npm) 2026-03-12T18:09:11Z 2026-04-16T15:42:10Z
mal-2025-5063 Malicious code in universal-media-player (npm) 2025-06-13T01:40:04Z 2026-04-16T15:42:10Z
mal-2025-5060 Malicious code in sitewidesearch-client (npm) 2025-06-13T00:55:54Z 2026-04-16T15:42:10Z
mal-2025-5058 Malicious code in secure-lib (npm) 2025-06-13T02:06:14Z 2026-04-16T15:42:10Z
mal-2025-5051 Malicious code in react-expiry-date (npm) 2025-06-13T01:31:54Z 2026-04-16T15:42:10Z
mal-2025-34723 Malicious code in terminalcolor256 (npm) 2025-08-14T18:52:04Z 2026-04-16T15:42:10Z
mal-2025-2895 Malicious code in shopmacher-mollie-application (npm) 2025-03-28T12:58:40Z 2026-04-16T15:42:10Z
mal-2024-9888 Malicious code in typescript-operations (npm) 2024-10-16T13:26:54Z 2026-04-16T15:42:10Z
ID Description Published Updated
wid-sec-w-2025-1350 Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service 2025-06-17T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2025-0861 Linux Kernel: Mehrere Schwachstellen 2025-04-21T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2025-0844 Linux Kernel: Mehrere Schwachstellen 2025-04-16T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2025-0837 Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service 2025-04-15T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2025-0545 Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service 2025-03-11T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2025-0499 Linux Kernel: Mehrere Schwachstellen 2025-03-06T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2025-0453 Linux Kernel: Mehrere Schwachstellen 2025-02-26T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-3762 Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service 2024-12-29T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-3575 Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service 2024-12-02T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-3251 Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service 2024-10-21T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-3134 Linux Kernel: Mehrere Schwachstellen 2024-10-09T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-3050 Linux Kernel: Mehrere Schwachstellen 2024-09-29T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-2173 Linux Kernel: Mehrere Schwachstellen 2024-09-17T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-1721 Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff 2024-07-28T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-1451 Linux Kernel: Mehrere Schwachstellen 2024-06-25T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-1259 Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifischen Angriff 2024-05-30T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-0585 Grafana: Schwachstelle ermöglicht Privilegieneskalation 2024-03-07T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2024-0219 libTIFF: Mehrere Schwachstellen ermöglichen Denial of Service 2024-01-25T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2023-3004 libTIFF: Mehrere Schwachstellen ermöglichen Denial of Service 2023-11-26T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2022-0463 NGINX: Schwachstelle ermöglicht Denial of Service 2021-05-25T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0879 Linux Kernel: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-04-08T22:00:00.000+00:00
wid-sec-w-2026-0982 OpenBSD: Schwachstelle ermöglicht nicht spezifizierten Angriff 2026-04-06T22:00:00.000+00:00 2026-04-07T22:00:00.000+00:00
wid-sec-w-2026-0937 Google Chrome und Microsoft Edge: Mehrere Schwachstellen 2026-03-31T22:00:00.000+00:00 2026-04-06T22:00:00.000+00:00
wid-sec-w-2025-2310 F5 BIG-IP und F5OS: Mehrere Schwachstellen 2025-10-15T22:00:00.000+00:00 2026-03-31T22:00:00.000+00:00
wid-sec-w-2026-0909 Tinyproxy: Schwachstelle ermöglicht Denial of Service 2026-03-29T22:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0904 vim: Schwachstelle ermöglicht Codeausführung 2026-03-29T22:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0892 WatchGuard Firebox: Mehrere Schwachstellen 2026-03-26T23:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0891 Dovecot: Mehrere Schwachstellen 2026-03-26T23:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0880 FreeRDP: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0864 OpenBao: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
ID Description Published Updated
icsa-26-071-06 Inductive Automation Ignition Software 2026-03-12T06:00:00.000000Z 2026-03-13T06:00:00.000000Z
icsa-26-071-05 Siemens Heliox EV Chargers 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-04 Siemens SIMATIC 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-03 Siemens SIDIS Prime 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-02 Siemens RUGGEDCOM APE1808 Devices 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-01 Trane Tracer SC, Tracer SC+, and Tracer Concierge 2026-03-12T06:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-048-04 Honeywell HIB2PI CCTV Camera (Update B) 2026-02-17T07:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-043-08 Siemens NX 2026-02-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-043-03 Siemens COMOS 2025-12-09T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-25-345-05 Siemens Advanced Licensing (SALT) Toolkit 2025-12-09T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-25-345-04 Siemens IAM Client 2025-12-09T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-25-254-03 Siemens SINAMICS Drives 2025-09-09T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-25-231-02 Siemens Mendix SAML Module 2025-08-14T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-25-226-22 Siemens Web Installer 2025-08-12T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-25-162-05 Siemens SIMATIC S7-1500 CPU Family 2025-06-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-25-162-02 Siemens RUGGEDCOM APE1808 2025-06-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-25-044-06 Siemens RUGGEDCOM APE1808 2025-02-11T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-24-284-06 Siemens SINEC Security Monitor 2024-10-08T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-069-03 Honeywell IQ4x BMS Controller 2026-03-10T06:00:00.000000Z 2026-03-10T06:00:00.000000Z
icsa-26-069-02 Lantronix EDS3000PS and EDS5000 2026-03-10T06:00:00.000000Z 2026-03-10T06:00:00.000000Z
icsa-26-069-01 Apeman Cameras 2026-03-10T06:00:00.000000Z 2026-03-10T06:00:00.000000Z
icsa-26-069-04 Ceragon Siklu MultiHaul and EtherHaul Series 2026-03-10T05:00:00.000000Z 2026-03-10T05:00:00.000000Z
icsa-26-064-01 Delta Electronics CNCSoft-G2 2026-03-05T07:00:00.000000Z 2026-03-05T07:00:00.000000Z
icsa-25-350-02 Johnson Controls PowerG, IQPanel and IQHub (Update A) 2025-12-16T07:00:00.000000Z 2026-03-05T07:00:00.000000Z
icsa-25-343-01 Universal Boot Loader (U-Boot) (Update A) 2025-12-09T07:00:00.000000Z 2026-03-05T07:00:00.000000Z
icsa-22-020-01 Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric HMI SCADA (Update B) 2022-01-20T07:00:00.000000Z 2026-03-05T07:00:00.000000Z
va-25-297-01 IBM DOORS Next Generation multiple vulnerabilities 2025-10-22T18:45:47Z 2026-03-04T00:00:00Z
icsa-26-062-05 Labkotec LID-3300IP 2026-03-03T07:00:00.000000Z 2026-03-03T07:00:00.000000Z
icsa-26-062-04 Portwell Engineering Toolkits 2026-03-03T07:00:00.000000Z 2026-03-03T07:00:00.000000Z
icsa-26-062-03 Hitachi Energy RTU500 Product 2026-02-24T00:00:00.000000Z 2026-03-03T07:00:00.000000Z
ID Description Published Updated
cisco-sa-ucsciv-wgytc78q Cisco FXOS and UCS Manager Software Command Injection Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-nxos-ether-dos-kv8ynwz4 Cisco Nexus 3600 and 9500-R Series Switching Platforms Layer 2 Loop Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-nxos-dsnmp-cnn39uh Cisco Nexus 9000 Series Fabric Switches in ACI Mode SNMP Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-nxos-cpdos-qlsv6pfd Cisco Nexus 9000 Series Fabric Switches in ACI Mode Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-n3kn9k_aci_lldp_dos-ndgrrra3 Cisco NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-apic-dos-rnus8efw Cisco Application Policy Infrastructure Controller Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-wsa-archive-bypass-scx2e8zf Cisco Secure Web Appliance Real-Time Scanning Archive File Bypass Vulnerability 2026-02-04T16:00:00+00:00 2026-02-20T21:08:47+00:00
cisco-sa-voice-rce-morhqy4b Cisco Unified Communications Products Remote Code Execution Vulnerability 2026-01-21T16:00:00+00:00 2026-02-13T15:21:01+00:00
cisco-sa-snort3-mime-vulns-ttl8pgvh Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities 2025-10-15T16:00:00+00:00 2026-02-12T18:38:13+00:00
cisco-sa-tce-roomos-dos-9v9jrc2q Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability 2026-02-04T16:00:00+00:00 2026-02-12T17:37:39+00:00
cisco-sa-snort3-dcerpc-vulns-j9hnf4th Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities 2026-01-07T16:00:00+00:00 2026-02-10T20:42:07+00:00
cisco-sa-pi-xss-byevkcd Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability 2026-02-04T16:00:00+00:00 2026-02-04T16:00:00+00:00
cisco-sa-epnm-pi-redirect-6sx82dn Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Open Redirect Vulnerability 2026-02-04T16:00:00+00:00 2026-02-04T16:00:00+00:00
cisco-sa-cmm-file-up-ky47n8kk Cisco Meeting Management Arbitrary File Upload Vulnerability 2026-02-04T16:00:00+00:00 2026-02-04T16:00:00+00:00
cisco-sa-ucce-pcce-xss-2jvyg3ud Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities 2026-01-21T16:00:00+00:00 2026-01-21T16:00:00+00:00
cisco-sa-intersight-privesc-p6tbm6jk Cisco Intersight Virtual Appliance Privilege Escalation Vulnerability 2026-01-21T16:00:00+00:00 2026-01-21T16:00:00+00:00
cisco-sa-iec6400-pem5uq7v Cisco IEC6400 Wireless Backhaul Edge Compute Software SSH Denial of Service Vulnerability 2026-01-21T16:00:00+00:00 2026-01-21T16:00:00+00:00
cisco-sa-sma-attack-n9bf4 Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager 2025-12-17T16:00:00+00:00 2026-01-15T16:01:43+00:00
cisco-sa-ise-xss-9tdh2kx Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability 2026-01-15T16:00:00+00:00 2026-01-15T16:00:00+00:00
cisco-sa-ise-xss-964cdxw5 Cisco Identity Services Engine Cross-Site Scripting Vulnerability 2026-01-15T16:00:00+00:00 2026-01-15T16:00:00+00:00
cisco-sa-epnm-pi-stored-xss-gekx8ywk Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability 2026-01-15T16:00:00+00:00 2026-01-15T16:00:00+00:00
cisco-sa-ise-xxe-jwsbsdkt Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability 2026-01-07T16:00:00+00:00 2026-01-07T16:00:00+00:00
cisco-sa-react-flight-tyw32ddb Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025 2025-12-04T16:00:00+00:00 2025-12-17T22:37:17+00:00
cisco-sa-ise-multiple-vulns-o9beswjh Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities 2025-11-05T16:00:00+00:00 2025-12-04T14:23:54+00:00
cisco-sa-cc-mult-vuln-gk4tfxsn Multiple Cisco Contact Center Products Vulnerabilities 2025-11-05T16:00:00+00:00 2025-11-18T14:49:09+00:00
cisco-sa-privesc-catc-ryjreelu Cisco Catalyst Center Privilege Escalation Vulnerability 2025-11-13T16:00:00+00:00 2025-11-13T16:00:00+00:00
cisco-sa-dnac-xss-wextvz59 Cisco Catalyst Center Cross-Site Scripting Vulnerability 2025-11-13T16:00:00+00:00 2025-11-13T16:00:00+00:00
cisco-sa-dnac-ci-zwlqvswt Cisco Catalyst Center REST API Command Injection Vulnerability 2025-11-13T16:00:00+00:00 2025-11-13T16:00:00+00:00
cisco-sa-catc-priv-esc-vs8eecux Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability 2025-11-13T16:00:00+00:00 2025-11-13T16:00:00+00:00
cisco-sa-catc-open-redirect-3w5bk3je Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability 2025-11-13T16:00:00+00:00 2025-11-13T16:00:00+00:00
ID Description Published Updated
msrc_cve-2026-33896 Forge has a basicConstraints bypass in its certificate chain verification (RFC 5280 violation) 2026-03-02T00:00:00.000Z 2026-04-15T01:39:04.000Z
msrc_cve-2026-33895 Forge has signature forgery in Ed25519 due to missing S > L check 2026-03-02T00:00:00.000Z 2026-04-15T01:38:56.000Z
msrc_cve-2025-1220 Null byte termination in hostnames 2025-07-02T00:00:00.000Z 2026-04-15T01:38:32.000Z
msrc_cve-2026-1519 Excessive NSEC3 iterations cause high CPU load during insecure delegation validation 2026-03-02T00:00:00.000Z 2026-04-15T01:38:23.000Z
msrc_cve-2026-33636 LIBPNG has ARM NEON Palette Expansion Out-of-Bounds Read on AArch64 2026-03-02T00:00:00.000Z 2026-04-15T01:38:17.000Z
msrc_cve-2026-33416 LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` 2026-03-02T00:00:00.000Z 2026-04-15T01:38:06.000Z
msrc_cve-2025-30258 In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS." 2025-03-02T00:00:00.000Z 2026-04-15T01:37:50.000Z
msrc_cve-2025-62718 Axios has a NO_PROXY Hostname Normalization Bypass Leads to SSRF 2026-04-02T00:00:00.000Z 2026-04-15T01:05:34.000Z
msrc_cve-2026-40175 Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain 2026-04-02T00:00:00.000Z 2026-04-15T01:05:29.000Z
msrc_cve-2026-34480 Apache Log4j Core: Silent log event loss in XmlLayout due to unescaped XML 1.0 forbidden characters 2026-04-02T00:00:00.000Z 2026-04-15T01:05:23.000Z
msrc_cve-2026-34479 Apache Log4j 1 to Log4j 2 bridge: Silent log event loss in Log4j1XmlLayout due to unescaped XML 1.0 forbidden characters 2026-04-02T00:00:00.000Z 2026-04-15T01:05:18.000Z
msrc_cve-2026-34481 Apache Log4j JSON Template Layout: Improper serialization of non-finite floating-point values in JsonTemplateLayout 2026-04-02T00:00:00.000Z 2026-04-15T01:05:12.000Z
msrc_cve-2026-1502 HTTP client proxy tunnel headers not validated for CR/LF 2026-04-02T00:00:00.000Z 2026-04-15T01:04:59.000Z
msrc_cve-2026-5446 wolfSSL ARIA-GCM TLS 1.2/DTLS 1.2 GCM nonce reuse 2026-04-02T00:00:00.000Z 2026-04-15T01:04:48.000Z
msrc_cve-2026-5392 wolfSSL heap OOB read in PKCS7 SignedData streaming 2026-04-02T00:00:00.000Z 2026-04-15T01:04:39.000Z
msrc_cve-2026-5263 URI nameConstraints not enforced in ConfirmNameConstraints() 2026-04-02T00:00:00.000Z 2026-04-15T01:04:31.000Z
msrc_cve-2026-5460 Heap Use-After-Free in PQC Hybrid KeyShare Error Cleanup in wolfSSL TLS 1.3 2026-04-02T00:00:00.000Z 2026-04-15T01:04:23.000Z
msrc_cve-2026-5772 MatchDomainName 1-Byte Stack Buffer Over-Read in Hostname Validation 2026-04-02T00:00:00.000Z 2026-04-15T01:04:15.000Z
msrc_cve-2026-5447 Heap buffer overflow in CertFromX509() via AuthorityKeyIdentifier 2026-04-02T00:00:00.000Z 2026-04-15T01:04:06.000Z
msrc_cve-2026-5778 Integer underflow leads to out-of-bounds access in sniffer ChaCha decrypt path. 2026-04-02T00:00:00.000Z 2026-04-15T01:03:58.000Z
msrc_cve-2026-5188 Integer underflow in X.509 SAN parsing in wolfSSL 2026-04-02T00:00:00.000Z 2026-04-15T01:03:50.000Z
msrc_cve-2026-5295 Stack Buffer Overflow in wolfSSL PKCS7 wc_PKCS7_DecryptOri() via Oversized OID 2026-04-02T00:00:00.000Z 2026-04-15T01:03:41.000Z
msrc_cve-2026-5264 DTLS 1.3 ACK heap buffer overflow 2026-04-02T00:00:00.000Z 2026-04-15T01:03:33.000Z
msrc_cve-2026-5503 out-of-bounds write in TLSX_EchChangeSNI via attacker-controlled publicName 2026-04-02T00:00:00.000Z 2026-04-15T01:03:24.000Z
msrc_cve-2026-5479 wolfSSL EVP ChaCha20-Poly1305 AEAD authentication tag 2026-04-02T00:00:00.000Z 2026-04-15T01:03:16.000Z
msrc_cve-2026-5477 Prefix-substitution forgery via integer overflow in wolfCrypt CMAC 2026-04-02T00:00:00.000Z 2026-04-15T01:03:08.000Z
msrc_cve-2026-5448 1-2 Byte Buffer Overflow in wolfSSL_X509_notAfter/notBefore 2026-04-02T00:00:00.000Z 2026-04-15T01:02:59.000Z
msrc_cve-2026-5507 Session Cache Restore — Arbitrary Free via Deserialized Pointer 2026-04-02T00:00:00.000Z 2026-04-15T01:02:51.000Z
msrc_cve-2026-5501 Improper Certificate Signature Verification in X.509 Chain Validation Allows Forged Leaf Certificates 2026-04-02T00:00:00.000Z 2026-04-15T01:02:42.000Z
msrc_cve-2026-5194 wolfSSL ECDSA Certificate Verification 2026-04-02T00:00:00.000Z 2026-04-15T01:02:34.000Z
ID Description Published Updated
ncsc-2026-0043 Zeroday-kwetsbaarheden verholpen in Ivanti Endpoint Manager Mobile 2026-01-29T19:15:04.575371Z 2026-02-20T14:47:02.047999Z
ncsc-2026-0067 Kwetsbaarheden verholpen in GitHub Enterprise Server 2026-02-20T10:13:39.540778Z 2026-02-20T10:13:39.540778Z
ncsc-2026-0066 Kwetsbaarheid verholpen in Google Chrome 2026-02-19T08:29:30.712590Z 2026-02-19T08:29:30.712590Z
ncsc-2026-0065 Kwetsbaarheid verholpen in Dell RecoverPoint for Virtual Machines 2026-02-18T13:18:23.815384Z 2026-02-18T13:18:23.815384Z
ncsc-2026-0064 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2026-02-13T13:35:03.870920Z 2026-02-13T13:35:03.870920Z
ncsc-2026-0063 Kwetsbaarheden verholpen in Apple macOS 2026-02-13T13:24:06.433550Z 2026-02-13T13:24:06.433550Z
ncsc-2026-0048 Kwetsbaarheid verholpen in BeyondTrust Remote Support 2026-02-09T10:27:57.867529Z 2026-02-13T12:54:32.614217Z
ncsc-2026-0062 Kwetsbaarheden verholpen in GitLab CE/EE 2026-02-11T11:45:05.986313Z 2026-02-11T11:45:05.986313Z
ncsc-2026-0061 Kwetsbaarheden verholpen in Fortinet FortiOS 2026-02-11T11:34:50.888067Z 2026-02-11T11:34:50.888067Z
ncsc-2026-0060 Kwetsbaarheden verholpen in Fortinet FortiSandbox, FortiAuthenticator en FortiClient 2026-02-11T11:34:36.684955Z 2026-02-11T11:34:36.684955Z
ncsc-2026-0058 Kwetsbaarheden verholpen in Microsoft Office 2026-02-10T19:11:42.825147Z 2026-02-10T19:11:42.825147Z
ncsc-2026-0057 Kwetsbaarheden verholpen in Microsoft Azure 2026-02-10T19:08:27.878305Z 2026-02-10T19:08:27.878305Z
ncsc-2026-0056 Kwetsbaarheden verholpen in Microsoft Developer Tools 2026-02-10T19:07:16.028511Z 2026-02-10T19:07:16.028511Z
ncsc-2026-0055 Kwetsbaarheid verholpen in Microsoft SQL Server 2026-02-10T19:05:45.729972Z 2026-02-10T19:05:45.729972Z
ncsc-2026-0054 Kwetsbaarheid verholpen in Microsoft Exchange 2026-02-10T19:04:51.366294Z 2026-02-10T19:04:51.366294Z
ncsc-2026-0053 Kwetsbaarheden verholpen in Microsoft Windows 2026-02-10T19:01:45.561771Z 2026-02-10T19:01:45.561771Z
ncsc-2026-0052 Kwetsbaarheden verholpen in SAP producten 2026-02-10T12:28:40.531069Z 2026-02-10T12:28:40.531069Z
ncsc-2026-0051 Kwetsbaarheden verholpen in Siemens producten 2026-02-10T12:27:40.637581Z 2026-02-10T12:27:40.637581Z
ncsc-2026-0050 Kwetsbaarheid verholpen in PEAR 2026-02-09T10:41:43.856342Z 2026-02-09T10:41:43.856342Z
ncsc-2026-0049 Kwetsbaarheden verholpen in n8n 2026-02-09T10:39:40.792744Z 2026-02-09T10:39:40.792744Z
ncsc-2026-0046 Kwetsbaarheden verholpen in Samsung mobile 2026-02-09T07:48:28.751473Z 2026-02-09T07:48:28.751473Z
ncsc-2026-0040 Kwetsbaarheid verholpen in SmarterTools SmarterMail 2026-01-27T10:51:39.476320Z 2026-02-06T09:25:57.008166Z
ncsc-2026-0045 Kwetsbaarheid verholpen in Cisco Meeting Management 2026-02-06T09:22:16.831778Z 2026-02-06T09:22:16.831778Z
ncsc-2026-0044 Kwetsbaarheid verholpen in Cisco TelePresence Collaboration Endpoint 2026-02-06T09:20:11.629058Z 2026-02-06T09:20:11.629058Z
ncsc-2026-0042 Kwetsbaarheden verholpen in SolarWinds Web Help Desk 2026-01-28T16:37:21.114054Z 2026-02-02T09:47:54.857445Z
ncsc-2025-0386 Kwetsbaarheden verholpen in Fortinet producten 2025-12-10T09:51:34.918202Z 2026-01-28T15:46:10.814803Z
ncsc-2026-0041 Kwetsbaarheid verholpen in Fortinet producten 2026-01-28T09:32:41.752905Z 2026-01-28T09:32:41.752905Z
ncsc-2026-0039 ZeroDay kwetsbaarheid verholpen in Microsoft Office 2026-01-27T07:27:52.867415Z 2026-01-27T07:27:52.867415Z
ncsc-2026-0038 Kwetsbaarheid verholpen in BIND 9 2026-01-23T08:54:43.506215Z 2026-01-23T08:54:43.506215Z
ncsc-2026-0037 Kwetsbaarheden verholpen in GitLab Community Edition en Enterprise Edition 2026-01-22T12:35:30.505659Z 2026-01-22T12:35:30.505659Z
ID Description Published Updated
opensuse-su-2026:10449-1 gsl-2.8-5.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10448-1 bind-9.20.21-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10447-1 MozillaThunderbird-140.9.0-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10446-1 ImageMagick-7.1.2.18-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10441-1 strongswan-6.0.5-1.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10440-1 jupyter-nbclassic-1.3.3-1.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10439-1 plexus-utils-4.0.2-2.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10438-1 openbao-2.5.2-1.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10437-1 libnghttp2-14-1.68.1-1.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10436-1 freeipmi-1.6.17-1.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10435-1 cpp-httplib-devel-0.38.0-1.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10434-1 chromedriver-146.0.7680.164-1.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10433-1 LibVNCServer-devel-0.9.15-2.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10419-1 rclone-1.73.3-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10418-1 python311-jsonpath-ng-1.8.0-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10417-1 python311-deepdiff-8.6.2-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10416-1 python313-PyMuPDF-1.27.2.2-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10415-1 glances-common-4.5.2-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10414-1 perl-Crypt-URandom-0.550.0-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10413-1 firefox-esr-140.9.0-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10406-1 lemon-3.51.3-1.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10405-1 python314-3.14.3-3.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10404-1 python310-3.10.20-2.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10403-1 python311-pypdf-6.9.1-1.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10402-1 python311-PyPDF2-2.11.1-8.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10401-1 freeciv-3.2.4-1.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10400-1 chromedriver-146.0.7680.153-2.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10399-1 GraphicsMagick-1.3.46-4.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10398-1 python311-3.11.15-3.1 on GA media 2026-03-20T00:00:00Z 2026-03-20T00:00:00Z
opensuse-su-2026:10397-1 python311-PyJWT-2.12.1-1.1 on GA media 2026-03-20T00:00:00Z 2026-03-20T00:00:00Z
ID Description Published Updated
rhsa-2025:11673 Red Hat Security Advisory: OpenShift Container Platform 4.19.6 bug fix and security update 2025-07-29T07:05:14+00:00 2026-04-14T09:55:54+00:00
rhsa-2025:10699 Red Hat Security Advisory: libxml2 security update 2025-07-09T12:18:48+00:00 2026-04-14T09:55:54+00:00
rhsa-2025:11580 Red Hat Security Advisory: libxml2 security update 2025-07-23T05:06:37+00:00 2026-04-14T09:55:53+00:00
rhsa-2025:10698 Red Hat Security Advisory: libxml2 security update 2025-07-09T12:04:08+00:00 2026-04-14T09:55:51+00:00
rhsa-2025:10630 Red Hat Security Advisory: libxml2 security update 2025-07-08T21:17:21+00:00 2026-04-14T09:55:50+00:00
rhsa-2017:1201 Red Hat Security Advisory: thunderbird security update 2017-05-08T06:45:45+00:00 2026-04-14T09:55:49+00:00
rhsa-2017:1106 Red Hat Security Advisory: firefox security update 2017-04-21T00:49:25+00:00 2026-04-14T09:55:48+00:00
rhsa-2017:1104 Red Hat Security Advisory: firefox security update 2017-04-20T08:21:32+00:00 2026-04-14T09:55:48+00:00
rhsa-2026:5665 Red Hat Security Advisory: Red Hat Quay 3.10.19 2026-03-24T18:02:58+00:00 2026-04-14T09:52:41+00:00
rhsa-2026:7314 Red Hat Security Advisory: Red Hat Quay 3.14.7 2026-04-09T13:39:27+00:00 2026-04-14T09:52:37+00:00
rhsa-2026:4942 Red Hat Security Advisory: Red Hat Quay 3.12.15 2026-03-18T16:21:15+00:00 2026-04-14T09:52:36+00:00
rhsa-2026:7942 Red Hat Security Advisory: HawtIO 4.3.1 for Red Hat build of Apache Camel 4 Release and security update. 2026-04-13T21:59:31+00:00 2026-04-14T09:46:57+00:00
rhsa-2026:7854 Red Hat Security Advisory: podman security update 2026-04-13T12:51:03+00:00 2026-04-14T09:46:57+00:00
rhsa-2026:7052 Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.0.14 2026-04-08T12:26:52+00:00 2026-04-14T09:46:57+00:00
rhsa-2026:7676 Red Hat Security Advisory: rhc security update 2026-04-13T02:21:56+00:00 2026-04-14T09:46:56+00:00
rhsa-2026:6568 Red Hat Security Advisory: Red Hat Quay 3.15.4 2026-04-03T22:07:28+00:00 2026-04-14T09:46:56+00:00
rhsa-2026:5636 Red Hat Security Advisory: multicluster engine for Kubernetes v2.7.9 security update 2026-03-24T14:23:47+00:00 2026-04-14T09:46:56+00:00
rhsa-2026:6435 Red Hat Security Advisory: mariadb:10.11 security update 2026-04-02T10:59:43+00:00 2026-04-14T09:46:55+00:00
rhsa-2026:6428 Red Hat Security Advisory: Network Observability 1.11.1 for OpenShift 2026-04-02T07:50:38+00:00 2026-04-14T09:46:55+00:00
rhsa-2026:6226 Red Hat Security Advisory: Multicluster Global Hub 1.6.2 security update 2026-03-31T02:53:32+00:00 2026-04-14T09:46:55+00:00
rhsa-2026:6192 Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.27.0 Release. 2026-03-30T15:41:48+00:00 2026-04-14T09:46:55+00:00
rhsa-2026:6184 Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.19 security, enhancement & bug fix update 2026-03-30T13:41:49+00:00 2026-04-14T09:46:54+00:00
rhsa-2026:5968 Red Hat Security Advisory: Satellite 6.18.4 Async Update 2026-03-26T19:47:53+00:00 2026-04-14T09:46:53+00:00
rhsa-2026:5866 Red Hat Security Advisory: OpenShift Container Platform 4.17.52 packages and security update 2026-04-01T09:29:07+00:00 2026-04-14T09:46:53+00:00
rhsa-2026:5853 Red Hat Security Advisory: osbuild-composer security update 2026-03-26T01:05:19+00:00 2026-04-14T09:46:53+00:00
rhsa-2026:5852 Red Hat Security Advisory: osbuild-composer security update 2026-03-26T00:58:34+00:00 2026-04-14T09:46:53+00:00
rhsa-2026:5851 Red Hat Security Advisory: DevWorkspace Operator 0.40.0 release. 2026-03-25T23:56:41+00:00 2026-04-14T09:46:52+00:00
rhsa-2026:5807 Red Hat Security Advisory: RHOAI 2.16.4 - Red Hat OpenShift AI 2026-03-25T12:32:51+00:00 2026-04-14T09:46:52+00:00
rhsa-2026:5645 Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.17.1 2026-03-24T15:38:55+00:00 2026-04-14T09:46:51+00:00
rhsa-2026:5544 Red Hat Security Advisory: osbuild-composer security update 2026-03-24T06:55:51+00:00 2026-04-14T09:46:51+00:00
ID Description Published Updated
sevd-2025-014-09 EcoStruxure™ Power Build Rapsody 2025-01-14T00:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2024-282-05 EcoStruxure™ Power Monitoring Expert (PME) 2024-10-08T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-098-02 Trio™ Q Licensed Data Radios 2025-04-08T04:00:00.000Z 2025-04-08T04:00:00.000Z
sevd-2025-014-01 Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC 2025-01-14T05:00:00.000Z 2025-04-08T04:00:00.000Z
sevd-2025-070-03 WebHMI Component For EcoStruxure™ Power Automation System User Interface and EcoStruxure™ Microgrid Operation Large 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
sevd-2025-070-02 EPAS-UI & EcoSUI 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
sevd-2025-070-01 EcoStruxure™ Panel Server 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
sevd-2025-042-04 Enerlin'X IFE and eIFE 2025-02-11T06:00:00.000Z 2025-02-11T06:00:00.000Z
sevd-2025-042-03 EcoStruxure™ Process Expert, EcoStruxure™ Process Expert for AVEVA System Platform 2025-02-11T06:00:00.000Z 2025-02-11T06:00:00.000Z
sevd-2025-042-01 ASCO 5310 / 5350 Remote Annunciator 2025-02-11T06:00:00.000Z 2025-02-11T06:00:00.000Z
sevd-2025-014-08 Power Logic HDPM6000 High-Density Metering System 2025-01-14T00:00:00.000Z 2025-01-14T00:00:00.000Z
sevd-2025-014-04 Web Designer for Modicon Communication Modules 2025-01-14T00:00:00.000Z 2025-01-14T00:00:00.000Z
sevd-2024-345-02 Harmony HMI and Pro-face HMI products 2024-12-10T00:00:00.000Z 2024-12-10T00:00:00.000Z
sevd-2024-345-01 PowerChute Serial Shutdown 2024-12-10T00:00:00.000Z 2024-12-10T00:00:00.000Z
sevd-2024-317-04 EcoStruxure™ IT Gateway 2024-11-12T00:00:00.000Z 2024-11-12T00:00:00.000Z
sevd-2024-317-01 PowerLogic PM5300 Series 2024-11-12T00:00:00.000Z 2024-11-12T00:00:00.000Z
sevd-2021-159-02 PowerLogic PM5500 and PowerLogic PM8ECC 2021-06-08T00:00:00.000Z 2024-11-12T00:00:00.000Z
sevd-2024-282-08 EcoStruxure EV Charging Expert 2024-10-08T00:00:00.000Z 2024-10-08T00:00:00.000Z
sevd-2024-282-07 System Monitor Application in Harmony and Pro-face PS5000 Legacy Industrial PCs 2024-10-08T00:00:00.000Z 2024-10-08T00:00:00.000Z
sevd-2024-282-06 Zelio Soft 2 2024-10-08T00:00:00.000Z 2024-10-08T00:00:00.000Z
sevd-2024-282-04 EVlink Home Smart and Schneider Charge 2024-10-08T00:00:00.000Z 2024-10-08T00:00:00.000Z
sevd-2024-282-03 Easergy Studio 2024-10-08T00:00:00.000Z 2024-10-08T00:00:00.000Z
sevd-2024-282-02 Harmony iPC – HMIBSC IIoT Edge Box Core 2024-10-08T00:00:00.000Z 2024-10-08T00:00:00.000Z
sevd-2024-282-01 Data Center Expert 2024-10-08T00:00:00.000Z 2024-10-08T00:00:00.000Z
sevd-2022-102-02 Modicon M340 Controller and Communication Modules 2022-04-12T00:00:00.000Z 2024-10-08T00:00:00.000Z
sevd-2024-254-02 EcoStruxure™ Power Monitoring Expert and EcoStruxure™ Power Operation or EcoStruxure™ Power SCADA Operation with Advanced Reporting and Dashboards 2024-09-10T00:00:00.000Z 2024-09-10T00:00:00.000Z
sevd-2024-163-02 PowerLogic P5 2024-06-11T00:00:00.000Z 2024-09-10T00:00:00.000Z
sevd-2023-073-01 EcoStruxure™ Power Monitoring Expert 2023-03-14T00:00:00.000Z 2024-09-10T00:00:00.000Z
sevd-2023-192-02 ​​EcoStruxure™ OPC UA Server Expert​ 2023-07-11T07:01:56.000Z 2024-08-13T07:00:00.000Z
sevd-2024-226-02 EcoStruxure™ Machine SCADA Expert / BLUE Open Studio 2024-08-13T00:00:00.000Z 2024-08-13T00:00:00.000Z
ID Description Published Updated
sca-2020-0002 Vulnerabilities in SICK Package Analytics 2020-08-07T10:00:00.000Z 2020-07-28T10:00:00.000Z
sca-2020-0001 Security Information Regarding "Profile Programming" 2020-05-31T10:00:00.000Z 2020-05-31T10:00:00.000Z
sca-2019-0002 Vulnerability in SICK FX0-GENT00000 and SICK FX0-GPNT00000 2019-09-20T10:00:00.000Z 2019-09-20T10:00:00.000Z
sca-2019-0001 MSC800 affected by hard-coded credentials vulnerability 2019-06-21T10:00:00.000Z 2019-06-21T10:00:00.000Z
ID Description Published Updated
ssa-365200 SSA-365200: Google Chrome Type Confusion Vulnerability in Siemens Products 2025-10-14T00:00:00Z 2026-01-13T00:00:00Z
ssa-364175 SSA-364175: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.4-h1 2024-07-09T00:00:00Z 2026-01-13T00:00:00Z
ssa-192617 SSA-192617: Local Privilege Escalation Vulnerability in TeleControl Server Basic Before V3.1.2.4 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ssa-014678 SSA-014678: Authorization Bypass Vulnerability in Industrial Edge Device Kit 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ssa-001536 SSA-001536: Authorization Bypass Vulnerability in Siemens Industrial Edge Devices 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ssa-512988 SSA-512988: File Parsing Vulnerability in Simcenter Femap Before V2512 2025-12-12T00:00:00Z 2025-12-12T00:00:00Z
ssa-915282 SSA-915282: Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-882673 SSA-882673: Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-800126 SSA-800126: Deserialization Vulnerability in Siemens Engineering Platforms before V20 2024-12-10T00:00:00Z 2025-12-09T00:00:00Z
ssa-763474 SSA-763474: Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-734261 SSA-734261: Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-723487 SSA-723487: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SCALANCE, RUGGEDCOM and Related Products 2024-07-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-693808 SSA-693808: Deserialization Vulnerability in Siemens Engineering Platforms 2025-08-12T00:00:00Z 2025-12-09T00:00:00Z
ssa-673996 SSA-673996: Buffer Overflow Vulnerability in Third-Party Component in SICAM and SITIPE Products 2024-09-10T00:00:00Z 2025-12-09T00:00:00Z
ssa-626856 SSA-626856: Multiple Vulnerabilities in SINEMA Remote Connect Sever Before V3.2 SP4 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-493396 SSA-493396: Deserialization Vulnerability in Siemens Engineering Platforms 2025-08-12T00:00:00Z 2025-12-09T00:00:00Z
ssa-471761 SSA-471761: Multiple Vulnerabilities in SICAM T Before V3.0 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-420375 SSA-420375: Improper Integrity Check of Firmware Updates in Building X - Security Manager Edge Controller (ACC-AP) 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-416652 SSA-416652: Multiple Vulnerabilities in SIMATIC CN 4100 Before V4.0.1 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-392859 SSA-392859: Local Arbitrary Code Execution Vulnerability in Siemens Engineering Platforms before V20 2024-12-10T00:00:00Z 2025-12-09T00:00:00Z
ssa-356310 SSA-356310: Multiple Vulnerabilities in Gridscale X Prepay 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-202008 SSA-202008: Multiple Vulnerabilities in Ruggedcom Rox Before V2.17.0 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-241605 SSA-241605: Out of Bounds Read in PS/IGES Parasolid Translator Component Before V29.0.258 2025-11-17T00:00:00Z 2025-11-17T00:00:00Z
ssa-190588 SSA-190588: Cross-Site Scripting Vulnerability in Mendix Rich Text Widget 2025-11-17T00:00:00Z 2025-11-17T00:00:00Z
ssa-794185 SSA-794185: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SIPROTEC, SICAM and Related Products 2025-05-13T00:00:00Z 2025-11-11T00:00:00Z
ssa-750499 SSA-750499: Weak Encryption Vulnerability in SIPROTEC 5 Devices 2024-07-09T00:00:00Z 2025-11-11T00:00:00Z
ssa-711309 SSA-711309: Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products 2023-09-12T00:00:00Z 2025-11-11T00:00:00Z
ssa-687955 SSA-687955: Accessible Development Shell via Physical Interface in SIPROTEC 5 2025-02-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-682326 SSA-682326: Multiple Vulnerabilities in COMOS before V10.4.5 2025-11-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-631336 SSA-631336: Multiple Web Server Vulnerabilities in SICAM GridEdge Before V2.6.6 2022-06-14T00:00:00Z 2025-11-11T00:00:00Z
ID Description Published Updated
suse-su-2026:1324-1 Security update for clamav 2026-04-14T13:15:31Z 2026-04-14T13:15:31Z
suse-su-2026:1323-1 Security update for libpng16 2026-04-14T13:11:55Z 2026-04-14T13:11:55Z
suse-su-2026:1322-1 Security update for MozillaFirefox 2026-04-14T12:42:11Z 2026-04-14T12:42:11Z
suse-su-2026:1321-1 Security update for go1.25 2026-04-14T12:40:53Z 2026-04-14T12:40:53Z
suse-su-2026:1320-1 Security update for go1.26 2026-04-14T12:39:43Z 2026-04-14T12:39:43Z
suse-su-2026:21111-1 Security update for cockpit-subscriptions 2026-04-14T12:16:29Z 2026-04-14T12:16:29Z
suse-su-2026:1314-1 Security update for ignition 2026-04-14T11:07:12Z 2026-04-14T11:07:12Z
suse-su-2026:1313-1 Security update for freerdp2 2026-04-14T10:47:31Z 2026-04-14T10:47:31Z
suse-su-2026:1312-1 Security update for bind 2026-04-14T10:46:32Z 2026-04-14T10:46:32Z
suse-su-2026:1311-1 Security update for libpng16 2026-04-14T10:44:51Z 2026-04-14T10:44:51Z
suse-su-2026:1310-1 Security update for libssh 2026-04-14T10:42:14Z 2026-04-14T10:42:14Z
suse-su-2026:1309-1 Security update for sudo 2026-04-14T10:39:38Z 2026-04-14T10:39:38Z
suse-su-2026:1308-1 Security update for sudo 2026-04-14T10:38:01Z 2026-04-14T10:38:01Z
suse-su-2026:1307-1 Security update for strongswan 2026-04-14T10:35:42Z 2026-04-14T10:35:42Z
suse-su-2026:1305-1 Security update for the Linux Kernel (Live Patch 76 for SUSE Linux Enterprise 12 SP5) 2026-04-13T18:34:02Z 2026-04-13T18:34:02Z
suse-su-2026:1304-1 Security update for the Linux Kernel (Live Patch 73 for SUSE Linux Enterprise 12 SP5) 2026-04-13T16:04:42Z 2026-04-13T16:04:42Z
suse-su-2026:1303-1 Security update for tigervnc 2026-04-13T16:02:59Z 2026-04-13T16:02:59Z
suse-su-2026:1302-1 Security update for tigervnc 2026-04-13T16:02:16Z 2026-04-13T16:02:16Z
suse-su-2026:1301-1 Security update for tigervnc 2026-04-13T16:01:23Z 2026-04-13T16:01:23Z
suse-su-2026:1300-1 Security update for GraphicsMagick 2026-04-13T15:58:01Z 2026-04-13T15:58:01Z
suse-su-2026:1299-1 Security update for nodejs24 2026-04-13T15:54:45Z 2026-04-13T15:54:45Z
suse-su-2026:21107-1 Security update for openssl-3 2026-04-13T15:48:01Z 2026-04-13T15:48:01Z
suse-su-2026:1298-1 Security update for the Linux Kernel (Live Patch 72 for SUSE Linux Enterprise 12 SP5) 2026-04-13T15:04:44Z 2026-04-13T15:04:44Z
suse-su-2026:21106-1 Security update for cockpit 2026-04-13T14:11:34Z 2026-04-13T14:11:34Z
suse-su-2026:1297-1 Security update for the Linux Kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5) 2026-04-13T12:42:14Z 2026-04-13T12:42:14Z
suse-su-2026:1296-1 Security update for python39 2026-04-13T12:32:48Z 2026-04-13T12:32:48Z
suse-su-2026:21104-1 Security update for python313 2026-04-13T09:49:38Z 2026-04-13T09:49:38Z
suse-su-2026:1294-1 Security update for the Linux Kernel (Live Patch 77 for SUSE Linux Enterprise 12 SP5) 2026-04-13T09:04:33Z 2026-04-13T09:04:33Z
suse-su-2026:21102-1 Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16) 2026-04-13T09:00:51Z 2026-04-13T09:00:51Z
suse-su-2026:1293-1 Security update for the Linux Kernel (Live Patch 75 for SUSE Linux Enterprise 12 SP5) 2026-04-13T08:35:44Z 2026-04-13T08:35:44Z
ID Description Published Updated
alsa-2025:3388 Important: python-jinja2 security update 2025-03-31T00:00:00Z 2026-04-09T18:19:12Z
alsa-2025:4048 Moderate: xmlrpc-c security update 2025-04-22T00:00:00Z 2026-04-09T18:11:53Z
alsa-2025:4049 Moderate: libtasn1 security update 2025-04-22T00:00:00Z 2026-04-09T18:00:49Z
alsa-2025:8254 Important: pcs security update 2025-05-28T00:00:00Z 2026-04-09T17:52:37Z
alsa-2025:4063 Moderate: ruby:3.1 security update 2025-04-22T00:00:00Z 2026-04-09T17:45:54Z
alsa-2025:11047 Moderate: pcs security update 2025-07-15T00:00:00Z 2026-04-09T15:41:47Z
alsa-2025:12527 Moderate: virt:rhel and virt-devel:rhel security update 2025-08-04T00:00:00Z 2026-04-09T15:30:58Z
alsa-2026:6750 Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update 2026-04-07T00:00:00Z 2026-04-09T12:29:46Z
alsa-2026:6949 Important: go-toolset:rhel8 security update 2026-04-08T00:00:00Z 2026-04-09T12:17:43Z
alsa-2026:6915 Important: vim security update 2026-04-07T00:00:00Z 2026-04-09T11:41:21Z
alsa-2026:6906 Important: nginx security update 2026-04-07T00:00:00Z 2026-04-09T11:12:05Z
alsa-2026:6918 Important: freerdp security update 2026-04-07T00:00:00Z 2026-04-09T10:20:55Z
alsa-2026:6391 Moderate: mysql:8.4 security update 2026-04-01T00:00:00Z 2026-04-09T10:00:41Z
alsa-2026:6435 Moderate: mariadb:10.11 security update 2026-04-02T00:00:00Z 2026-04-09T09:01:32Z
alsa-2026:6463 Important: openssh security update 2026-04-02T00:00:00Z 2026-04-09T08:50:06Z
alsa-2026:6462 Important: openssh security update 2026-04-02T00:00:00Z 2026-04-09T08:39:22Z
alsa-2026:6461 Important: openssh security update 2026-04-02T00:00:00Z 2026-04-09T08:28:49Z
alsa-2026:7080 Important: nodejs22 security update 2026-04-08T00:00:00Z 2026-04-09T02:15:49Z
alsa-2026:7081 Moderate: libtiff security update 2026-04-08T00:00:00Z 2026-04-09T02:00:14Z
alsa-2026:6628 Important: fontforge security update 2026-04-06T00:00:00Z 2026-04-08T23:11:48Z
alsa-2026:6631 Important: fontforge security update 2026-04-06T00:00:00Z 2026-04-08T20:50:37Z
alsa-2026:6572 Moderate: kernel-rt security update 2026-04-06T00:00:00Z 2026-04-06T09:38:16Z
alsa-2026:6571 Moderate: kernel security update 2026-04-06T00:00:00Z 2026-04-06T09:27:57Z
alsa-2026:6621 Moderate: crun security update 2026-04-06T00:00:00Z 2026-04-06T08:42:59Z
alsa-2026:6622 Moderate: crun security update 2026-04-06T00:00:00Z 2026-04-06T08:36:15Z
alsa-2026:6300 Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update 2026-03-31T00:00:00Z 2026-04-03T17:13:38Z
alsa-2026:6436 Moderate: rsync security update 2026-04-02T00:00:00Z 2026-04-03T12:29:15Z
alsa-2026:6439 Important: libpng15 security update 2026-04-02T00:00:00Z 2026-04-03T12:19:53Z
alsa-2026:6445 Important: libpng12 security update 2026-04-02T00:00:00Z 2026-04-03T12:13:28Z
alsa-2026:6470 Important: perl-YAML-Syck security update 2026-04-02T00:00:00Z 2026-04-03T12:07:59Z
ID Description Published Updated
osv-2024-696 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr 2024-07-31T00:03:10.056663Z 2026-03-30T14:18:48.684167Z
osv-2024-400 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr 2024-05-02T00:03:16.309384Z 2026-03-30T14:18:22.305458Z
osv-2024-641 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr 2024-07-14T00:06:37.034414Z 2026-03-30T14:18:20.625772Z
osv-2024-278 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr 2024-04-19T00:12:11.684954Z 2026-03-30T14:17:53.191446Z
osv-2022-776 Heap-buffer-overflow in do_job 2022-08-24T00:00:48.440951Z 2026-03-28T14:13:55.545096Z
osv-2025-312 Heap-buffer-overflow in ZSTD_decompressMultiFrame 2025-05-02T00:14:14.459388Z 2026-03-27T14:26:26.446866Z
osv-2023-606 Heap-buffer-overflow in ZSTD_decompressMultiFrame 2023-07-23T14:01:02.159160Z 2026-03-27T14:21:24.837066Z
osv-2023-319 Heap-buffer-overflow in ZSTD_decompressSequencesLong_bmi2 2023-04-16T14:01:58.406534Z 2026-03-27T14:20:54.241339Z
osv-2022-675 Heap-buffer-overflow in void RDKit::ParseV3000AtomProps<std::__1::vector<std::__1::basic_string_view<cha 2022-08-06T00:00:51.363676Z 2026-03-27T14:20:04.040838Z
osv-2021-1672 Heap-buffer-overflow in blosc_d 2021-12-12T00:01:29.747137Z 2026-03-27T14:18:17.523662Z
osv-2022-1288 Stack-buffer-overflow in bool SmilesParseOps::parser::parse_atom_props<std::__1::__wrap_iter<char const*> 2024-11-04T00:16:22.516312Z 2026-03-27T14:17:53.064285Z
osv-2023-1350 Heap-buffer-overflow in inflate 2023-12-23T00:12:38.562149Z 2026-03-27T14:16:43.884162Z
osv-2022-1134 Heap-buffer-overflow in ndlz8_decompress 2022-11-04T00:02:11.463429Z 2026-03-27T14:15:56.573716Z
osv-2021-1070 Heap-buffer-overflow in ZSTD_decompressBlock_internal 2021-07-29T00:01:10.187569Z 2026-03-27T14:15:27.197578Z
osv-2026-461 UNKNOWN READ in XRef::constructObjectEntry 2026-03-26T00:17:47.551046Z 2026-03-26T00:17:47.551361Z
osv-2026-455 UNKNOWN READ in mkv::matroska_segment_c::TrackInit 2026-03-25T00:20:51.448743Z 2026-03-25T00:20:51.449185Z
osv-2023-216 Heap-buffer-overflow in H5G__node_cmp3 2023-03-23T13:00:48.081705Z 2026-03-24T16:17:49.377032Z
osv-2023-76 Heap-buffer-overflow in H5SM_delete 2023-02-18T13:00:50.471845Z 2026-03-24T15:56:21.323480Z
osv-2023-359 Heap-buffer-overflow in H5MM_memcpy 2023-05-01T14:02:33.841821Z 2026-03-24T15:52:15.056909Z
osv-2023-392 Negative-size-param in H5MM_memcpy 2023-05-13T14:00:26.093088Z 2026-03-24T15:13:27.688997Z
osv-2023-370 Heap-buffer-overflow in H5FS__sect_link 2023-05-06T14:01:04.165113Z 2026-03-24T15:11:55.539963Z
osv-2024-387 Heap-buffer-overflow in H5F_addr_encode 2024-04-30T00:13:39.184262Z 2026-03-24T15:11:37.246096Z
osv-2023-381 UNKNOWN READ in H5FL__blk_gc_list 2023-05-08T14:02:04.934252Z 2026-03-24T15:11:28.111319Z
osv-2023-133 Heap-buffer-overflow in H5L__extern_traverse 2023-03-02T13:02:08.499899Z 2026-03-24T15:07:47.335644Z
osv-2023-89 Heap-buffer-overflow in H5O__mtime_new_encode 2023-02-21T13:00:30.347876Z 2026-03-24T14:48:44.199364Z
osv-2023-430 Heap-buffer-overflow in H5MM_xstrdup 2023-05-26T14:00:26.078002Z 2026-03-24T14:48:04.919113Z
osv-2026-437 Heap-use-after-free in tf::Executor::_invoke 2026-03-23T00:02:28.277984Z 2026-03-23T14:25:41.819255Z
osv-2025-169 Stack-buffer-overflow in utf8_in2 2025-02-27T00:07:08.029075Z 2026-03-21T14:18:54.197384Z
osv-2023-1328 Stack-buffer-overflow in icu_75::TZDBTimeZoneNames::getMetaZoneNames 2023-12-18T00:13:09.643640Z 2026-03-18T19:49:20.841276Z
osv-2024-728 Negative-size-param in pdf_resize_resource_arrays 2024-08-08T00:09:33.935595Z 2026-03-18T14:32:58.071449Z
ID Description Published Updated
rustsec-2026-0049 CRLs not considered authoritative by Distribution Point due to faulty matching logic 2026-03-20T12:00:00Z 2026-03-24T08:22:29Z
rustsec-2026-0072 Missing Check for All-Zero X25519 Shared Secret 2026-02-04T12:00:00Z 2026-03-24T08:16:07Z
rustsec-2026-0071 Nonce Reuse in HPKE Context 2026-02-05T12:00:00Z 2026-03-24T08:16:07Z
rustsec-2026-0070 Panic When Opening or Sealing on Export-Only Context 2026-02-11T12:00:00Z 2026-03-24T08:16:07Z
rustsec-2026-0069 Incorrect Length Encoding on KDF Export 2026-02-11T12:00:00Z 2026-03-24T08:16:07Z
rustsec-2026-0068 tar-rs incorrectly ignores PAX size headers if header size is nonzero 2026-03-19T12:00:00Z 2026-03-23T09:31:59Z
rustsec-2026-0067 `unpack_in` can chmod arbitrary directories by following symlinks 2026-03-19T12:00:00Z 2026-03-23T09:31:59Z
rustsec-2026-0066 Insufficient validation of PAX extensions during extraction 2026-03-17T12:00:00Z 2026-03-23T09:31:59Z
rustsec-2026-0047 PKCS7_verify Signature Validation Bypass in AWS-LC 2026-03-02T12:00:00Z 2026-03-21T06:45:35Z
rustsec-2026-0046 PKCS7_verify Certificate Chain Validation Bypass in AWS-LC 2026-03-02T12:00:00Z 2026-03-21T06:45:35Z
rustsec-2026-0045 Timing Side-Channel in AES-CCM Tag Verification in AWS-LC 2026-03-02T12:00:00Z 2026-03-21T06:45:35Z
rustsec-2026-0043 Timing Side-Channel in AES-CCM Tag Verification in AWS-LC 2026-03-02T12:00:00Z 2026-03-21T06:45:35Z
rustsec-2026-0065 `tokio-signal` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0064 `tokio-udp` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0063 `tokio-executor` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0062 `tokio-compat` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0061 `tokio-fs` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0060 `tokio-timer` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0059 `tokio-tcp` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0058 `tokio-io` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0057 `tokio-reactor` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0056 `tokio-codec` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0055 `tokio-process` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0054 `tokio-current-thread` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0053 `tokio-tls` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0052 `tokio-sync` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0051 `tokio-threadpool` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0050 `tokio-uds` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0048 CRL Distribution Point Scope Check Logic Error in AWS-LC 2026-03-19T12:00:00Z 2026-03-20T17:11:58Z
rustsec-2026-0044 AWS-LC X.509 Name Constraints Bypass via Wildcard/Unicode CN 2026-03-19T12:00:00Z 2026-03-20T17:11:58Z
ID Description Published Updated
bit-authentik-2023-48228 OAuth2: PKCE can be fully circumvented 2026-04-16T23:36:07.745Z 2026-04-17T00:10:47.507Z
bit-authentik-2023-46249 authentik potential installation takeover when default admin user is deleted 2026-04-16T23:36:06.215Z 2026-04-17T00:10:47.507Z
bit-authentik-2023-39522 Username enumeration attack in goauthentik 2026-04-16T23:36:04.816Z 2026-04-17T00:10:47.507Z
bit-authentik-2023-36456 Authentik lacks Proxy IP headers validation 2026-04-16T23:36:03.215Z 2026-04-17T00:10:47.507Z
bit-authentik-2023-26481 Insufficient user check in FlowTokens by Email stage 2026-04-16T23:36:01.864Z 2026-04-17T00:10:47.507Z
bit-authentik-2022-46172 authentik allows existing authenticated users to create arbitrary accounts 2026-04-16T23:36:00.542Z 2026-04-17T00:10:47.507Z
bit-authentik-2022-46145 authentik vulnerable to unauthorized user creation and potential account takeover 2026-04-16T23:35:59.036Z 2026-04-17T00:10:47.507Z
bit-authentik-2022-23555 authentik vulnerable to Improper Authentication via invitation URL token reuse 2026-04-16T23:35:57.484Z 2026-04-17T00:10:47.507Z
bit-apisix-2026-31924 Apache APISIX: Plugin tencent-cloud-cls log export uses plaintext HTTP 2026-04-16T23:36:06.924Z 2026-04-17T00:10:47.507Z
bit-apisix-2026-31923 Apache APISIX: Openid-connect `tls_verify` field is disabled by default 2026-04-16T23:36:05.480Z 2026-04-17T00:10:47.507Z
bit-airflow-2026-33858 Apache Airflow: Unsafe Deserialization via Legacy Serialization Keys (__type/__var) Bypass in XCom API 2026-04-16T23:38:09.491Z 2026-04-17T00:10:47.507Z
bit-airflow-2025-66236 Apache Airflow: Secrets from Airflow config file logged in plain text in DAG run logs UI 2026-04-16T23:37:55.116Z 2026-04-17T00:10:47.507Z
bit-activemq-2026-39304 Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Incorrect handling of TLSv1.3 KeyUpdate can be exploited to cause DoS via OOM 2026-04-16T23:36:26.790Z 2026-04-17T00:10:47.507Z
bit-wiremock-2023-41329 Domain restrictions bypass via DNS Rebinding in WireMock and WireMock Studio 2026-04-13T16:00:00.480Z 2026-04-13T16:23:32.396Z
bit-wiremock-2023-41327 Controlled SSRF through URL in the WireMock 2026-04-13T15:59:58.176Z 2026-04-13T16:23:32.396Z
bit-tomcat-2026-29146 Apache Tomcat: EncryptInterceptor vulnerable to padding oracle attack by default 2026-04-13T16:01:34.700Z 2026-04-13T16:23:32.396Z
bit-nifi-2024-45477 Apache NiFi: Improper Neutralization of Input in Parameter Description 2026-04-13T14:17:18.796Z 2026-04-13T14:44:23.860Z
bit-wiremock-2023-50069 2026-04-13T11:50:15.583Z 2026-04-13T12:09:46.643Z
bit-tomcat-2026-34500 Apache Tomcat: OCSP checks sometimes soft-fail with FFM even when soft-fail is disabled 2026-04-13T10:20:02.205Z 2026-04-13T10:42:00.723Z
bit-tomcat-2026-34487 Apache Tomcat: Cloud membership for clustering component exposed the Kubernetes bearer token 2026-04-13T10:20:00.791Z 2026-04-13T10:42:00.723Z
bit-tomcat-2026-34483 Apache Tomcat: Incomplete escaping of JSON access logs 2026-04-13T10:19:58.030Z 2026-04-13T10:42:00.723Z
bit-tomcat-2026-29145 Apache Tomcat, Apache Tomcat Native: OCSP checks sometimes soft-fail even when soft-fail is disabled 2026-04-13T10:19:53.698Z 2026-04-13T10:42:00.723Z
bit-tomcat-2026-25854 Apache Tomcat: Occasionally open redirect 2026-04-13T10:19:50.972Z 2026-04-13T10:42:00.723Z
bit-tomcat-2026-24880 Apache Tomcat: Request smuggling via invalid chunk extension 2026-04-13T10:19:49.629Z 2026-04-13T10:42:00.723Z
bit-mongodb-2026-4148 ExpressionContext use-after-free in classic engine $lookup and $graphLookup aggregation operators 2026-04-13T10:13:07.402Z 2026-04-13T10:42:00.723Z
bit-mongodb-2026-4147 Stack memory disclosure in filemd5 command 2026-04-13T10:13:04.983Z 2026-04-13T10:42:00.723Z
bit-minio-2026-39414 MinIO affected a DoS via Unbounded Memory Allocation in S3 Select CSV Parsing 2026-04-13T10:10:51.384Z 2026-04-13T10:42:00.723Z
bit-tomcat-2026-34486 Apache Tomcat: Fix for CVE-2026-29146 allowed bypass of EncryptInterceptor 2026-04-13T05:53:08.595Z 2026-04-13T06:11:47.324Z
bit-tomcat-2026-32990 Apache Tomcat: Fix for CVE-2025-66614 is incomplete 2026-04-13T05:53:05.369Z 2026-04-13T06:11:47.324Z
bit-tomcat-2026-29129 Apache Tomcat: TLS cipher order is not preserved 2026-04-13T05:53:00.617Z 2026-04-13T06:11:47.324Z
ID Description Published Updated
cleanstart-2026-ot38160 url 2026-04-09T00:55:38.018075Z 2026-04-08T07:36:24Z
cleanstart-2026-ba09462 OpenTelemetry-Go is the Go implementation of OpenTelemetry 2026-04-09T00:57:38.077873Z 2026-04-08T07:00:07Z
cleanstart-2026-mw52739 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-09T00:59:39.080550Z 2026-04-08T06:46:14Z
cleanstart-2026-ki25096 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-09T00:59:38.592849Z 2026-04-08T06:46:14Z
cleanstart-2026-ij23041 In libexpat before 2 2026-04-09T01:01:38.269615Z 2026-04-08T06:46:14Z
cleanstart-2026-gy86690 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-09T00:57:57.606656Z 2026-04-08T06:46:14Z
cleanstart-2026-pd43534 In libexpat before 2 2026-04-08T00:39:47.879615Z 2026-04-07T05:54:38Z
cleanstart-2026-mp09743 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-08T00:37:59.326932Z 2026-04-07T05:54:38Z
cleanstart-2026-bb02574 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-08T00:37:58.971684Z 2026-04-07T05:54:38Z
cleanstart-2026-af52025 In libexpat before 2 2026-04-08T00:39:48.013620Z 2026-04-07T05:54:38Z
cleanstart-2026-hx94762 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing 2026-04-07T00:45:34.962189Z 2026-04-06T13:01:42Z
cleanstart-2026-gg94489 go-retryablehttp prior to 0 2026-04-07T00:41:33.578433Z 2026-04-06T13:01:42Z
cleanstart-2026-fu47971 protojson 2026-04-07T00:47:07.546790Z 2026-04-06T13:01:42Z
cleanstart-2026-ej93145 attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames 2026-04-07T00:44:04.086276Z 2026-04-06T13:01:42Z
cleanstart-2026-bk17545 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing 2026-04-07T00:38:33.362093Z 2026-04-06T13:01:42Z
cleanstart-2026-aj47488 When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11 2026-04-07T00:40:03.631106Z 2026-04-06T13:01:42Z
cleanstart-2026-fe32006 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-07T00:41:34.518345Z 2026-04-06T06:37:58Z
cleanstart-2026-dp59378 In libexpat before 2 2026-04-07T00:42:33.537935Z 2026-04-06T06:37:58Z
cleanstart-2026-ob18608 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-06T06:19:25.639311Z 2026-04-06T04:56:02Z
cleanstart-2026-kf75900 In libexpat before 2 2026-04-06T06:20:25.150640Z 2026-04-06T04:56:02Z
cleanstart-2026-jl41223 In libexpat before 2 2026-04-06T06:19:55.229801Z 2026-04-06T04:56:02Z
cleanstart-2026-jg79570 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-06T06:19:24.747052Z 2026-04-06T04:56:02Z
cleanstart-2026-dz75075 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-06T06:19:24.775093Z 2026-04-06T04:56:02Z
cleanstart-2026-nu19941 Security fixes for ghsa-72hv-8253-57qq applied in versions: 5.19.3-r1 2026-04-06T02:44:20.354882Z 2026-04-03T13:09:27Z
cleanstart-2026-kt07616 Security fixes for CVE-2026-22735, CVE-2026-22737 applied in versions: 6.2.3-r0 2026-04-06T02:44:27.120329Z 2026-04-03T13:09:27Z
cleanstart-2026-kt25851 Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2025-61732, CVE-2025-68121, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 0.87.0-r0, 0.87.0-r1, 0.88.0-r1 2026-04-06T02:44:54.790204Z 2026-04-03T08:04:33Z
cleanstart-2026-dq17669 Security fixes for CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-32287, CVE-2026-33186, CVE-2026-33762, CVE-2026-34165, ghsa-37cx-329c-33x3, ghsa-6g7g-w4f8-9c9x, ghsa-fw7p-63qq-7hpr applied in versions: 1.13.2-r0, 1.14.1-r0, 1.14.1-r1 2026-04-06T02:45:34.659600Z 2026-04-03T07:13:53Z
cleanstart-2026-ml41879 Security fixes for CVE-2026-1229, CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-32287, CVE-2026-33186, CVE-2026-33762, CVE-2026-34165, ghsa-37cx-329c-33x3, ghsa-6g7g-w4f8-9c9x, ghsa-fw7p-63qq-7hpr applied in versions: 1.13.2-r0, 1.14.0-r0, 1.14.0-r1, 1.14.1-r0 2026-04-06T02:45:36.057138Z 2026-04-03T07:11:16Z
cleanstart-2026-nd57973 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-06T02:45:57.693609Z 2026-04-03T07:10:19Z
cleanstart-2026-lr09759 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-06T02:46:06.138686Z 2026-04-03T07:10:19Z
ID Description Published Updated
drupal-contrib-2025-102 2025-08-27T17:20:11.000Z 2025-08-27T17:20:11.000Z
drupal-contrib-2025-099 2025-08-27T17:19:24.000Z 2025-08-27T17:19:24.000Z
drupal-contrib-2025-098 2025-08-27T17:19:14.000Z 2025-08-27T17:19:14.000Z
drupal-contrib-2025-096 2025-08-13T17:33:24.000Z 2025-08-13T20:10:05.000Z
drupal-contrib-2025-095 2025-08-06T16:50:43.000Z 2025-08-06T16:50:43.000Z
drupal-contrib-2025-094 2025-07-30T16:31:23.000Z 2025-07-30T16:31:23.000Z
drupal-contrib-2025-093 2025-07-30T16:30:44.000Z 2025-07-30T16:30:44.000Z
drupal-contrib-2025-092 2025-07-23T17:10:19.000Z 2025-07-23T17:10:19.000Z
drupal-contrib-2025-091 2025-07-16T16:46:49.000Z 2025-07-17T14:42:36.000Z
drupal-contrib-2025-090 2025-07-16T16:46:26.000Z 2025-07-16T16:46:26.000Z
drupal-contrib-2025-089 2025-07-16T16:46:08.000Z 2025-07-16T16:46:08.000Z
drupal-contrib-2025-087 2025-07-09T16:37:27.000Z 2025-07-09T16:37:27.000Z
drupal-contrib-2025-086 2025-07-02T17:37:13.000Z 2025-07-02T17:37:13.000Z
drupal-contrib-2025-085 2025-07-02T17:37:03.000Z 2025-07-02T17:37:03.000Z
drupal-contrib-2025-081 2025-06-25T18:42:06.000Z 2025-06-26T18:17:29.000Z
drupal-contrib-2025-084 2025-06-25T18:43:00.000Z 2025-06-25T18:43:00.000Z
drupal-contrib-2025-083 2025-06-25T18:42:38.000Z 2025-06-25T18:42:38.000Z
drupal-contrib-2025-082 2025-06-25T18:42:17.000Z 2025-06-25T18:42:17.000Z
drupal-contrib-2025-080 2025-06-25T18:41:56.000Z 2025-06-25T18:41:56.000Z
drupal-contrib-2025-079 2025-06-25T18:41:34.000Z 2025-06-25T18:41:34.000Z
drupal-contrib-2025-078 2025-06-25T18:41:20.000Z 2025-06-25T18:41:20.000Z
drupal-contrib-2025-077 2025-06-25T18:41:06.000Z 2025-06-25T18:41:06.000Z
drupal-contrib-2025-001 2025-01-08T17:22:11.000Z 2025-06-19T22:05:09.000Z
drupal-contrib-2025-004 2025-01-22T16:50:12.000Z 2025-05-29T18:26:44.000Z
drupal-contrib-2025-034 2025-04-16T16:24:49.000Z 2025-05-29T18:24:01.000Z
drupal-contrib-2025-041 2025-04-23T16:58:39.000Z 2025-05-29T18:23:44.000Z
drupal-contrib-2025-048 2025-05-07T17:06:26.000Z 2025-05-29T18:20:11.000Z
drupal-contrib-2025-049 2025-05-07T17:06:36.000Z 2025-05-29T18:20:00.000Z
drupal-contrib-2025-050 2025-05-07T17:06:52.000Z 2025-05-29T18:19:50.000Z
drupal-contrib-2025-051 2025-05-07T17:07:03.000Z 2025-05-29T18:19:36.000Z
ID Description Updated
ID Description Published Updated
certfr-2022-ale-001 [MaJ] Vulnérabilité dans Microsoft Windows 2022-01-12T00:00:00.000000 2022-05-04T00:00:00.000000
certfr-2021-ale-022 [MaJ] Vulnérabilité dans Apache Log4j 2021-12-10T00:00:00.000000 2022-05-04T00:00:00.000000
certfr-2021-ale-021 Vulnérabilité dans Microsoft Exchange 2021-11-10T00:00:00.000000 2022-05-04T00:00:00.000000
certfr-2021-ale-019 [MaJ] Vulnérabilité dans Microsoft Windows 2021-09-08T00:00:00.000000 2022-05-04T00:00:00.000000
certfr-2021-ale-017 Multiples vulnérabilités dans Microsoft Exchange 2021-08-27T00:00:00.000000 2022-05-04T00:00:00.000000
certfr-2021-ale-020 [Maj] Multiples vulnérabilités dans Microsoft Azure Open Management Infrastructure 2021-09-17T00:00:00.000000 2022-01-05T00:00:00.000000
certfr-2021-ale-018 Vulnérabilité dans Atlassian Confluence Server et Data Center 2021-09-06T00:00:00.000000 2022-01-05T00:00:00.000000
certfr-2021-ale-014 [MaJ] Multiples vulnérabilités dans Microsoft Windows 2021-07-02T00:00:00.000000 2022-01-05T00:00:00.000000
certfr-2021-ale-015 Multiples vulnérabilités dans SolarWinds Serv-U 2021-07-13T00:00:00.000000 2021-10-19T00:00:00.000000
certfr-2021-ale-012 Multiples vulnérabilités dans Microsoft Windows 2021-06-09T00:00:00.000000 2021-10-19T00:00:00.000000
certfr-2021-ale-011 Vulnérabilité dans VMware vCenter Server 2021-06-07T00:00:00.000000 2021-10-19T00:00:00.000000
certfr-2021-ale-016 Vulnérabilité dans SonicWall 2021-07-15T00:00:00.000000 2021-08-19T00:00:00.000000
certfr-2021-ale-004 [MàJ] Multiples vulnérabilités dans Microsoft Exchange Server 2021-03-03T00:00:00.000000 2021-07-16T00:00:00.000000
certfr-2021-ale-013 [MaJ] Vulnérabilité dans Microsoft Windows 2021-06-30T00:00:00.000000 2021-07-02T00:00:00.000000
certfr-2021-ale-010 Vulnérabilité dans Adobe Acrobat et Acrobat Reader 2021-05-12T00:00:00.000000 2021-06-29T00:00:00.000000
certfr-2021-ale-007 [MàJ] Vulnérabilité dans Pulse Connect Secure 2021-04-20T00:00:00.000000 2021-06-21T00:00:00.000000
certfr-2021-ale-009 [MàJ] Vulnérabilité dans Microsoft Windows 2021-05-12T00:00:00.000000 2021-06-10T00:00:00.000000
certfr-2021-ale-008 Multiples vulnérabilités dans Exim 2021-05-05T00:00:00.000000 2021-06-10T00:00:00.000000
certfr-2021-ale-005 Multiples vulnérabilités dans Microsoft DNS server 2021-03-12T00:00:00.000000 2021-05-12T00:00:00.000000
certfr-2021-ale-003 [MàJ] Vulnérabilité dans VMware vCenter Server 2021-02-25T00:00:00.000000 2021-05-12T00:00:00.000000
certfr-2021-ale-001 |MàJ] Vulnérabilité dans SonicWall SMA100 2021-02-02T00:00:00.000000 2021-05-12T00:00:00.000000
certfr-2021-ale-006 [MàJ] Vulnérabilité dans F5 BIG-IP 2021-03-22T00:00:00.000000 2021-04-15T00:00:00.000000
certfr-2020-ale-026 [MaJ] Présence de code malveillant dans SolarWinds Orion 2020-12-14T00:00:00.000000 2021-04-15T00:00:00.000000
certfr-2021-ale-002 [MàJ] Vulnérabilité dans Google Chrome et Microsoft Edge 2021-02-05T00:00:00.000000 2021-03-11T00:00:00.000000
certfr-2020-ale-021 Vulnérabilité dans Samba 2020-09-18T00:00:00.000000 2021-03-11T00:00:00.000000
certfr-2020-ale-020 [MàJ] Vulnérabilité dans Microsoft Netlogon 2020-09-15T00:00:00.000000 2021-03-11T00:00:00.000000
certfr-2020-ale-019 Recrudescence d'activité Emotet en France 2020-09-07T00:00:00.000000 2021-02-09T00:00:00.000000
certfr-2020-ale-025 Vulnérabilité dans Fortinet FortiOS SSL-VPN 2020-11-27T00:00:00.000000 2021-02-08T00:00:00.000000
certfr-2020-ale-024 [MaJ] Vulnérabilité dans les produits VMware 2020-11-24T00:00:00.000000 2020-12-17T00:00:00.000000
certfr-2020-ale-022 [MàJ] Vulnérabilité dans Oracle Weblogic 2020-10-30T00:00:00.000000 2020-12-17T00:00:00.000000
ID Description Published Updated
certfr-2026-avi-0398 Multiples vulnérabilités dans le noyau Linux de SUSE 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0397 Multiples vulnérabilités dans le noyau Linux d'Ubuntu 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0396 Multiples vulnérabilités dans le noyau Linux de Red Hat 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0395 Multiples vulnérabilités dans les produits IBM 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0394 Multiples vulnérabilités dans VMware Tanzu 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0393 Vulnérabilité dans Synology Mail Station 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0392 Multiples vulnérabilités dans Microsoft Edge 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0391 Multiples vulnérabilités dans OpenSSH 2026-04-02T00:00:00.000000 2026-04-02T00:00:00.000000
certfr-2026-avi-0390 Multiples vulnérabilités dans Belden NetModule Router Software 2026-04-02T00:00:00.000000 2026-04-02T00:00:00.000000
certfr-2026-avi-0389 Vulnérabilité dans Microsoft Azure Linux 2026-04-02T00:00:00.000000 2026-04-02T00:00:00.000000
certfr-2026-avi-0388 Multiples vulnérabilités dans les produits Cisco 2026-04-02T00:00:00.000000 2026-04-02T00:00:00.000000
certfr-2026-avi-0387 Multiples vulnérabilités dans les produits Netgate 2026-04-02T00:00:00.000000 2026-04-02T00:00:00.000000
certfr-2026-avi-0386 Multiples vulnérabilités dans les produits Microsoft 2026-04-01T00:00:00.000000 2026-04-01T00:00:00.000000
certfr-2026-avi-0385 Multiples vulnérabilités dans Google Chrome 2026-04-01T00:00:00.000000 2026-04-01T00:00:00.000000
certfr-2026-avi-0384 Multiples vulnérabilités dans Joomla! 2026-04-01T00:00:00.000000 2026-04-01T00:00:00.000000
certfr-2026-avi-0383 Multiples vulnérabilités dans Sonicwall Email Security 2026-04-01T00:00:00.000000 2026-04-01T00:00:00.000000
certfr-2026-avi-0382 Multiples vulnérabilités dans les produits FoxIT 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0381 Multiples vulnérabilités dans les produits Microsoft 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0380 Multiples vulnérabilités dans Microsoft Edge 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0379 Vulnérabilité dans Elastic OpenTelemetry Java 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0378 Vulnérabilité dans Symantec Data Loss Prevention (DLP) 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0377 Multiples vulnérabilités dans Papercut 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0376 Multiples vulnérabilités dans les produits Microsoft 2026-03-30T00:00:00.000000 2026-03-30T00:00:00.000000
certfr-2026-avi-0375 Multiples vulnérabilités dans Microsoft Edge 2026-03-30T00:00:00.000000 2026-03-30T00:00:00.000000
certfr-2026-avi-0374 Vulnérabilité dans Docker Desktop 2026-03-30T00:00:00.000000 2026-03-30T00:00:00.000000
certfr-2026-avi-0372 Multiples vulnérabilités dans les produits IBM 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0371 Multiples vulnérabilités dans le noyau Linux d'Ubuntu 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0370 Multiples vulnérabilités dans le noyau Linux de Red Hat 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0369 Multiples vulnérabilités dans le noyau Linux de SUSE 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0368 Vulnérabilité dans les produits Microsoft 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
ID Description Published Updated
jvndb-2026-003905 Multiple Vulnerabilities in Cosminexus HTTP Server and Hitachi Web Server 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-000025 Joomla! CMS vulnerable to cross-site scripting 2026-02-17T12:46+09:00 2026-02-17T12:46+09:00
jvndb-2026-000023 FileZen vulnerable to OS command injection 2026-02-13T16:51+09:00 2026-02-13T17:08+09:00
jvndb-2026-000024 Installer of M-Audio M-Track Duo HD may insecurely load Dynamic Link Libraries 2026-02-12T13:32+09:00 2026-02-12T13:32+09:00
jvndb-2026-000022 Oki Electric Industry products and OEM products register Windows services with unquoted file paths 2026-02-09T15:21+09:00 2026-02-09T15:21+09:00
jvndb-2026-000021 web2py vulnerable to open redirect 2026-02-05T15:01+09:00 2026-02-05T15:01+09:00
jvndb-2026-000017 Improper file access permission settings in Mitsubishi Small-Capacity UPS Shutdown Software FREQSHIP-mini for Windows 2026-02-03T14:57+09:00 2026-02-05T14:41+09:00
jvndb-2026-000020 Multiple vulnerabilities in Movable Type 2026-02-04T16:15+09:00 2026-02-04T16:15+09:00
jvndb-2026-000016 Installer for Roland Cloud Manager may insecurely load Dynamic Link Libraries 2026-02-03T14:57+09:00 2026-02-04T12:39+09:00
jvndb-2024-002831 ELECOM wireless LAN routers vulnerable to OS command injection 2024-02-22T08:15+09:00 2026-02-04T12:02+09:00
jvndb-2025-000041 Multiple vulnerabilities in ELECOM wireless LAN routers 2025-06-24T14:50+09:00 2026-02-03T15:35+09:00
jvndb-2024-000078 Multiple vulnerabilities in ELECOM wireless LAN routers 2024-07-30T15:34+09:00 2026-02-03T15:35+09:00
jvndb-2026-000019 Multiple vulnerabilities in ELECOM wireless LAN products 2026-02-03T14:57+09:00 2026-02-03T14:57+09:00
jvndb-2026-000015 Sonatype Nexus Repository vulnerable to server-side request forgery 2026-02-02T15:18+09:00 2026-02-02T15:18+09:00
jvndb-2026-000014 OS command injection in raspap-webgui 2026-02-02T15:18+09:00 2026-02-02T15:18+09:00
jvndb-2026-000013 Multiple Microsoft Office products vulnerable to untrusted search path 2026-02-02T15:18+09:00 2026-02-02T15:18+09:00
jvndb-2026-000012 Multiple vulnerabilities in Cybozu Garoon 2026-02-02T15:18+09:00 2026-02-02T15:18+09:00
jvndb-2026-000018 Undocumented "TelnetEnable" functionality of End of Service NETGEAR products 2026-01-30T14:23+09:00 2026-01-30T14:23+09:00
jvndb-2026-002119 Multiple vulnerabilities in BROTHER MFPs (multifunction printers) 2026-01-30T11:26+09:00 2026-01-30T11:26+09:00
jvndb-2026-002030 Multiple Vulnerabilities in Cosminexus 2026-01-29T10:32+09:00 2026-01-29T10:32+09:00
jvndb-2026-001972 Archer MR600 vulnerable to OS command injection 2026-01-28T10:41+09:00 2026-01-28T10:41+09:00
jvndb-2026-000011 beat-access for Windows may insecurely load Dynamic Link Libraries 2026-01-27T18:22+09:00 2026-01-27T18:22+09:00
jvndb-2026-001732 Multiple Brother software installers may insecurely load Dynamic Link Libraries 2026-01-26T16:04+09:00 2026-01-26T16:04+09:00
jvndb-2026-000010 Command injection vulnerability in ASUS routers 2026-01-23T15:22+09:00 2026-01-23T15:22+09:00
jvndb-2026-001663 "iRMC S5/S6" implemented in PRIMERGY vulnerable to incorrect authorization 2026-01-23T11:29+09:00 2026-01-23T11:29+09:00
jvndb-2026-001662 Multiple vulnerabilities in Trend Micro Apex Central (January 2026) 2026-01-23T11:29+09:00 2026-01-23T11:29+09:00
jvndb-2026-000009 Installer of Fujitsu ServerView Agents for Windows may insecurely load Dynamic Link Libraries 2026-01-21T15:17+09:00 2026-01-21T15:17+09:00
jvndb-2026-000008 Ruijie Networks AP180 series vulnerable to OS command injection 2026-01-21T15:17+09:00 2026-01-21T15:17+09:00
jvndb-2026-001582 Security information for Hitachi Disk Array Systems 2026-01-21T12:11+09:00 2026-01-21T12:11+09:00
jvndb-2026-001578 ETERNUS SF vulnerable to insertion of sensitive information into maintenance data 2026-01-20T20:00+09:00 2026-01-20T20:00+09:00
ID Description Published Updated
cnvd-2026-16678 TOTOLINK A3600R setNoticeCfg函数命令注入漏洞 2026-04-09 2026-04-09
cnvd-2026-16638 Oracle MySQL存在未明漏洞(CNVD-2026-16638) 2026-01-30 2026-04-09
cnvd-2026-16631 Oracle MySQL存在未明漏洞(CNVD-2026-16631) 2026-01-30 2026-04-09
cnvd-2026-16630 Oracle MySQL存在未明漏洞(CNVD-2026-16630) 2026-01-30 2026-04-09
cnvd-2026-16629 Oracle MySQL存在未明漏洞(CNVD-2026-16629) 2026-01-30 2026-04-09
cnvd-2026-16628 Oracle MySQL存在未明漏洞(CNVD-2026-16628) 2026-01-30 2026-04-09
cnvd-2026-16627 Oracle MySQL存在未明漏洞(CNVD-2026-16627) 2026-01-30 2026-04-09
cnvd-2026-16624 OpenClaw访问控制错误漏洞(CNVD-2026-16624) 2026-04-08 2026-04-09
cnvd-2026-16623 OpenClaw访问控制错误漏洞(CNVD-2026-16623) 2026-04-08 2026-04-09
cnvd-2026-16622 OpenClaw授权问题漏洞(CNVD-2026-16622) 2026-04-08 2026-04-09
cnvd-2026-16621 OpenClaw授权问题漏洞(CNVD-2026-16621) 2026-04-08 2026-04-09
cnvd-2026-16617 ImageMagick缓冲区溢出漏洞(CNVD-2026-16617) 2026-03-19 2026-04-09
cnvd-2026-16601 Mozilla Firefox安全绕过漏洞(CNVD-2026-16601) 2026-03-16 2026-04-09
cnvd-2026-16600 ImageMagick整数溢出漏洞(CNVD-2026-16600) 2026-03-16 2026-04-09
cnvd-2026-16599 Adobe Substance3D Painter越界读取漏洞(CNVD-2026-16599) 2026-03-16 2026-04-09
cnvd-2026-16598 Adobe Substance3D Painter越界读取漏洞(CNVD-2026-16598) 2026-03-16 2026-04-09
cnvd-2026-16597 OliveTin路径遍历漏洞 2026-03-16 2026-04-09
cnvd-2026-16596 iccDEV缓冲区溢出漏洞 2026-03-16 2026-04-09
cnvd-2026-16595 Adobe Commerce输入验证错误漏洞(CNVD-2026-16595) 2026-03-17 2026-04-09
cnvd-2026-16594 Adobe Commerce路径遍历漏洞(CNVD-2026-16594) 2026-03-17 2026-04-09
cnvd-2026-16593 Adobe Commerce开放重定向漏洞 2026-03-17 2026-04-09
cnvd-2026-16592 Adobe Commerce服务端请求伪造漏洞 2026-03-17 2026-04-09
cnvd-2026-16590 Totolink A3300R命令注入漏洞 2026-04-08 2026-04-09
cnvd-2026-16589 NVIDIA Delegated Licensing Service授权问题漏洞 2026-03-04 2026-04-09
cnvd-2026-16588 Adobe Commerce输入验证错误漏洞(CNVD-2026-16588) 2026-03-17 2026-04-09
cnvd-2026-16587 Adobe Commerce跨站脚本漏洞(CNVD-2026-16587) 2026-03-17 2026-04-09
cnvd-2026-16586 Adobe Commerce跨站脚本漏洞(CNVD-2026-16586) 2026-03-17 2026-04-09
cnvd-2026-16585 Adobe Commerce跨站脚本漏洞(CNVD-2026-16585) 2026-03-17 2026-04-09
cnvd-2026-16584 Adobe Commerce跨站脚本漏洞(CNVD-2026-16584) 2026-03-17 2026-04-09
cnvd-2026-16583 Adobe Commerce跨站脚本漏洞(CNVD-2026-16583) 2026-03-17 2026-04-09
ID Description Published Updated
bdu:2025-15829 Уязвимость системы управления базами данных MySQL и MariaDB, связанная с раскрытием инфор… 15.12.2025 16.02.2026
bdu:2025-15825 Уязвимость компонентов mm ядра операционной системы Linux, позволяющая нарушителю получит… 15.12.2025 16.02.2026
bdu:2025-15824 Уязвимость компонента hugetlb.c ядра операционной системы Linux, позволяющая нарушителю п… 15.12.2025 16.02.2026
bdu:2025-15822 Уязвимость ядра операционной системы Linux, связанная с неправильной проверкой возвращаем… 15.12.2025 16.02.2026
bdu:2025-15821 Уязвимость компонента drm/sched ядра операционной системы Linux, позволяющая нарушителю в… 15.12.2025 16.02.2026
bdu:2025-15820 Уязвимость компонента pinctrl-msm ядра операционной системы Linux, позволяющая нарушителю… 15.12.2025 16.02.2026
bdu:2025-15816 Уязвимость компонента smb ядра операционной системы Linux, позволяющая нарушителю нарушит… 15.12.2025 16.02.2026
bdu:2025-15815 Уязвимость ядра операционной системы Linux, связанная с чтением за допустимыми границами … 15.12.2025 16.02.2026
bdu:2025-15814 Уязвимость ядра операционной системы Linux, связанная с чтением за границами буфера данны… 15.12.2025 16.02.2026
bdu:2025-15811 Уязвимость компонента xusb ядра операционной системы Linux, позволяющая нарушителю вызват… 15.12.2025 16.02.2026
bdu:2025-15810 Уязвимость ядра операционной системы Linux, связанная с одновременным выполнением с испол… 15.12.2025 16.02.2026
bdu:2025-15809 Уязвимость компонента appletalk ядра операционной системы Linux, позволяющая нарушителю н… 15.12.2025 16.02.2026
bdu:2025-15808 Уязвимость компонента drm/tegra ядра операционной системы Linux, позволяющая нарушителю в… 15.12.2025 16.02.2026
bdu:2025-15806 Уязвимость компонента atm ядра операционной системы Linux, позволяющая нарушителю вызвать… 15.12.2025 16.02.2026
bdu:2025-15804 Уязвимость компонента mcast ядра операционной системы Linux, позволяющая нарушителю вызва… 15.12.2025 16.02.2026
bdu:2025-15803 Уязвимость компонентов tmptcp ядра операционной системы Linux, позволяющая нарушителю пол… 15.12.2025 16.02.2026
bdu:2025-15802 Уязвимость компонента perf/core ядра операционной системы Linux, позволяющая нарушителю в… 15.12.2025 16.02.2026
bdu:2025-15800 Уязвимость компонента mm/vmalloc.c ядра операционной системы Linux, позволяющая нарушител… 15.12.2025 16.02.2026
bdu:2025-15799 Уязвимость модуля powerpc/eeh ядра операционной системы Linux, позволяющая нарушителю выз… 15.12.2025 16.02.2026
bdu:2025-15798 Уязвимость компонента crypto ядра операционной системы Linux, позволяющая нарушителю вызв… 15.12.2025 16.02.2026
bdu:2025-15797 Уязвимость компонента xilinx ядра операционной системы Linux, позволяющая нарушителю вызв… 15.12.2025 16.02.2026
bdu:2025-15796 Уязвимость компонента iwlwifi ядра операционной системы Linux, позволяющая нарушителю выз… 15.12.2025 16.02.2026
bdu:2025-15795 Уязвимость ядра операционной системы Linux, связанная с ошибками разыменования указателя,… 15.12.2025 16.02.2026
bdu:2025-15794 Уязвимость компонента dtpm_cpu ядра операционной системы Linux, позволяющая нарушителю вы… 15.12.2025 16.02.2026
bdu:2025-15793 Уязвимость компонента fbtft ядра операционной системы Linux, позволяющая нарушителю вызва… 15.12.2025 16.02.2026
bdu:2025-15792 Уязвимость компонента net/tls ядра операционной системы Linux, позволяющая нарушителю выз… 15.12.2025 16.02.2026
bdu:2025-15791 Уязвимость компонента net/packet/af_packet.c ядра операционной системы Linux, позволяющая… 15.12.2025 16.02.2026
bdu:2025-15790 Уязвимость компонента net ядра операционной системы Linux, позволяющая нарушителю вызвать… 15.12.2025 16.02.2026
bdu:2025-15789 Уязвимость компонента pnv_php операционной системы Linux, позволяющая нарушителю вызвать … 15.12.2025 16.02.2026
bdu:2025-15788 Уязвимость компонента pnv_php ядра операционной системы Linux, позволяющая нарушителю выз… 15.12.2025 16.02.2026
ID Description Updated
var-202112-1782 Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not pro… 2026-04-10T23:35:45.033000Z
var-202003-1779 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between seriali… 2026-04-10T23:35:44.701000Z
var-201007-0948 Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 thro… 2026-04-10T23:35:43.785000Z
var-202102-0068 Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before … 2026-04-10T23:35:43.590000Z
var-201903-0423 A memory corruption issue was addressed with improved memory handling. This issue is fixe… 2026-04-10T23:35:09.270000Z
var-201404-0592 The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly h… 2026-04-10T23:34:59.841000Z
var-201410-1418 The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeter… 2026-04-10T23:34:59.740000Z
var-200810-0141 Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for c… 2026-04-10T23:34:59.011000Z
var-201006-1253 WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari… 2026-04-10T23:34:53.625000Z
var-200809-0193 Time Machine in Apple Mac OS X 10.5 through 10.5.4 uses weak permissions for Time Machine… 2026-04-10T23:34:22.491000Z
var-201410-1217 Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in c… 2026-04-10T23:34:07.569000Z
var-201806-1470 An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS bef… 2026-04-10T23:34:04.094000Z
var-201912-1844 Multiple memory corruption issues were addressed with improved memory handling. This issu… 2026-04-10T23:34:03.130000Z
var-201710-1433 Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a deni… 2026-04-10T23:34:02.101000Z
var-201908-0260 Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, poten… 2026-04-10T23:34:01.956000Z
var-202004-2199 In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containi… 2026-04-10T23:34:01.350000Z
var-202209-0773 The issue was addressed with improved memory handling. This issue is fixed in macOS Monte… 2026-04-10T23:33:59.696000Z
var-202105-1451 An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas i… 2026-04-10T23:33:59.314000Z
var-201912-0597 Multiple memory corruption issues were addressed with improved memory handling. This issu… 2026-04-10T23:33:58.659000Z
var-201806-1436 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari be… 2026-04-10T23:33:58.495000Z
var-200810-0144 Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 a… 2026-04-10T23:33:23.023000Z
var-201910-1646 By design, BIND is intended to limit the number of TCP clients that can be connected at a… 2026-04-10T23:32:51.564000Z
var-200809-0176 sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, an… 2026-04-10T23:32:51.513000Z
var-201711-0476 An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari be… 2026-04-10T23:32:44.188000Z
var-201506-0038 Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to exe… 2026-04-10T23:32:30.204000Z
var-201912-0545 Multiple memory corruption issues were addressed with improved memory handling. This issu… 2026-04-10T23:31:27.957000Z
var-202008-1238 In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.… 2026-04-10T23:30:57.138000Z
var-201109-0200 Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers… 2026-04-10T23:30:56.602000Z
var-200704-0226 Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properl… 2026-04-10T23:30:53.630000Z
var-202404-0120 Faulty input validation in the core of Apache allows malicious or exploitable backend/con… 2026-04-10T23:30:53.560000Z
ID Description Published Updated
vde-2024-067 Phoenix Contact: Multiple Vulnerabilities in PLCnext Engineer 2024-10-08T12:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-052 Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors. 2024-09-10T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-051 Phoenix Contact: Multiple mGuard devices are vulnerable to a remote code injection due to SSH 2024-09-10T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2023-010 PHOENIX CONTACT: FL MGUARD affected by two vulnerabilities 2023-06-13T06:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2022-001 PHOENIX CONTACT: FL SWITCH 2xxx series incorrect privilege assignment 2022-01-25T08:05:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-019 PHOENIX CONTACT: Security Advisory for ILC1x1 Industrial controllers 2021-06-23T12:16:00.000Z 2025-05-14T13:00:14.000Z
vde-2019-003 PHOENIX CONTACT: Multiple Vulnerabilities in MEVIEW3 2019-03-05T10:35:00.000Z 2025-05-14T13:00:14.000Z
vde-2017-006 PHOENIX CONTACT: FL SWITCH 3xxx/4xxx/48xx series web-service authentication bypass 2018-01-10T09:36:00.000Z 2025-05-14T13:00:14.000Z
vde-2025-029 Phoenix Contact: Security Advisory for AXL F BK and IL BK bus couplers 2025-05-13T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-036 PHOENIX CONTACT: Products utilizing WIBU SYSTEMS CodeMeter components in versions prior to V7.21a 2021-08-04T07:56:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-029 PHOENIX CONTACT: DoS for PLCnext Control devices in versions <2021.0.5 LTS 2021-08-04T07:58:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-025 PHOENIX CONTACT: Security Advisory for PLCNext, ILC 2050 BI, FL MGUARD DM UNLIMITED, TC ROUTER und CLOUD CLIENT products 2021-06-23T12:19:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-024 PHOENIX CONTACT: Security Advisory for PLCNext, SMARTRTU AXC, CHARX control modular and EEM-SB37x 2021-05-04T08:17:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-023 PHOENIX CONTACT: Security Advisory for FL SWITCH SMCS series 2021-06-23T12:17:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-022 PHOENIX CONTACT: Security Advisory for FL COMSERVER UNI 2021-06-23T12:16:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-021 PHOENIX CONTACT: Security Advisory for AXL F BK and IL BK products 2021-06-23T12:15:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-020 PHOENIX CONTACT: Security Advisory for Automation Worx Software Suite 2021-06-23T11:10:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-047 PHOENIX CONTACT: BTP Touch Panels uncontrolled resource consumption 2020-12-02T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-046 PHOENIX CONTACT: mGuard <8.8.3 products missing initialization of resource 2020-12-17T09:01:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-025 PHOENIX CONTACT: Improper path sanitation on import of project files in PLCnext Engineer 2020-07-21T09:38:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-023 PHOENIX CONTACT: Two Vulnerabilities in Automation Worx Suite 2020-07-01T08:25:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-003 PHOENIX CONTACT: TC Router and TC Cloud Client multiple vulnerabilities 2020-03-05T15:58:00.000Z 2025-05-14T12:28:19.000Z
vde-2019-016 PHOENIX CONTACT: Security Advisory for Automation Worx Software Suite 2019-10-15T06:17:00.000Z 2025-05-14T12:28:19.000Z
vde-2019-014 PHOENIX CONTACT: Multiple Vulnerabilities in Automation Worx Software Suite 2019-06-19T12:41:00.000Z 2025-05-14T12:28:19.000Z
vde-2019-007 PHOENIX CONTACT: command injection on RAD-80211-XD(/HP-BUS) 2019-03-25T11:45:00.000Z 2025-05-14T12:28:19.000Z
vde-2019-006 PHOENIX CONTACT: unauthorized access to WEB-UI on FL NAT SMx 2019-03-25T11:40:00.000Z 2025-05-14T12:28:19.000Z
vde-2018-004 Phoenix Contact: FL SWITCH 3xxx/4xxx/48xx series through 1.33 allows Command Injection 2018-05-16T05:35:00.000Z 2025-05-14T12:28:19.000Z
vde-2018-001 PHOENIX CONTACT: Advisory for mGuard products 2018-01-30T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2017-004 PHOENIX CONTACT: FL COMSERVER cross-site scripting (XSS) vulnerability 2017-12-05T08:50:00.000Z 2025-05-14T12:28:19.000Z
vde-2017-003 PHOENIX CONTACT: WLAN enabled devices utilising WPA2 encryption 2017-11-09T16:20:00.000Z 2025-05-14T12:28:19.000Z
ID Description Published Updated
vde-2023-015 WAGO: Improper privilege management in web-based management 2023-11-20T07:00:00.000Z 2023-11-20T07:00:00.000Z
vde-2022-040 WAGO: Multiple Vulnerabilities in Controller with WAGO I/O-Pro / CODESYS 2.3 Runtime 2022-10-17T08:00:00.000Z 2023-09-22T12:39:00.000Z
vde-2023-014 WAGO: Bluetooth LE vulnerability in WLAN-ETHERNET-Gateway 2023-07-31T07:00:00.000Z 2023-07-31T07:00:00.000Z
vde-2023-005 WAGO: Series 750-3x/-8x prone to MODBUS server DoS 2023-06-25T06:00:00.000Z 2023-06-25T06:00:00.000Z
vde-2022-060 WAGO: Multiple vulnerabilities in web-based management of multiple products 2023-02-27T11:00:00.000Z 2023-02-27T11:00:00.000Z
vde-2022-055 WAGO: Exposure of configuration interface in unmanaged switches 2023-02-16T13:43:00.000Z 2023-02-16T13:43:00.000Z
vde-2022-054 WAGO: Unauthenticated Configuration Export in web-based management in multiple devices 2023-01-12T07:52:00.000Z 2023-01-12T07:52:00.000Z
vde-2022-042 WAGO: Multiple products - Loss of MAC-Address-Filtering after reboot 2022-10-17T08:00:00.000Z 2022-10-17T08:00:00.000Z
vde-2022-047 WAGO: FTP-Server - Denial-of-Service 2022-10-12T08:00:00.000Z 2022-10-12T08:00:00.000Z
vde-2022-035 WAGO: Multiple product series affected by multiple CODESYS vulnerabilities 2022-08-17T08:00:00.000Z 2022-08-17T08:00:00.000Z
vde-2022-031 WAGO: Multiple Products Series affected by multiple CODESYS vulnerabilities 2022-08-17T08:00:00.000Z 2022-08-17T08:00:00.000Z
vde-2022-004 WAGO: Web-Based Management Cross-Site Scripting 2022-03-09T07:00:00.000Z 2022-03-09T07:00:00.000Z
vde-2021-050 WAGO: Multiple devices affected by Vulnerabilities in NUCLEUS TCP Stack. 2021-11-16T11:02:00.000Z 2021-11-16T11:02:00.000Z
vde-2020-048 M&M Software (WAGO): Deserialisation of untrusted data in fdtContainer 2021-01-14T14:57:00.000Z 2021-01-14T14:57:00.000Z
vde-2020-015 WAGO: Web Based Management - Code Execution Vulnerability 2020-06-10T08:00:00.000Z 2020-06-10T08:00:00.000Z
vde-2020-010 WAGO: Cloud Connectivity Remote Code Execution Vulnerability 2020-03-09T09:25:00.000Z 2020-03-09T09:25:00.000Z
vde-2020-007 WAGO: Web-Based Management Denial of Service 2020-03-09T09:10:00.000Z 2020-03-09T09:10:00.000Z
vde-2019-022 WAGO: Multiple Vulnerabilities in I/O-Check Service in Multiple Devices 2019-12-16T09:00:00.000Z 2019-12-16T09:00:00.000Z
vde-2019-013 WAGO: Multiple Vulnerabilities in industrial managed switches 2019-06-12T10:25:00.000Z 2019-06-12T10:25:00.000Z
ID CVSS Description Vendor Product Published Updated
ID CVSS Description Vendor Product Published Updated