Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-21523 |
8 (3.1)
|
GitHub Copilot and Visual Studio Code Remote Code Exec… |
Microsoft |
Microsoft Visual Studio Code CoPilot Chat Extension |
2026-02-10T17:51:25.077Z | 2026-02-27T20:55:27.536Z |
| CVE-2026-21518 |
8.8 (3.1)
|
GitHub Copilot and Visual Studio Code Security Feature… |
Microsoft |
Microsoft Visual Studio Code CoPilot Chat Extension |
2026-02-10T17:51:15.121Z | 2026-02-27T20:55:26.967Z |
| CVE-2026-26119 |
8.8 (3.1)
|
Windows Admin Center Elevation of Privilege Vulnerability |
Microsoft |
Windows Admin Center |
2026-02-17T22:56:03.973Z | 2026-02-27T20:55:26.444Z |
| CVE-2026-20841 |
7.8 (3.1)
|
Windows Notepad App Remote Code Execution Vulnerability |
Microsoft |
Windows Notepad |
2026-02-10T17:51:50.412Z | 2026-02-27T20:55:25.907Z |
| CVE-2026-20846 |
7.5 (3.1)
|
GDI+ Denial of Service Vulnerability |
Microsoft |
Windows 10 Version 1607 |
2026-02-10T17:51:49.875Z | 2026-02-27T20:55:25.328Z |
| CVE-2026-21222 |
5.5 (3.1)
|
Windows Kernel Information Disclosure Vulnerability |
Microsoft |
Windows 10 Version 1607 |
2026-02-10T17:51:49.321Z | 2026-02-27T20:55:24.756Z |
| CVE-2026-21228 |
8.1 (3.1)
|
Azure Local Remote Code Execution Vulnerability |
Microsoft |
Azure Local |
2026-02-10T17:51:48.818Z | 2026-02-27T20:55:24.108Z |
| CVE-2026-21231 |
7.8 (3.1)
|
Windows Kernel Elevation of Privilege Vulnerability |
Microsoft |
Windows 10 Version 1607 |
2026-02-10T17:51:48.230Z | 2026-02-27T20:55:23.461Z |
| CVE-2026-21232 |
7.8 (3.1)
|
Windows HTTP.sys Elevation of Privilege Vulnerability |
Microsoft |
Windows 11 version 22H3 |
2026-02-10T17:51:47.717Z | 2026-02-27T20:55:22.834Z |
| CVE-2026-21237 |
7 (3.1)
|
Windows Subsystem for Linux Elevation of Privilege Vul… |
Microsoft |
Windows 10 Version 21H2 |
2026-02-10T17:51:47.120Z | 2026-02-27T20:55:22.218Z |
| CVE-2026-21238 |
7.8 (3.1)
|
Windows Ancillary Function Driver for WinSock Elevatio… |
Microsoft |
Windows 10 Version 1607 |
2026-02-10T17:51:46.513Z | 2026-02-27T20:55:21.677Z |
| CVE-2026-21239 |
7.8 (3.1)
|
Windows Kernel Elevation of Privilege Vulnerability |
Microsoft |
Windows 10 Version 1607 |
2026-02-10T17:51:45.888Z | 2026-02-27T20:55:21.062Z |
| CVE-2026-21241 |
7 (3.1)
|
Windows Ancillary Function Driver for WinSock Elevatio… |
Microsoft |
Windows 11 version 22H3 |
2026-02-10T17:51:45.304Z | 2026-02-27T20:55:20.512Z |
| CVE-2026-21240 |
7.8 (3.1)
|
Windows HTTP.sys Elevation of Privilege Vulnerability |
Microsoft |
Windows 10 Version 1809 |
2026-02-10T17:51:44.627Z | 2026-02-27T20:55:19.862Z |
| CVE-2026-21243 |
7.5 (3.1)
|
Windows Lightweight Directory Access Protocol (LDAP) D… |
Microsoft |
Windows Server 2019 |
2026-02-10T17:51:43.963Z | 2026-02-27T20:55:19.181Z |
| CVE-2026-21244 |
7.3 (3.1)
|
Windows Hyper-V Remote Code Execution Vulnerability |
Microsoft |
Windows 10 Version 1607 |
2026-02-10T17:51:43.396Z | 2026-02-27T20:55:18.584Z |
| CVE-2026-21245 |
7.8 (3.1)
|
Windows Kernel Elevation of Privilege Vulnerability |
Microsoft |
Windows 11 Version 24H2 |
2026-02-10T17:51:42.716Z | 2026-02-27T20:55:18.047Z |
| CVE-2026-21249 |
3.3 (3.1)
|
Windows NTLM Spoofing Vulnerability |
Microsoft |
Windows 10 Version 1607 |
2026-02-10T17:51:42.124Z | 2026-02-27T20:55:17.425Z |
| CVE-2026-21250 |
7.8 (3.1)
|
Windows HTTP.sys Elevation of Privilege Vulnerability |
Microsoft |
Windows 11 Version 24H2 |
2026-02-10T17:51:41.521Z | 2026-02-27T20:55:16.818Z |
| CVE-2026-21251 |
7.8 (3.1)
|
Cluster Client Failover (CCF) Elevation of Privilege V… |
Microsoft |
Windows Server 2016 |
2026-02-10T17:51:40.939Z | 2026-02-27T20:55:15.977Z |
| CVE-2026-21253 |
7 (3.1)
|
Mailslot File System Elevation of Privilege Vulnerability |
Microsoft |
Windows 10 Version 1607 |
2026-02-10T17:51:39.411Z | 2026-02-27T20:55:15.376Z |
| CVE-2026-21255 |
8.8 (3.1)
|
Windows Hyper-V Security Feature Bypass Vulnerability |
Microsoft |
Windows 10 Version 1607 |
2026-02-10T17:51:38.926Z | 2026-02-27T20:55:14.628Z |
| CVE-2026-21256 |
8.8 (3.1)
|
GitHub Copilot and Visual Studio Remote Code Execution… |
Microsoft |
Microsoft Visual Studio 2022 version 17.14 |
2026-02-10T17:51:38.364Z | 2026-02-27T20:55:14.116Z |
| CVE-2026-21257 |
8 (3.1)
|
GitHub Copilot and Visual Studio Elevation of Privileg… |
Microsoft |
Microsoft Visual Studio 2022 version 17.14 |
2026-02-10T17:51:37.741Z | 2026-02-27T20:55:13.552Z |
| CVE-2026-21261 |
5.5 (3.1)
|
Microsoft Excel Information Disclosure Vulnerability |
Microsoft |
Microsoft 365 Apps for Enterprise |
2026-02-10T17:51:37.088Z | 2026-02-27T20:55:13.064Z |
| CVE-2026-21508 |
7 (3.1)
|
Windows Storage Elevation of Privilege Vulnerability |
Microsoft |
Windows 10 Version 1607 |
2026-02-10T17:51:36.479Z | 2026-02-27T20:55:12.346Z |
| CVE-2026-21511 |
7.5 (3.1)
|
Microsoft Outlook Spoofing Vulnerability |
Microsoft |
Microsoft 365 Apps for Enterprise |
2026-02-10T17:51:35.908Z | 2026-02-27T20:55:11.755Z |
| CVE-2026-21516 |
8.8 (3.1)
|
GitHub Copilot for Jetbrains Remote Code Execution Vul… |
Microsoft |
GitHub Copilot Plugin for JetBrains IDEs |
2026-02-10T17:51:35.340Z | 2026-02-27T20:55:11.199Z |
| CVE-2026-21525 |
6.2 (3.1)
|
Windows Remote Access Connection Manager Denial of Ser… |
Microsoft |
Windows 10 Version 1607 |
2026-02-10T17:51:34.755Z | 2026-02-27T20:55:10.573Z |
| CVE-2026-21514 |
7.8 (3.1)
|
Microsoft Word Security Feature Bypass Vulnerability |
Microsoft |
Microsoft 365 Apps for Enterprise |
2026-02-10T17:51:34.153Z | 2026-02-27T20:55:09.979Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-28426 |
8.7 (3.1)
|
Statamic vulnerable to privilege escalation via stored… |
statamic |
cms |
2026-02-27T22:23:42.660Z | 2026-02-27T22:23:42.660Z |
| CVE-2026-28425 |
8 (3.1)
|
Statamic vulnerable to remote code execution via Antle… |
statamic |
cms |
2026-02-27T22:20:39.735Z | 2026-02-27T22:20:39.735Z |
| CVE-2026-28424 |
6.5 (3.1)
|
Statamic's missing authorization allows access to emai… |
statamic |
cms |
2026-02-27T22:14:01.779Z | 2026-02-27T22:14:01.779Z |
| CVE-2026-28423 |
6.8 (3.1)
|
Statamic Vulnerable to Server-Side Request Forgery via Glide |
statamic |
cms |
2026-02-27T22:11:55.802Z | 2026-02-27T22:11:55.802Z |
| CVE-2026-27759 |
5.3 (4.0)
|
Featured Image from Content < 1.7 Authenticated SSRF v… |
Dhrumil Kumbhani |
Featured Image from Content |
2026-02-27T22:17:11.669Z | 2026-02-27T22:17:11.669Z |
| CVE-2026-20742 |
8 (3.1)
|
Copeland XWEB and XWEB Pro OS Command Injection |
Copeland |
Copeland XWEB 300D PRO |
2026-02-27T00:42:12.910Z | 2026-02-27T00:42:12.910Z |
| CVE-2026-20902 |
8 (3.1)
|
Copeland XWEB and XWEB Pro OS Command Injection |
Copeland |
Copeland XWEB 300D PRO |
2026-02-27T00:49:44.858Z | 2026-02-27T00:49:44.858Z |
| CVE-2026-20910 |
8 (3.1)
|
Copeland XWEB and XWEB Pro OS Command Injection |
Copeland |
Copeland XWEB 300D PRO |
2026-02-27T00:46:14.644Z | 2026-02-27T00:46:14.644Z |
| CVE-2026-21389 |
8 (3.1)
|
Copeland XWEB and XWEB Pro OS Command Injection |
Copeland |
Copeland XWEB 300D PRO |
2026-02-27T00:38:51.109Z | 2026-02-27T00:38:51.109Z |
| CVE-2026-21718 |
10 (3.1)
|
Copeland XWEB and XWEB Pro Use of a Broken or Risky Cr… |
Copeland |
Copeland XWEB 300D PRO |
2026-02-27T00:34:55.895Z | 2026-02-27T00:34:55.895Z |
| CVE-2026-20764 |
8 (3.1)
|
Copeland XWEB and XWEB Pro OS Command Injection |
Copeland |
Copeland XWEB 300D PRO |
2026-02-27T00:56:47.460Z | 2026-02-27T00:56:47.460Z |
| CVE-2026-20797 |
4.3 (3.1)
|
Copeland XWEB and XWEB Pro Stack-based Buffer Overflow |
Copeland |
Copeland XWEB 300D PRO |
2026-02-27T01:03:18.783Z | 2026-02-27T01:03:18.783Z |
| CVE-2026-22877 |
3.7 (3.1)
|
Copeland XWEB and XWEB Pro Path Traversal |
Copeland |
Copeland XWEB 300D PRO |
2026-02-27T01:01:25.949Z | 2026-02-27T01:07:24.994Z |
| CVE-2026-23702 |
8 (3.1)
|
Copeland XWEB and XWEB Pro OS Command Injection |
Copeland |
Copeland XWEB 300D PRO |
2026-02-27T00:54:21.133Z | 2026-02-27T00:54:21.133Z |
| CVE-2026-24452 |
8 (3.1)
|
Copeland XWEB and XWEB Pro OS Command Injection |
Copeland |
Copeland XWEB 300D PRO |
2026-02-27T00:53:22.352Z | 2026-02-27T00:53:22.352Z |
| CVE-2026-25037 |
8 (3.1)
|
Copeland XWEB and XWEB Pro OS Command Injection |
Copeland |
Copeland XWEB 300D PRO |
2026-02-27T00:59:14.738Z | 2026-02-27T00:59:14.738Z |
| CVE-2026-25105 |
8 (3.1)
|
Copeland XWEB and XWEB Pro OS Command Injection |
Copeland |
Copeland XWEB 300D PRO |
2026-02-27T00:52:21.154Z | 2026-02-27T00:52:21.154Z |
| CVE-2026-25196 |
8 (3.1)
|
Copeland XWEB and XWEB Pro OS Command Injection |
Copeland |
Copeland XWEB 300D PRO |
2026-02-27T00:58:08.674Z | 2026-02-27T00:58:08.674Z |
| CVE-2026-25721 |
8 (3.1)
|
Copeland XWEB and XWEB Pro OS Command Injection |
Copeland |
Copeland XWEB 300D PRO |
2026-02-27T00:55:28.813Z | 2026-02-27T00:55:28.813Z |
| CVE-2026-28416 |
8.2 (3.1)
|
Gradio has SSRF via Malicious `proxy_url` Injection in… |
gradio-app |
gradio |
2026-02-27T21:47:04.975Z | 2026-02-27T21:47:04.975Z |
| CVE-2026-28415 |
4.3 (3.1)
|
Gradio has Open Redirect in OAuth Flow |
gradio-app |
gradio |
2026-02-27T21:44:51.956Z | 2026-02-27T21:44:51.956Z |
| CVE-2026-28414 |
7.5 (3.1)
|
Gradio has Absolute Path Traversal on Windows with Pyt… |
gradio-app |
gradio |
2026-02-27T21:43:28.453Z | 2026-02-27T21:43:28.453Z |
| CVE-2026-28411 |
9.8 (3.1)
|
WeGIA Vulnerable to Authentication Bypass via `extract… |
LabRedesCefetRJ |
WeGIA |
2026-02-27T21:52:05.032Z | 2026-02-27T21:52:05.032Z |
| CVE-2026-28409 |
10 (3.1)
|
WeGIA Vulnerable to Remote Code Execution (RCE) via OS… |
LabRedesCefetRJ |
WeGIA |
2026-02-27T21:50:21.849Z | 2026-02-27T21:50:21.849Z |
| CVE-2026-28408 |
9.8 (3.1)
|
WeGIA lacks authentication verification in adicionar_t… |
LabRedesCefetRJ |
WeGIA |
2026-02-27T21:49:14.747Z | 2026-02-27T21:49:14.747Z |
| CVE-2026-28407 |
6.9 (4.0)
|
malcontent's nested archive extraction failure can dro… |
chainguard-dev |
malcontent |
2026-02-27T21:28:06.258Z | 2026-02-27T21:28:06.258Z |
| CVE-2026-28406 |
8.2 (3.1)
|
kaniko has tar archive path traversal in build context… |
chainguard-forks |
kaniko |
2026-02-27T21:20:52.764Z | 2026-02-27T21:20:52.764Z |
| CVE-2026-28402 |
7.1 (3.1)
|
nimiq/core-rs-albatross's nimiq-blockchain missing pro… |
nimiq |
core-rs-albatross |
2026-02-27T21:08:53.573Z | 2026-02-27T21:08:53.573Z |
| CVE-2026-28400 |
7.6 (3.1)
|
Docker Model Runner Unauthenticated Runtime Flag Injec… |
docker |
model-runner |
2026-02-27T21:06:12.418Z | 2026-02-27T21:06:12.418Z |
| CVE-2026-27939 |
8.8 (3.1)
|
Statamic allows Authenticated Control Panel users to e… |
statamic |
cms |
2026-02-27T21:34:39.107Z | 2026-02-27T21:34:39.107Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-28426 | Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 a… | 2026-02-27T23:16:05.780 | 2026-02-27T23:16:05.780 |
| fkie_cve-2026-28425 | Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 a… | 2026-02-27T23:16:05.607 | 2026-02-27T23:16:05.607 |
| fkie_cve-2026-28424 | Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 a… | 2026-02-27T23:16:05.447 | 2026-02-27T23:16:05.447 |
| fkie_cve-2026-28423 | Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 a… | 2026-02-27T23:16:05.283 | 2026-02-27T23:16:05.283 |
| fkie_cve-2026-27759 | Featured Image from Content (featured-image-from-content) WordPress plugin versions prior to 1.7 co… | 2026-02-27T23:16:04.187 | 2026-02-27T23:16:04.187 |
| fkie_cve-2026-20742 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an a… | 2026-02-27T01:16:17.317 | 2026-02-27T23:13:46.087 |
| fkie_cve-2026-20902 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an … | 2026-02-27T01:16:17.520 | 2026-02-27T23:13:13.603 |
| fkie_cve-2026-20910 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an au… | 2026-02-27T01:16:17.707 | 2026-02-27T23:12:37.947 |
| fkie_cve-2026-21389 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an au… | 2026-02-27T01:16:17.890 | 2026-02-27T23:12:14.313 |
| fkie_cve-2026-21718 | An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, enabl… | 2026-02-27T01:16:18.073 | 2026-02-27T23:11:48.947 |
| fkie_cve-2026-20764 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an au… | 2026-02-27T02:16:18.140 | 2026-02-27T23:11:05.393 |
| fkie_cve-2026-20797 | A stack based buffer overflow exists in an API route of XWEB Pro version 1.12.1 and prior, enablin… | 2026-02-27T02:16:18.343 | 2026-02-27T23:10:35.547 |
| fkie_cve-2026-22877 | An arbitrary file-read vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling unauthe… | 2026-02-27T02:16:18.507 | 2026-02-27T23:09:41.677 |
| fkie_cve-2026-23702 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an au… | 2026-02-27T02:16:18.700 | 2026-02-27T23:08:42.743 |
| fkie_cve-2026-24452 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an a… | 2026-02-27T02:16:18.897 | 2026-02-27T23:08:17.530 |
| fkie_cve-2026-25037 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an a… | 2026-02-27T02:16:19.603 | 2026-02-27T23:07:40.717 |
| fkie_cve-2026-25105 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling a… | 2026-02-27T02:16:19.800 | 2026-02-27T23:07:06.143 |
| fkie_cve-2026-25196 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an au… | 2026-02-27T02:16:20.000 | 2026-02-27T23:06:36.453 |
| fkie_cve-2026-25721 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an au… | 2026-02-27T02:16:20.170 | 2026-02-27T23:06:02.867 |
| fkie_cve-2026-28416 | Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a S… | 2026-02-27T22:16:24.667 | 2026-02-27T22:16:24.667 |
| fkie_cve-2026-28415 | Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the… | 2026-02-27T22:16:24.497 | 2026-02-27T22:16:24.497 |
| fkie_cve-2026-28414 | Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradi… | 2026-02-27T22:16:24.330 | 2026-02-27T22:16:24.330 |
| fkie_cve-2026-28411 | WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an unsafe use of the `e… | 2026-02-27T22:16:24.170 | 2026-02-27T22:16:24.170 |
| fkie_cve-2026-28409 | WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, a critical Remote Code … | 2026-02-27T22:16:24.010 | 2026-02-27T22:16:24.010 |
| fkie_cve-2026-28408 | WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionar… | 2026-02-27T22:16:23.847 | 2026-02-27T22:16:23.847 |
| fkie_cve-2026-28407 | malcontent is software for discovering supply-chain compromises through context, differential analy… | 2026-02-27T22:16:23.680 | 2026-02-27T22:16:23.680 |
| fkie_cve-2026-28406 | kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes clus… | 2026-02-27T22:16:23.513 | 2026-02-27T22:16:23.513 |
| fkie_cve-2026-28402 | nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the … | 2026-02-27T22:16:23.343 | 2026-02-27T22:16:23.343 |
| fkie_cve-2026-28400 | Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Versi… | 2026-02-27T22:16:23.160 | 2026-02-27T22:16:23.160 |
| fkie_cve-2026-27939 | Statmatic is a Laravel and Git powered content management system (CMS). Starting in version 6.0.0 a… | 2026-02-27T22:16:22.993 | 2026-02-27T22:16:22.993 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-rw9x-pxqx-q789 |
8.8 (3.1)
|
Statamic allows Authenticated Control Panel users to escalate privileges via elevated session bypass | 2026-02-27T21:35:00Z | 2026-02-27T21:35:00Z |
| ghsa-7777-fhq9-592v |
2.1 (4.0)
|
ZITADEL has potential SSRF via Actions | 2026-02-27T21:33:54Z | 2026-02-27T21:33:54Z |
| ghsa-9m8f-2x73-hmhp |
4.3 (3.1)
5.1 (4.0)
|
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a cross-site request forgery vul… | 2026-02-27T21:31:22Z | 2026-02-27T21:31:22Z |
| ghsa-5cgj-fvvm-2jc2 |
2.7 (3.1)
|
Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an acto… | 2026-02-27T21:31:22Z | 2026-02-27T21:31:22Z |
| ghsa-4gmm-r9mc-3p3g |
7.1 (3.1)
7.1 (4.0)
|
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain an authentication vulnerability … | 2026-02-27T21:31:22Z | 2026-02-27T21:31:22Z |
| ghsa-x27g-4qrq-h538 |
6.5 (3.1)
6.9 (4.0)
|
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 use the cryptographically broken MD5 has… | 2026-02-27T21:31:21Z | 2026-02-27T21:31:21Z |
| ghsa-rv67-6qhq-rp2p |
5.4 (3.1)
5.1 (4.0)
|
PluXml CMS is vulnerable to Stored XSS in file uploading functionality. An authenticated attacker c… | 2026-02-27T12:31:25Z | 2026-02-27T21:31:21Z |
| ghsa-rpp6-x48q-7fq5 |
7.5 (3.1)
|
Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buffer overflow in the … | 2026-02-27T00:31:46Z | 2026-02-27T21:31:21Z |
| ghsa-prr9-fcgf-vpxx |
8.2 (3.1)
|
Apache::SessionX versions through 2.01 for Perl create insecure session id. Apache::SessionX gener… | 2026-02-27T00:31:45Z | 2026-02-27T21:31:21Z |
| ghsa-pq7v-9vmm-7jw6 |
9.8 (3.1)
4.8 (4.0)
|
PluXml CMS allows a user's session identifier to be set before authentication. The value of this se… | 2026-02-27T12:31:25Z | 2026-02-27T21:31:21Z |
| ghsa-pgqj-4vx9-9f56 |
9.8 (3.1)
9.3 (4.0)
|
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier genera… | 2026-02-27T21:31:21Z | 2026-02-27T21:31:21Z |
| ghsa-mpqv-244m-cf9r |
9.8 (3.1)
9.3 (4.0)
|
OpenViking through version 0.1.18, prior to commit 0251c70, contains a broken access control vulner… | 2026-02-26T21:31:31Z | 2026-02-27T21:31:21Z |
| ghsa-jwfw-xx6c-8gwv |
5.4 (3.1)
5.1 (4.0)
|
PluXml CMS is vulnerable to Stored XSS in Static Pages editing functionality. Attacker with editing… | 2026-02-27T12:31:25Z | 2026-02-27T21:31:21Z |
| ghsa-jm5v-cr99-76mr |
5.0 (3.1)
|
Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an act… | 2026-02-27T21:31:21Z | 2026-02-27T21:31:21Z |
| ghsa-jfrq-hj9f-c8qx |
8.3 (3.1)
|
CleverTap Web SDK version 1.15.2 and earlier is vulnerable to DOM-based Cross-Site Scripting (XSS) … | 2026-02-27T18:31:06Z | 2026-02-27T21:31:21Z |
| ghsa-j682-47rx-fxrp |
7.4 (3.1)
|
telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing s… | 2026-02-27T06:31:28Z | 2026-02-27T21:31:21Z |
| ghsa-j5mf-6rh3-rhgg |
8.3 (3.1)
|
CleverTap Web SDK version 1.15.2 and earlier is vulnerable to Cross-Site Scripting (XSS) via window… | 2026-02-27T18:31:06Z | 2026-02-27T21:31:21Z |
| ghsa-gxmj-pr3w-6wmh |
7.5 (3.1)
8.7 (4.0)
|
SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability caused by PHP type jug… | 2026-02-26T21:31:31Z | 2026-02-27T21:31:21Z |
| ghsa-c2p8-28pf-f3mr |
9.6 (3.1)
6.4 (4.0)
|
Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree Go2 Android applicat… | 2026-02-26T21:31:31Z | 2026-02-27T21:31:21Z |
| ghsa-8m37-836g-p9g7 |
6.1 (3.1)
5.1 (4.0)
|
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a reflected cross-site scripting… | 2026-02-27T21:31:21Z | 2026-02-27T21:31:21Z |
| ghsa-5vcj-3qv7-j6hw |
8.7 (3.1)
|
PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript… | 2026-02-27T18:31:06Z | 2026-02-27T21:31:21Z |
| ghsa-48x6-97gc-jx62 |
8.8 (3.1)
8.7 (4.0)
|
SPIP versions prior to 4.4.10 contain a SQL injection vulnerability that allows authenticated low-p… | 2026-02-26T21:31:31Z | 2026-02-27T21:31:21Z |
| ghsa-r78h-rv66-c9hf |
3.7 (3.1)
6.3 (4.0)
|
VideoLAN VLC for Android prior to version 3.7.0 contain an authentication bypass in the Remote Acce… | 2026-02-26T18:31:41Z | 2026-02-27T21:31:20Z |
| ghsa-jjjp-v7q5-4xgm |
4.9 (3.1)
2.3 (4.0)
|
VideoLAN VLC for Android prior to version 3.7.0 contains a path traversal vulnerability in the Remo… | 2026-02-26T18:31:41Z | 2026-02-27T21:31:20Z |
| ghsa-hcv4-2wj7-9p5g |
8.0 (3.1)
8.5 (4.0)
|
Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU) do not implement DDS authenti… | 2026-02-26T21:31:31Z | 2026-02-27T21:31:20Z |
| ghsa-fv8r-cjf4-v929 |
4.7 (3.1)
|
Information Exposure Vulnerability in Hitachi Ops Center API Configuration Manager, Hitachi Configu… | 2026-02-25T06:31:15Z | 2026-02-27T21:31:20Z |
| ghsa-8fj7-8h3w-xwfm |
7.5 (3.1)
|
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic | 2026-02-26T21:31:31Z | 2026-02-27T21:31:20Z |
| ghsa-7f98-q4h8-rf6r |
6.5 (3.1)
8.3 (4.0)
|
OpenSIPS versions 3.1 before 3.6.4 containing the auth_jwt module (prior to commit 3822d33) contain… | 2026-02-25T18:31:38Z | 2026-02-27T21:31:20Z |
| ghsa-77xw-22r9-95g2 |
6.5 (3.1)
8.7 (4.0)
|
The SPIP interface_traduction_objets plugin versions prior to 4.3.3 contain an authenticated SQL in… | 2026-02-25T06:31:15Z | 2026-02-27T21:31:20Z |
| ghsa-vfwc-g9gj-ppmx |
7.8 (3.1)
8.5 (4.0)
|
CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and lower allow potential unauthorized p… | 2026-02-25T03:30:58Z | 2026-02-27T21:31:19Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2025-13 |
|
An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2… | django | 2025-03-06T19:15:27+00:00 | 2025-04-09T17:27:25.095679+00:00 |
| pysec-2022-43178 |
7.5 (3.1)
|
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the cleo … | cleo | 2022-11-09T20:15:10+00:00 | 2025-04-09T17:27:24.793038+00:00 |
| pysec-2022-43177 |
9.8 (3.1)
|
Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40… | azure-cli | 2022-10-25T17:15:56+00:00 | 2025-04-09T17:27:24.642962+00:00 |
| pysec-2024-244 |
7.5 (3.1)
|
A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a by… | mlflow | 2024-05-16T09:15:14+00:00 | 2025-04-08T10:23:25.092581+00:00 |
| pysec-2024-243 |
9.3 (3.1)
|
mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs… | mlflow | 2024-04-16T00:15:12+00:00 | 2025-04-08T10:23:25.044416+00:00 |
| pysec-2024-242 |
7.5 (3.1)
|
A Local File Inclusion (LFI) vulnerability was identified in mlflow/mlflow, specifically … | mlflow | 2024-06-06T19:15:55+00:00 | 2025-04-08T10:23:24.995743+00:00 |
| pysec-2024-241 |
9.6 (3.1)
|
Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untru… | mlflow | 2024-02-23T22:15:55+00:00 | 2025-04-08T10:23:24.946136+00:00 |
| pysec-2024-240 |
9.6 (3.1)
|
Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This … | mlflow | 2024-02-23T22:15:55+00:00 | 2025-04-08T10:23:24.900947+00:00 |
| pysec-2024-239 |
8.8 (3.1)
|
A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to im… | mlflow | 2024-06-06T19:15:51+00:00 | 2025-04-08T10:23:24.852109+00:00 |
| pysec-2025-12 |
|
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang St… | codechecker | 2025-01-21T15:15:13+00:00 | 2025-04-08T10:23:23.899726+00:00 |
| pysec-2024-238 |
|
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang St… | codechecker | 2024-11-06T15:15:11+00:00 | 2025-04-08T10:23:23.857960+00:00 |
| pysec-2025-11 |
5.9 (3.1)
|
A vulnerability in the `KnowledgeBaseWebReader` class of the run-llama/llama_index reposi… | llama-index | 2025-03-20T10:15:31+00:00 | 2025-04-01T23:22:47.294256+00:00 |
| pysec-2025-10 |
9.1 (3.1)
|
A vulnerability in the `download_model` function of the onnx/onnx framework, before and i… | onnx | 2025-03-20T10:15:37+00:00 | 2025-03-26T19:21:38.843396+00:00 |
| pysec-2025-9 |
|
A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through… | invokeai | 2025-03-20T10:15:26+00:00 | 2025-03-20T11:21:37.872971+00:00 |
| pysec-2025-8 |
|
The `pygments-style-solarized` project was removed from PyPI by its owner on 2021-08-26. … | pygments-style-solarized | 2025-03-17T16:35:37+00:00 | |
| pysec-2024-237 |
9.4 (3.1)
|
OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versio… | octoprint | 2024-05-14T16:17:12+00:00 | 2025-03-05T17:22:29.121263+00:00 |
| pysec-2024-236 |
6.1 (3.1)
|
Jupyter Server Proxy allows users to run arbitrary external processes alongside their not… | jupyter-server-proxy | 2024-06-11T22:15:09+00:00 | 2025-02-26T23:22:41.524251+00:00 |
| pysec-2025-7 |
|
Published in 2021, the imblog package is a Python library that scrapes data from a blog p… | imblog | 2025-02-26T21:19:19+00:00 | |
| pysec-2025-6 |
|
Published in 2021, the colabrun package is a Python library that exfiltrates user cookies… | colabrun | 2025-02-26T20:59:48+00:00 | |
| pysec-2025-5 |
|
Published in 2020, the autodzee package is a Python library that bypasses Deezer API rest… | browsercmdhbt2 | 2025-02-26T20:57:11+00:00 | |
| pysec-2025-3 |
|
Published in 2019, the autodzee package is a Python library that bypasses Deezer API rest… | autodzee | 2025-02-26T20:54:20+00:00 | |
| pysec-2025-4 |
|
Published in 2019, the automslc package is a Python library that bypasses Deezer API rest… | automslc | 2025-02-26T19:26:49+00:00 | |
| pysec-2024-235 |
8.1 (3.1)
|
With the following crawler configuration: ```python from bs4 import BeautifulSoup as Sou… | langchain-exa | 2024-02-26T16:27:49+00:00 | 2025-02-26T02:48:56.937312+00:00 |
| pysec-2023-194 |
9.8 (3.1)
|
langchain_experimental 0.0.14 allows an attacker to bypass the CVE-2023-36258 fix and exe… | langchain-experimental | 2023-10-09T20:15:00Z | 2025-02-23T07:46:11Z |
| pysec-2024-234 |
9.8 (3.1)
|
Jupyter Server Proxy allows users to run arbitrary external processes alongside their Jup… | jupyter-server-proxy | 2024-03-20T20:15:08+00:00 | 2025-02-21T18:23:35.992501+00:00 |
| pysec-2023-163 |
9.8 (3.1)
|
An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary… | numexpr | 2023-09-01T16:15:00Z | 2025-02-20T09:11:38.521949Z |
| pysec-2024-233 |
|
python-jose through 3.3.0 allows attackers to cause a denial of service (resource consump… | python-jose | 2024-04-26T00:15:09+00:00 | 2025-02-18T19:20:15.511369+00:00 |
| pysec-2024-232 |
|
python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key f… | python-jose | 2024-04-26T00:15:09+00:00 | 2025-02-18T19:20:15.468012+00:00 |
| pysec-2024-231 |
8.1 (3.1)
|
LightGBM Remote Code Execution Vulnerability | lightgbm | 2024-11-12T18:15:28+00:00 | 2025-02-15T07:20:34.246161+00:00 |
| pysec-2024-230 |
7.5 (3.1)
|
Certifi is a curated collection of Root Certificates for validating the trustworthiness o… | certifi | 2024-07-05T19:15:10+00:00 | 2025-02-12T21:21:51.559667+00:00 |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33822 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.561810Z |
| gsd-2024-33773 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.560326Z |
| gsd-2024-33769 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.558897Z |
| gsd-2024-33794 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.557396Z |
| gsd-2024-33818 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.556720Z |
| gsd-2024-33793 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.552273Z |
| gsd-2024-33833 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.551960Z |
| gsd-2024-33835 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.550838Z |
| gsd-2024-33744 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.543395Z |
| gsd-2024-33789 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.534336Z |
| gsd-2024-33760 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.533361Z |
| gsd-2024-33702 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.530768Z |
| gsd-2024-33797 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.530297Z |
| gsd-2024-33684 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.529859Z |
| gsd-2024-33827 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.528643Z |
| gsd-2024-33810 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.527741Z |
| gsd-2024-33729 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.527542Z |
| gsd-2024-33807 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.526483Z |
| gsd-2024-33688 | Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes Teluro.This issue affect… | 2024-04-27T05:02:18.524420Z |
| gsd-2024-33685 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.523707Z |
| gsd-2024-33713 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.522989Z |
| gsd-2024-33768 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.521409Z |
| gsd-2024-33720 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.519711Z |
| gsd-2024-33809 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.516352Z |
| gsd-2024-33727 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.514916Z |
| gsd-2024-33770 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.514460Z |
| gsd-2024-33732 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.513959Z |
| gsd-2024-33829 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.511177Z |
| gsd-2024-33714 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.510684Z |
| gsd-2024-33693 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln… | 2024-04-27T05:02:18.509326Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-941 | Malicious code in ether-lint (npm) | 2026-02-12T16:02:40Z | 2026-02-26T01:40:03Z |
| mal-2026-1036 | Malicious code in uitil (PyPI) | 2026-01-16T21:32:25Z | 2026-02-26T00:33:40Z |
| mal-2026-1038 | Malicious code in promanage (npm) | 2026-02-25T22:31:19Z | 2026-02-25T22:31:19Z |
| mal-2026-1043 | Malicious code in uuindex (npm) | 2026-02-25T21:51:09Z | 2026-02-25T21:51:09Z |
| mal-2026-1035 | Malicious code in neural-compressor-jax (PyPI) | 2026-02-25T19:42:30Z | 2026-02-25T19:42:30Z |
| mal-2026-1034 | Malicious code in chai-lite-lib (npm) | 2026-02-25T17:42:40Z | 2026-02-25T17:42:40Z |
| mal-2026-1033 | Malicious code in duer-js (npm) | 2026-02-25T16:53:55Z | 2026-02-25T16:53:56Z |
| mal-2026-978 | Malicious code in microsoft-cms-client (npm) | 2026-02-21T17:38:28Z | 2026-02-25T16:43:01Z |
| mal-2026-1031 | Malicious code in react-svg-helper-fast (npm) | 2026-02-25T16:29:50Z | 2026-02-25T16:29:51Z |
| mal-2026-1030 | Malicious code in chai-as-utils (npm) | 2026-02-25T16:19:24Z | 2026-02-25T16:19:25Z |
| mal-2026-1032 | Malicious code in sample-custom-component (npm) | 2026-02-25T16:13:53Z | 2026-02-25T16:14:27Z |
| mal-2026-1029 | Malicious code in geocommunes-geoportal (PyPI) | 2026-02-25T11:49:41Z | 2026-02-25T11:49:41Z |
| mal-2026-1039 | Malicious code in react-devtools-raycast (npm) | 2026-02-25T04:33:21Z | 2026-02-25T04:33:21Z |
| mal-2026-1037 | Malicious code in get-fonts (npm) | 2026-02-25T04:20:48Z | 2026-02-25T04:20:48Z |
| mal-2026-1042 | Malicious code in trae-browser-inspect (npm) | 2026-02-25T03:30:34Z | 2026-02-25T03:30:34Z |
| mal-2026-1028 | Malicious code in examplereactnative76 (npm) | 2026-02-24T22:45:56Z | 2026-02-24T22:45:56Z |
| mal-2026-1026 | Malicious code in rncalendareventsexample (npm) | 2026-02-24T21:35:58Z | 2026-02-24T21:35:58Z |
| mal-2026-1027 | Malicious code in rtxbbtyols (npm) | 2026-02-24T18:40:07Z | 2026-02-24T18:40:07Z |
| mal-2026-1019 | Malicious code in spark-audit-notify (PyPI) | 2026-02-24T16:18:43Z | 2026-02-24T17:28:41Z |
| mal-2026-1025 | Malicious code in @unitedcapitalfinancialadvisors/finlife-component-library (npm) | 2026-02-24T16:56:49Z | 2026-02-24T16:56:56Z |
| mal-2026-1024 | Malicious code in @protonme/routing (npm) | 2026-02-24T16:56:49Z | 2026-02-24T16:56:49Z |
| mal-2026-1023 | Malicious code in @kiukicom/sidebar (npm) | 2026-02-24T16:56:48Z | 2026-02-24T16:56:49Z |
| mal-2026-1022 | Malicious code in @coinmetro/app (npm) | 2026-02-24T16:56:48Z | 2026-02-24T16:56:49Z |
| mal-2026-1021 | Malicious code in @atg-aml-shared/kyc-domain (npm) | 2026-02-24T16:56:48Z | 2026-02-24T16:56:48Z |
| mal-2026-1020 | Malicious code in @ai-studio-web/app (npm) | 2026-02-24T16:56:48Z | 2026-02-24T16:56:48Z |
| mal-2026-163 | Malicious code in do-not-install-this-package-002 (PyPI) | 2026-01-08T13:35:59Z | 2026-02-24T15:52:32Z |
| mal-2026-1018 | Malicious code in do-not-install-this-package-003 (PyPI) | 2026-02-24T15:18:17Z | 2026-02-24T15:18:17Z |
| mal-2026-1016 | Malicious code in js-multer (npm) | 2026-02-24T15:01:43Z | 2026-02-24T15:01:43Z |
| mal-2026-1014 | Malicious code in chai-iotype (npm) | 2026-02-24T15:01:43Z | 2026-02-24T15:01:43Z |
| mal-2026-1013 | Malicious code in chai-as-pause (npm) | 2026-02-24T14:59:19Z | 2026-02-24T14:59:19Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2024-1418 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2024-06-19T22:00:00.000+00:00 | 2026-02-16T23:00:00.000+00:00 |
| wid-sec-w-2024-1322 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe | 2024-06-09T22:00:00.000+00:00 | 2026-02-16T23:00:00.000+00:00 |
| wid-sec-w-2026-0425 | SmarterTools SmarterMail: Mehrere Schwachstellen | 2026-02-15T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0424 | OpenClaw: Mehrere Schwachstellen | 2026-02-15T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0423 | Gogs: Mehrere Schwachstellen | 2026-02-15T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0422 | Mattermost: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2026-02-15T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0421 | Linux Kernel: Mehrere Schwachstellen | 2026-02-15T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0419 | vim (NetBeans): Schwachstelle ermöglicht Codeausführung | 2026-02-15T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0418 | Google Cloud Platform (Apigee): Schwachstelle ermöglicht Privilegieneskalation | 2026-02-15T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0417 | IBM Sterling Connect:Direct: Schwachstelle ermöglicht Denial of Service | 2026-02-15T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0416 | Keycloak: Schwachstelle ermöglicht Denial of Service | 2026-02-15T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0410 | HAProxy Enterprise, Community und ALOHA (QUIC): Mehrere Schwachstellen ermöglichen Denial of Service | 2026-02-12T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0409 | PostgreSQL: Mehrere Schwachstellen | 2026-02-12T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0355 | PowerDNS Recursor: Mehrere Schwachstellen ermöglichen Denial of Service | 2026-02-09T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0335 | vim: Schwachstelle ermöglicht Codeausführung | 2026-02-05T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0258 | Red Hat Enterprise Linux (iperf3): Schwachstelle ermöglicht Codeausführung | 2026-01-29T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0187 | Red Hat Enterprise Linux (glib): Schwachstelle ermöglicht Denial of Service | 2026-01-21T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0164 | Oracle Java SE: Mehrere Schwachstellen | 2026-01-20T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0148 | ImageMagick: Mehrere Schwachstellen | 2026-01-19T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0119 | Linux Kernel: Mehrere Schwachstellen | 2026-01-14T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0118 | GNU libc: Schwachstelle ermöglicht Codeausführung | 2026-01-14T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0030 | cURL: Mehrere Schwachstellen | 2026-01-06T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2025-2941 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-30T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2025-2928 | GnuPG: Mehrere Schwachstellen | 2025-12-28T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2025-2916 | Net-SNMP: Schwachstelle ermöglicht Codeausführung und DoS | 2025-12-23T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2025-2897 | Apache log4j: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-12-18T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2025-2868 | Linux Kernel: Mehrere Schwachstellen | 2025-12-16T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2025-2765 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-08T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2025-2747 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-04T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2025-2741 | cPython: Schwachstelle ermöglicht Denial of Service | 2025-12-03T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ncsc-2025-0389 | Kwetsbaarheden verholpen in Adobe Experience Manager | 2025-12-10T14:59:57.911864Z | 2025-12-10T14:59:57.911864Z |
| ncsc-2025-0388 | Kwetsbaarheden verholpen in Adobe Acrobat Reader | 2025-12-10T13:35:58.314547Z | 2025-12-10T13:35:58.314547Z |
| ncsc-2025-0387 | Kwetsbaarheden verholpen in Adobe ColdFusion | 2025-12-10T13:34:08.908897Z | 2025-12-10T13:34:08.908897Z |
| ncsc-2025-0385 | Kwetsbaarheden verholpen in Microsoft Exchange | 2025-12-09T18:42:32.332749Z | 2025-12-09T18:42:32.332749Z |
| ncsc-2025-0384 | Kwetsbaarheden verholpen in Microsoft Office | 2025-12-09T18:40:33.839342Z | 2025-12-09T18:40:33.839342Z |
| ncsc-2025-0383 | Kwetsbaarheden verholpen in Microsoft Windows | 2025-12-09T18:39:18.152251Z | 2025-12-09T18:39:18.152251Z |
| ncsc-2025-0382 | Kwetsbaarheden verholpen in Siemens producten | 2025-12-09T13:15:05.391966Z | 2025-12-09T13:15:05.391966Z |
| ncsc-2025-0381 | Kwetsbaarheden verholpen in Splunk Enterprise en Splunk Cloud Platform | 2025-12-08T08:23:21.965599Z | 2025-12-08T08:23:21.965599Z |
| ncsc-2025-0380 | Kwetsbaarheden verholpen in React Server Components | 2025-12-03T20:11:57.728117Z | 2025-12-05T12:13:36.590522Z |
| ncsc-2025-0379 | Kwetsbaarheden verholpen in Google Android en Samsung Mobile | 2025-12-02T13:25:17.745981Z | 2025-12-02T13:25:17.745981Z |
| ncsc-2025-0378 | Kwetsbaarheden verholpen in Mattermost | 2025-11-28T09:53:42.334621Z | 2025-11-28T09:53:42.334621Z |
| ncsc-2025-0377 | Kwetsbaarheden verholpen in GitLab | 2025-11-27T13:35:09.121804Z | 2025-11-27T13:35:09.121804Z |
| ncsc-2025-0376 | Kwetsbaarheden verholpen in SonicWall Email Security appliances | 2025-11-21T16:06:33.949861Z | 2025-11-21T16:06:33.949861Z |
| ncsc-2025-0375 | Kwetsbaarheid verholpen in Progress MOVEit Transfer | 2025-11-21T16:06:14.387571Z | 2025-11-21T16:06:14.387571Z |
| ncsc-2025-0334 | Kwetsbaarheden verholpen in Oracle Fusion Middleware | 2025-10-23T13:42:11.992643Z | 2025-11-21T16:03:18.991100Z |
| ncsc-2025-0374 | Kwetsbaarheden verholpen in Arista EOS | 2025-11-20T11:48:20.126141Z | 2025-11-20T11:48:20.126141Z |
| ncsc-2025-0373 | Kwetsbaarheden verholpen in Fortinet FortiOS | 2025-11-19T08:35:31.999400Z | 2025-11-19T08:35:31.999400Z |
| ncsc-2025-0372 | Kwetsbaarheid verholpen in Fortinet FortiWeb | 2025-11-19T08:34:59.616354Z | 2025-11-19T08:34:59.616354Z |
| ncsc-2025-0371 | Kwetsbaarheden verholpen in Google Chrome | 2025-11-18T09:01:31.984222Z | 2025-11-18T09:01:31.984222Z |
| ncsc-2025-0370 | Kwetsbaarheden verholpen in Cisco Unified Contact Center Express | 2025-11-18T07:04:55.173157Z | 2025-11-18T07:04:55.173157Z |
| ncsc-2025-0369 | Kwetsbaarheden verholpen in IBM AIX | 2025-11-18T07:03:55.766335Z | 2025-11-18T07:03:55.766335Z |
| ncsc-2025-0368 | Kwetsbaarheden verholpen in Zoom Workplace en Zoom Clients | 2025-11-18T07:02:36.696426Z | 2025-11-18T07:02:36.696426Z |
| ncsc-2025-0367 | Kwetsbaarheden verholpen in GitLab | 2025-11-18T07:01:35.502522Z | 2025-11-18T07:01:35.502522Z |
| ncsc-2025-0366 | Kwetsbaarheid verholpen in Fortinet FortiWeb | 2025-11-15T14:57:33.774388Z | 2025-11-15T14:57:33.774388Z |
| ncsc-2025-0365 | Kwetsbaarheden verholpen in Cisco Catalyst Center | 2025-11-14T12:55:27.227262Z | 2025-11-14T12:55:27.227262Z |
| ncsc-2025-0364 | Kwetsbaarheid verholpen in Adobe Photoshop | 2025-11-12T12:17:16.207233Z | 2025-11-12T12:17:16.207233Z |
| ncsc-2025-0363 | Kwetsbaarheden verholpen in Adobe Illustrator | 2025-11-12T11:52:08.634593Z | 2025-11-12T11:56:09.924799Z |
| ncsc-2025-0362 | Kwetsbaarheden verholpen in Microsoft Visual Studio | 2025-11-11T18:35:40.376220Z | 2025-11-11T18:35:40.376220Z |
| ncsc-2025-0361 | Kwetsbaarheid verholpen in Microsoft SQL Server | 2025-11-11T18:34:39.453615Z | 2025-11-11T18:34:39.453615Z |
| ncsc-2025-0360 | Kwetsbaarheden verholpen in Microsoft Dynamics | 2025-11-11T18:33:13.936830Z | 2025-11-11T18:33:13.936830Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-062309 | SSA-062309: Information Disclosure Vulnerability in TeleControl Server Basic V3.1 | 2025-10-14T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-054046 | SSA-054046: Unauthenticated Information Disclosure in Web Server of SIMATIC S7-1500 CPUs | 2024-10-08T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-039007 | SSA-039007: Heap-based Buffer Overflow Vulnerability in User Management Component (UMC) | 2024-09-10T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-517338 | SSA-517338: Multiple Vulnerabilities in SINEC Traffic Analyzer Before V3.0 | 2025-08-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-913875 | SSA-913875: Frame Aggregation and Fragmentation Vulnerabilities in 802.11 | 2021-07-13T00:00:00Z | 2025-04-08T00:00:00Z |
| ssa-817234 | SSA-817234: Multiple Kubernetes Ingress NGINX Controller Vulnerabilities in Insights Hub Private Cloud | 2025-04-08T00:00:00Z | 2025-04-08T00:00:00Z |
| ssa-686975 | SSA-686975: IPU 2022.3 Vulnerabilities in Siemens Industrial Products using Intel CPUs | 2023-02-14T00:00:00Z | 2025-04-08T00:00:00Z |
| ssa-525431 | SSA-525431: Privilege Escalation Vulnerabilities in Siemens License Server Before V4.3 | 2025-04-08T00:00:00Z | 2025-04-08T00:00:00Z |
| ssa-920092 | SSA-920092: Memory Corruption Vulnerability in Simcenter Femap | 2025-03-13T00:00:00Z | 2025-03-13T00:00:00Z |
| ssa-073066 | SSA-073066: Multiple Vulnerabilities in SINEMA Remote Connect Server Before V3.2 SP3 | 2025-03-11T00:00:00Z | 2025-03-11T00:00:00Z |
| ssa-050438 | SSA-050438: Multiple File Parsing Vulnerabilities in Teamcenter Visualization and Tecnomatix Plant Simulation | 2025-03-11T00:00:00Z | 2025-03-11T00:00:00Z |
| ssa-769027 | SSA-769027: Multiple Vulnerabilities fixed in SCALANCE W700 IEEE 802.11ax devices before V3.0.0 | 2025-02-11T00:00:00Z | 2025-02-11T00:00:00Z |
| ssa-404759 | SSA-404759: Information Disclosure Vulnerability in Siveillance Video Camera Drivers | 2025-01-14T00:00:00Z | 2025-01-15T00:00:00Z |
| ssa-773256 | SSA-773256: Impact of Socket.IO CVE-2024-38355 on Siemens Industrial Products | 2024-09-10T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-730482 | SSA-730482: Denial of Service Vulnerability in SIMATIC WinCC | 2024-04-09T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-717113 | SSA-717113: Cross-Site Request Forgery (CSRF) Vulnerability in SIMATIC S7-1200 CPUs before V4.7 | 2025-01-14T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-690517 | SSA-690517: Multiple Vulnerabilities in SCALANCE W-700 IEEE 802.11ax Family | 2024-06-11T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-629254 | SSA-629254: Remote Code Execution Vulnerability in SIMATIC SCADA and PCS 7 systems | 2024-09-10T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-482757 | SSA-482757: Missing Immutable Root of Trust in S7-1500 CPU devices | 2023-01-10T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-446448 | SSA-446448: Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack | 2022-04-12T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-416411 | SSA-416411: Cross-Site Scripting Vulnerability in Industrial Edge Management | 2025-01-14T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-413565 | SSA-413565: Multiple Vulnerabilities in SCALANCE Products | 2022-12-13T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-314390 | SSA-314390: LDAP Injection Vulnerability in Mendix LDAP Module | 2025-01-14T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-915275 | SSA-915275: Multiple Vulnerabilities in SINEC INS Before V1.0 SP2 Update 3 | 2024-11-12T00:00:00Z | 2024-11-12T00:00:00Z |
| ssa-883918 | SSA-883918: Information Disclosure Vulnerability in SIMATIC WinCC | 2024-07-09T00:00:00Z | 2024-11-12T00:00:00Z |
| ssa-654798 | SSA-654798: Incorrect Authorization Vulnerability in SIMATIC CP 1543-1 Devices | 2024-11-12T00:00:00Z | 2024-11-12T00:00:00Z |
| ssa-616032 | SSA-616032: Local Privilege Escalation Vulnerability in Spectrum Power 7 Before V24Q3 | 2024-11-12T00:00:00Z | 2024-11-12T00:00:00Z |
| ssa-454789 | SSA-454789: Deserialization Vulnerability in TeleControl Server Basic V3.1 | 2024-11-12T00:00:00Z | 2024-11-12T00:00:00Z |
| ssa-354112 | SSA-354112: Multiple Vulnerabilities in SCALANCE M-800 Family Before V8.2 | 2024-11-12T00:00:00Z | 2024-11-12T00:00:00Z |
| ssa-351178 | SSA-351178: Multiple Vulnerabilities in Solid Edge Before SE2024 Update 9 | 2024-11-12T00:00:00Z | 2024-11-12T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2026:1506 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update | 2026-01-28T17:34:52+00:00 | 2026-02-17T12:41:21+00:00 |
| rhsa-2026:1504 | Red Hat Security Advisory: satellite/foreman-mcp-server-rhel9 container image available as a Technology Preview | 2026-01-28T17:00:30+00:00 | 2026-02-17T12:41:21+00:00 |
| rhsa-2026:1497 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update | 2026-01-28T15:32:13+00:00 | 2026-02-17T12:41:21+00:00 |
| rhsa-2026:1485 | Red Hat Security Advisory: RHUI 4.11.3 security update - python-urllib3 | 2026-01-28T11:24:11+00:00 | 2026-02-17T12:41:21+00:00 |
| rhsa-2026:1431 | Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.8.2 release | 2026-01-27T20:01:40+00:00 | 2026-02-17T12:41:21+00:00 |
| rhsa-2026:1416 | Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.8.2 release | 2026-01-27T16:53:57+00:00 | 2026-02-17T12:41:20+00:00 |
| rhsa-2026:1344 | Red Hat Security Advisory: grafana security update | 2026-01-27T11:37:52+00:00 | 2026-02-17T12:41:19+00:00 |
| rhsa-2026:1254 | Red Hat Security Advisory: python-urllib3 security update | 2026-01-26T20:52:30+00:00 | 2026-02-17T12:41:19+00:00 |
| rhsa-2026:1249 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update | 2026-01-26T19:58:10+00:00 | 2026-02-17T12:41:19+00:00 |
| rhsa-2026:1241 | Red Hat Security Advisory: resource-agents security update | 2026-01-26T18:01:29+00:00 | 2026-02-17T12:41:19+00:00 |
| rhsa-2026:1240 | Red Hat Security Advisory: fence-agents security update | 2026-01-26T18:30:35+00:00 | 2026-02-17T12:41:19+00:00 |
| rhsa-2026:1239 | Red Hat Security Advisory: fence-agents security update | 2026-01-26T18:09:09+00:00 | 2026-02-17T12:41:19+00:00 |
| rhsa-2026:1226 | Red Hat Security Advisory: python3.12-urllib3 security update | 2026-01-26T15:35:09+00:00 | 2026-02-17T12:41:18+00:00 |
| rhsa-2026:1224 | Red Hat Security Advisory: python3.11-urllib3 security update | 2026-01-26T15:03:40+00:00 | 2026-02-17T12:41:17+00:00 |
| rhsa-2026:1176 | Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.18.1 | 2026-01-26T10:17:05+00:00 | 2026-02-17T12:41:17+00:00 |
| rhsa-2026:1168 | Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.18.1 | 2026-01-26T09:54:57+00:00 | 2026-02-17T12:41:17+00:00 |
| rhsa-2026:1166 | Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.18.1 | 2026-01-26T09:50:40+00:00 | 2026-02-17T12:41:17+00:00 |
| rhsa-2026:1089 | Red Hat Security Advisory: python3.11-urllib3 security update | 2026-01-26T14:11:43+00:00 | 2026-02-17T12:41:17+00:00 |
| rhsa-2026:1088 | Red Hat Security Advisory: python3.12-urllib3 security update | 2026-01-26T14:19:44+00:00 | 2026-02-17T12:41:17+00:00 |
| rhsa-2026:1087 | Red Hat Security Advisory: python-urllib3 security update | 2026-01-26T13:09:48+00:00 | 2026-02-17T12:41:17+00:00 |
| rhsa-2026:1086 | Red Hat Security Advisory: python-urllib3 security update | 2026-01-26T12:44:33+00:00 | 2026-02-17T12:41:16+00:00 |
| rhsa-2026:1042 | Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.18.1 | 2026-01-22T18:14:00+00:00 | 2026-02-17T12:41:16+00:00 |
| rhsa-2026:1041 | Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.18.1 | 2026-01-22T18:11:01+00:00 | 2026-02-17T12:41:15+00:00 |
| rhsa-2026:1038 | Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.18.1 | 2026-01-22T18:00:37+00:00 | 2026-02-17T12:41:15+00:00 |
| rhsa-2026:1018 | Red Hat Security Advisory: Red Hat OpenShift GitOps v1.17.4 security update | 2026-01-22T15:52:24+00:00 | 2026-02-17T12:41:15+00:00 |
| rhsa-2026:1017 | Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.3 security update | 2026-01-22T15:47:03+00:00 | 2026-02-17T12:41:15+00:00 |
| rhsa-2026:0995 | Red Hat Security Advisory: OpenShift Container Platform 4.14.61 packages and security update | 2026-01-30T15:14:34+00:00 | 2026-02-17T12:41:14+00:00 |
| rhsa-2026:0921 | Red Hat Security Advisory: go-toolset:rhel8 security update | 2026-01-21T10:01:30+00:00 | 2026-02-17T12:41:14+00:00 |
| rhsa-2026:0676 | Red Hat Security Advisory: OpenShift Container Platform 4.13.63 packages and security update | 2026-01-22T19:53:23+00:00 | 2026-02-17T12:41:14+00:00 |
| rhsa-2026:0990 | Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.18.1 | 2026-01-22T11:34:41+00:00 | 2026-02-17T12:41:13+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-26-020-02 | Schneider Electric devices using CODESYS Runtime | 2023-07-11T07:15:18.000000Z | 2026-01-20T15:49:51.778731Z |
| icsa-26-020-03 | Rockwell Automation Verve Asset Manager | 2026-01-20T07:00:00.000000Z | 2026-01-20T07:00:00.000000Z |
| va-26-015-01 | NOAA PMEL Live Access Server (LAS) command injection | 2026-01-15T19:59:37Z | 2026-01-15T19:59:37Z |
| icsa-26-015-01 | AVEVA Process Optimization | 2026-01-15T07:00:00.000000Z | 2026-01-15T07:00:00.000000Z |
| icsa-24-135-04 | Mitsubishi Electric Multiple FA Engineering Software Products (Update E) | 2024-05-14T06:00:00.000000Z | 2026-01-15T07:00:00.000000Z |
| icsa-26-015-08 | Siemens Industrial Edge Devices | 2026-01-13T00:00:00.000000Z | 2026-01-14T23:03:52.355094Z |
| icsa-26-015-02 | Festo Firmware | 2022-11-29T11:49:00.000000Z | 2026-01-14T22:46:49.184310Z |
| icsa-26-015-06 | Siemens SINEC Security Monitor | 2025-12-09T00:00:00.000000Z | 2026-01-14T22:35:44.907344Z |
| icsa-26-015-07 | Siemens RUGGEDCOM APE1808 Devices | 2026-01-13T00:00:00.000000Z | 2026-01-14T22:35:44.478578Z |
| icsa-26-015-05 | Siemens RUGGEDCOM ROS | 2025-12-09T00:00:00.000000Z | 2026-01-14T22:35:44.058931Z |
| icsa-26-015-10 | Schneider Electric EcoStruxure Power Build Rapsody | 2026-01-13T08:00:00.000000Z | 2026-01-14T22:35:43.622072Z |
| icsa-26-015-03 | Siemens TeleControl Server Basic | 2026-01-13T00:00:00.000000Z | 2026-01-14T22:32:36.777247Z |
| icsa-25-226-09 | Siemens RUGGEDCOM APE1808 | 2025-08-12T00:00:00.000000Z | 2026-01-14T22:05:42.880807Z |
| icsa-24-354-04 | Siemens User Management Component | 2024-12-16T00:00:00.000000Z | 2026-01-14T22:05:42.437898Z |
| icsa-25-072-09 | Siemens OPC UA | 2025-03-11T00:00:00.000000Z | 2026-01-14T22:05:42.018496Z |
| icsa-25-162-04 | Siemens SCALANCE and RUGGEDCOM | 2025-06-10T00:00:00.000000Z | 2026-01-14T22:05:41.593078Z |
| icsa-25-289-10 | Siemens HyperLynx and Industrial Edge App Publisher | 2025-10-14T00:00:00.000000Z | 2026-01-14T22:05:41.165529Z |
| icsa-25-231-02 | Siemens Mendix SAML Module | 2025-08-14T00:00:00.000000Z | 2026-01-14T22:05:40.193680Z |
| icsa-24-074-05 | Siemens RUGGEDCOM APE1808 | 2024-03-12T00:00:00.000000Z | 2026-01-14T22:00:12.208787Z |
| icsa-24-193-02 | Siemens RUGGEDCOM APE 1808 | 2024-07-09T00:00:00.000000Z | 2026-01-14T22:00:11.677616Z |
| icsa-24-074-11 | Siemens RUGGEDCOM APE1808 with Fortigate NGFW Devices | 2024-03-12T00:00:00.000000Z | 2026-01-14T22:00:10.660779Z |
| icsa-24-193-11 | Siemens RUGGEDCOM APE 1808 | 2024-07-09T00:00:00.000000Z | 2026-01-14T22:00:09.701376Z |
| icsa-26-015-09 | Siemens Industrial Edge Device Kit | 2026-01-13T00:00:00.000000Z | 2026-01-14T21:54:58.722065Z |
| icsa-26-013-03 | YoSmart YoLink Smart Hub | 2026-01-13T07:00:00.000000Z | 2026-01-13T07:00:00.000000Z |
| icsa-26-013-02 | Rockwell Automation FactoryTalk DataMosaix Private Cloud | 2026-01-13T07:00:00.000000Z | 2026-01-13T07:00:00.000000Z |
| icsa-26-013-01 | Rockwell Automation 432ES-IG3 Series A | 2026-01-13T07:00:00.000000Z | 2026-01-13T07:00:00.000000Z |
| icsa-25-212-01 | Güralp Systems FMUS Series and MIN Series Devices (Update B) | 2025-07-31T06:00:00.000000Z | 2026-01-13T07:00:00.000000Z |
| va-26-013-01 | NSecKrnl driver terminates system processes with crafted IOCTL requests | 2026-01-13T00:00:00Z | 2026-01-13T00:00:00Z |
| icsa-25-345-03 | AzeoTech DAQFactory (Update A) | 2025-12-11T07:00:00.000000Z | 2026-01-12T07:00:00.000000Z |
| va-26-008-01 | OPEXUS eCASE | 2026-01-08T16:36:15Z | 2026-01-08T16:36:15Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-ftd-ravpn-geobypass-9h38m37z | Cisco Secure Firewall Threat Defense Software Geolocation Remote Access VPN Bypass Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-ftd-dos-svkhtjgt | Cisco Secure Firewall Threat Defense Software Snort 3 Denial of Service Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-fmc-xss-jtnmcusp | Cisco Secure Firewall Management Center Software Cross-Site Scripting Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-fmc-xpathinj-corthdmb | Cisco Secure Firewall Management Center Software XPATH Injection Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-fmc-radius-rce-tnbkf79 | Cisco Secure Firewall Management Center Software RADIUS Remote Code Execution Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-fmc-html-inj-mqjrzrny | Cisco Secure Firewall Management Center Software HTML Injection Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-fmc-ftd-cmdinj-phe7kmt | Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Command Injection Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-fmc-cmd-inj-hcrlpfyn | Cisco Secure Firewall Management Center Software Command Injection Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-fmc-authz-bypass-m7xhnau | Cisco Secure Firewall Management Center Software Authorization Bypass Vulnerabilities | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asaftd-vpnwebs-dos-hjbhmbsx | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access VPN Web Server Denial of Service Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asaftd-vpn-dos-mfpeka6e | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerabilities | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asaftd-nat-dns-dos-bqhynhtm | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Network Address Translation DNS Inspection Denial of Service Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asaftd-http-file-huyx2jl4 | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Server Denial of Service Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asaftd-dhcp-qj7ngs4n | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software DHCP Denial of Service Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asaftd-cmdinj-vehfezq3 | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asa-ftd-ios-dos-doeshwhy | Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asa-ftd-acl-bypass-mtpze9yh | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Access Control Rules Bypass Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asa-buffer-overflow-pyruhwbc | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Web Services Denial of Service Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-webex-join-ynxfqhk4 | Cisco Webex Meeting Client Join Certificate Validation Vulnerability | 2025-08-06T16:00:00+00:00 | 2025-08-06T16:00:00+00:00 |
| cisco-sa-ise_xss_acc_cont-ysr4ut4u | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities | 2025-08-06T16:00:00+00:00 | 2025-08-06T16:00:00+00:00 |
| cisco-sa-20170629-snmp | SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software | 2017-06-29T16:00:00+00:00 | 2025-07-30T16:27:06+00:00 |
| cisco-sa-ise-unauth-rce-zad2gnj6 | Cisco Identity Services Engine Unauthenticated Remote Code Execution Vulnerabilities | 2025-06-25T16:00:00+00:00 | 2025-07-24T23:30:31+00:00 |
| cisco-sa-piepnm-bsi-25jjqsbb | Cisco Prime Infrastructure and Evolved Programmable Network Manager Blind SQL Injection Vulnerability | 2025-07-16T16:00:00+00:00 | 2025-07-16T16:00:00+00:00 |
| cisco-sa-ise-multi-3vpsxoxo | Cisco Identity Services Engine Authenticated Remote Code Execution and Authorization Bypass Vulnerabilities | 2025-07-16T16:00:00+00:00 | 2025-07-16T16:00:00+00:00 |
| cisco-sa-cuis-ssrf-jsudjev | Cisco Unified Intelligence Center Server-Side Request Forgery Vulnerability | 2025-07-16T16:00:00+00:00 | 2025-07-16T16:00:00+00:00 |
| cisco-sa-cuis-file-upload-uhnetstm | Cisco Unified Intelligence Center Arbitrary File Upload Vulnerability | 2025-07-16T16:00:00+00:00 | 2025-07-16T16:00:00+00:00 |
| cisco-sa-spaces-conn-privesc-kgd2ccdu | Cisco Spaces Connector Privilege Escalation Vulnerability | 2025-07-02T16:00:00+00:00 | 2025-07-02T16:00:00+00:00 |
| cisco-sa-ece-xss-cbtkteyc | Cisco Enterprise Chat and Email Stored Cross-Site Scripting Vulnerability | 2025-07-02T16:00:00+00:00 | 2025-07-02T16:00:00+00:00 |
| cisco-sa-cucm-ssh-m4ubdpe7 | Cisco Unified Communications Manager Static SSH Credentials Vulnerability | 2025-07-02T16:00:00+00:00 | 2025-07-02T16:00:00+00:00 |
| cisco-sa-ise-stored-xss-yff54m73 | Cisco Identity Services Stored Cross-Site Scripting Vulnerability | 2025-05-21T16:00:00+00:00 | 2025-06-30T15:08:59+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-38539 | tracing: Add down_write(trace_event_sem) when adding trace event | 2025-08-02T00:00:00.000Z | 2026-02-24T14:43:24.000Z |
| msrc_cve-2025-38529 | comedi: aio_iiro_16: Fix bit shift out of bounds | 2025-08-02T00:00:00.000Z | 2026-02-24T14:43:18.000Z |
| msrc_cve-2025-38528 | bpf: Reject %p% format string in bprintf-like helpers | 2025-08-02T00:00:00.000Z | 2026-02-24T14:43:11.000Z |
| msrc_cve-2025-38527 | smb: client: fix use-after-free in cifs_oplock_break | 2025-08-02T00:00:00.000Z | 2026-02-24T14:43:04.000Z |
| msrc_cve-2025-38516 | pinctrl: qcom: msm: mark certain pins as invalid for interrupts | 2025-08-02T00:00:00.000Z | 2026-02-24T14:42:58.000Z |
| msrc_cve-2025-38515 | drm/sched: Increment job count before swapping tail spsc queue | 2025-08-02T00:00:00.000Z | 2026-02-24T14:42:51.000Z |
| msrc_cve-2025-38513 | wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() | 2025-08-02T00:00:00.000Z | 2026-02-24T14:42:44.000Z |
| msrc_cve-2025-39923 | dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees | 2025-10-02T00:00:00.000Z | 2026-02-24T14:42:37.000Z |
| msrc_cve-2025-38639 | netfilter: xt_nfacct: don't assume acct name is null-terminated | 2025-08-02T00:00:00.000Z | 2026-02-24T14:42:37.000Z |
| msrc_cve-2025-39853 | i40e: Fix potential invalid access when MAC list is empty | 2025-09-02T00:00:00.000Z | 2026-02-24T14:42:30.000Z |
| msrc_cve-2025-38635 | clk: davinci: Add NULL check in davinci_lpsc_clk_register() | 2025-08-02T00:00:00.000Z | 2026-02-24T14:42:30.000Z |
| msrc_cve-2025-39847 | ppp: fix memory leak in pad_compress_skb | 2025-09-02T00:00:00.000Z | 2026-02-24T14:42:23.000Z |
| msrc_cve-2025-38630 | fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref | 2025-08-02T00:00:00.000Z | 2026-02-24T14:42:23.000Z |
| msrc_cve-2025-39845 | x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() | 2025-09-02T00:00:00.000Z | 2026-02-24T14:42:16.000Z |
| msrc_cve-2025-38502 | bpf: Fix oob access in cgroup local storage | 2025-08-02T00:00:00.000Z | 2026-02-24T14:42:16.000Z |
| msrc_cve-2025-39844 | mm: move page table sync declarations to linux/pgtable.h | 2025-09-02T00:00:00.000Z | 2026-02-24T14:42:08.000Z |
| msrc_cve-2025-38499 | clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns | 2025-08-02T00:00:00.000Z | 2026-02-24T14:42:08.000Z |
| msrc_cve-2025-38495 | HID: core: ensure the allocated report buffer can contain the reserved report ID | 2025-07-02T00:00:00.000Z | 2026-02-24T14:42:00.000Z |
| msrc_cve-2025-39841 | scsi: lpfc: Fix buffer free/clear order in deferred receive path | 2025-09-02T00:00:00.000Z | 2026-02-24T14:41:59.000Z |
| msrc_cve-2025-38488 | smb: client: fix use-after-free in crypt_message when using async crypto | 2025-07-02T00:00:00.000Z | 2026-02-24T14:41:53.000Z |
| msrc_cve-2025-39839 | batman-adv: fix OOB read/write in network-coding decode | 2025-09-02T00:00:00.000Z | 2026-02-24T14:41:52.000Z |
| msrc_cve-2025-40300 | x86/vmscape: Add conditional IBPB mitigation | 2025-09-02T00:00:00.000Z | 2026-02-24T14:41:44.000Z |
| msrc_cve-2025-39913 | tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. | 2025-10-02T00:00:00.000Z | 2026-02-24T14:41:37.000Z |
| msrc_cve-2025-38477 | net/sched: sch_qfq: Fix race condition on qfq_aggregate | 2025-07-02T00:00:00.000Z | 2026-02-24T14:41:37.000Z |
| msrc_cve-2025-39911 | i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path | 2025-10-02T00:00:00.000Z | 2026-02-24T14:41:30.000Z |
| msrc_cve-2025-38412 | platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks | 2025-07-02T00:00:00.000Z | 2026-02-24T14:41:30.000Z |
| msrc_cve-2025-39894 | netfilter: br_netfilter: do not check confirmed bit in br_nf_local_in() after confirm | 2025-10-02T00:00:00.000Z | 2026-02-24T14:41:23.000Z |
| msrc_cve-2025-38410 | drm/msm: Fix a fence leak in submit error path | 2025-07-02T00:00:00.000Z | 2026-02-24T14:41:23.000Z |
| msrc_cve-2025-39883 | mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory | 2025-09-02T00:00:00.000Z | 2026-02-24T14:41:16.000Z |
| msrc_cve-2025-38403 | vsock/vmci: Clear the vmci transport packet properly when initializing it | 2025-07-02T00:00:00.000Z | 2026-02-24T14:41:16.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201001-0692 | The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on… | 2025-12-22T23:33:45.162000Z |
| var-201410-1144 | Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0… | 2025-12-22T23:33:44.307000Z |
| var-200809-0182 | ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attack… | 2025-12-22T23:33:41.897000Z |
| var-201806-1437 | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari be… | 2025-12-22T23:33:41.467000Z |
| var-201006-1240 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 throug… | 2025-12-22T23:33:35.537000Z |
| var-201703-0328 | The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0… | 2025-12-22T23:32:53.965000Z |
| var-201905-0095 | A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execut… | 2025-12-22T23:32:53.178000Z |
| var-201211-0319 | Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote … | 2025-12-22T23:32:50.508000Z |
| var-202002-1478 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2025-12-22T23:32:50.434000Z |
| var-201702-0868 | An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari … | 2025-12-22T23:31:12.205000Z |
| var-200806-0425 | Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac O… | 2025-12-22T23:31:11.969000Z |
| var-201304-0379 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java … | 2025-12-22T23:31:11.435000Z |
| var-201912-0610 | A memory corruption issue was addressed by removing the vulnerable code. This issue is fi… | 2025-12-22T23:31:11.351000Z |
| var-201205-0297 | The Linux kernel before 3.3.1, when KVM is used, allows guest OS users to cause a denial … | 2025-12-22T23:31:11.075000Z |
| var-202105-0257 | An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and… | 2025-12-22T23:30:32.809000Z |
| var-200611-0487 | com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions,… | 2025-12-22T23:30:31.842000Z |
| var-202206-1106 | Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an… | 2025-12-22T23:30:31.306000Z |
| var-200704-0226 | Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properl… | 2025-12-22T23:30:24.327000Z |
| var-201904-1460 | A cross-site scripting issue existed in Safari. This issue was addressed with improved UR… | 2025-12-22T23:30:10.190000Z |
| var-200704-0219 | The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the software update windo… | 2025-12-22T23:30:08.645000Z |
| var-202105-1311 | A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in … | 2025-12-22T23:30:08.009000Z |
| var-201310-0353 | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, a… | 2025-12-22T23:29:53.196000Z |
| var-200505-0310 | The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse … | 2025-12-22T23:28:18.822000Z |
| var-201904-1405 | A consistency issue existed in the handling of application snapshots. The issue was addre… | 2025-12-22T23:28:11.093000Z |
| var-202002-1182 | A logic issue was addressed with improved state management. This issue is fixed in iOS 13… | 2025-12-22T23:28:09.983000Z |
| var-201912-1851 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2025-12-22T23:27:26.859000Z |
| var-201412-0613 | Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers … | 2025-12-22T23:26:55.953000Z |
| var-200210-0102 | Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a deni… | 2025-12-22T23:25:54.843000Z |
| var-201206-0058 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java … | 2025-12-22T23:25:24.235000Z |
| var-200704-0213 | load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environme… | 2025-12-22T23:25:23.632000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-014793 | NIHON KOHDEN Central Monitor CNS-6201 vulnerable to NULL pointer dereference | 2025-10-01T11:35+09:00 | 2025-10-27T12:28+09:00 |
| jvndb-2025-000093 | Multiple stored cross-site scripting vulnerabilities in Pleasanter | 2025-10-24T15:11+09:00 | 2025-10-24T15:11+09:00 |
| jvndb-2025-000084 | GROWI vulnerable to cross-site scripting | 2025-10-22T15:44+09:00 | 2025-10-22T15:44+09:00 |
| jvndb-2025-000090 | Multiple stored cross-site scripting vulnerabilities in Movable Type | 2025-10-22T13:54+09:00 | 2025-10-22T13:54+09:00 |
| jvndb-2025-000088 | Lanscope Endpoint Manager (On-Premises) vulnerable to improper verification of source of a communication channel | 2025-10-20T16:17+09:00 | 2025-10-22T10:06+09:00 |
| jvndb-2025-000092 | ETERNUS SF vulnerable to incorrect default permissions | 2025-10-20T14:20+09:00 | 2025-10-20T14:20+09:00 |
| jvndb-2025-000089 | Installer of AutoDownloader may insecurely load Dynamic Link Libraries | 2025-10-17T13:38+09:00 | 2025-10-17T13:38+09:00 |
| jvndb-2025-000074 | Multiple vulnerabilities in desknet's NEO | 2025-10-16T17:30+09:00 | 2025-10-16T17:30+09:00 |
| jvndb-2025-000076 | Multiple vulnerabilities in ChatLuck | 2025-10-16T17:17+09:00 | 2025-10-16T17:17+09:00 |
| jvndb-2025-000087 | Ruijie Networks RG-EST300 undocumented SSH functionality | 2025-10-16T14:19+09:00 | 2025-10-16T14:19+09:00 |
| jvndb-2025-016124 | Buffalo Wi-Fi router WXR9300BE6P series vulnerable to path traversal | 2025-10-16T11:16+09:00 | 2025-10-16T11:16+09:00 |
| jvndb-2025-000085 | Multiple RSUPPORT products may insecurely load Dynamic Link Libraries | 2025-10-15T15:55+09:00 | 2025-10-15T15:55+09:00 |
| jvndb-2025-000086 | Phoenix Contact CHARX SEC-3xxx vulnerable to code injection | 2025-10-15T15:54+09:00 | 2025-10-15T15:54+09:00 |
| jvndb-2025-000083 | BUFFALO NAS Navigator2 registers a Windows service with an unquoted file path | 2025-10-10T13:56+09:00 | 2025-10-10T13:56+09:00 |
| jvndb-2025-015451 | Multiple vulnerabilities in FUJI Electric V-SFT | 2025-10-09T13:39+09:00 | 2025-10-09T13:39+09:00 |
| jvndb-2025-000081 | DataSpider Servista improper restriction of XML external entity references | 2025-09-29T14:44+09:00 | 2025-10-07T16:54+09:00 |
| jvndb-2025-000082 | The installers of DENSO TEN drive recorder viewer may insecurely load Dynamic Link Libraries | 2025-10-06T15:38+09:00 | 2025-10-06T15:38+09:00 |
| jvndb-2025-015061 | Trend Micro Antivirus for Mac vulnerable to Local Privilege Escalation | 2025-10-06T13:52+09:00 | 2025-10-06T13:52+09:00 |
| jvndb-2025-000044 | Denial-of-service (DoS) vulnerabilities in multiple Apache products | 2025-06-26T14:41+09:00 | 2025-10-01T14:18+09:00 |
| jvndb-2025-014642 | Multiple vulnerabilities in Canon Printer Drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers | 2025-09-30T11:50+09:00 | 2025-09-30T11:50+09:00 |
| jvndb-2025-000066 | Improper file access permission settings in multiple i-FILTER products | 2025-08-27T19:50+09:00 | 2025-09-29T13:45+09:00 |
| jvndb-2025-000077 | RICOH Streamline NX vulnerable to tampering with operation history | 2025-09-08T13:42+09:00 | 2025-09-24T16:53+09:00 |
| jvndb-2025-007519 | Multiple vulnerabilities in multiple BROTHER products | 2025-06-26T18:15+09:00 | 2025-09-22T10:16+09:00 |
| jvndb-2025-014105 | OMRON SOCIAL SOLUTIONS Uninterruptible Power Supply (UPS) management application registers a Windows service with an unquoted file path | 2025-09-19T16:21+09:00 | 2025-09-19T16:21+09:00 |
| jvndb-2025-014104 | Multiple vulnerabilities in I-O DATA wireless LAN routers | 2025-09-19T14:58+09:00 | 2025-09-19T14:58+09:00 |
| jvndb-2025-014081 | Multiple Brother and its OEM products with weak initial administrator passwords | 2025-09-19T10:52+09:00 | 2025-09-19T10:52+09:00 |
| jvndb-2025-000079 | UNIVERGE IX/IX-R/IX-V series routers provided by NEC Corporation vulnerable to cross-site scripting | 2025-09-18T17:43+09:00 | 2025-09-18T17:43+09:00 |
| jvndb-2025-000078 | Century HW RAID Manager registers a Windows service with an unquoted file path | 2025-09-17T13:45+09:00 | 2025-09-17T13:45+09:00 |
| jvndb-2025-000048 | WTW-EAGLE App vulnerable to improper server certificate validation | 2025-09-12T13:57+09:00 | 2025-09-12T13:57+09:00 |
| jvndb-2025-000070 | "Gunosy" App vulnerable to insertion of sensitive information into sent data | 2025-09-02T14:20+09:00 | 2025-09-09T09:51+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2026:0420-1 | Security update for python-pip | 2026-02-10T14:18:13Z | 2026-02-10T14:18:13Z |
| suse-su-2026:0419-1 | Security update for libsoup2 | 2026-02-10T14:15:53Z | 2026-02-10T14:15:53Z |
| suse-su-2026:0418-1 | Security update for libsoup2 | 2026-02-10T14:15:42Z | 2026-02-10T14:15:42Z |
| suse-su-2026:0417-1 | Security update for freerdp | 2026-02-10T14:14:15Z | 2026-02-10T14:14:15Z |
| suse-su-2026:0415-1 | Security update for java-17-openjdk | 2026-02-10T08:35:23Z | 2026-02-10T08:35:23Z |
| suse-su-2026:0414-1 | Security update for java-11-openjdk | 2026-02-10T08:33:15Z | 2026-02-10T08:33:15Z |
| suse-su-2026:0412-1 | Security update for abseil-cpp | 2026-02-10T06:43:35Z | 2026-02-10T06:43:35Z |
| suse-su-2026:0411-1 | Security update for the Linux Kernel | 2026-02-09T14:51:43Z | 2026-02-09T14:51:43Z |
| suse-su-2026:0399-1 | Security update for kubernetes-old | 2026-02-06T12:06:39Z | 2026-02-06T12:06:39Z |
| suse-su-2026:0397-1 | Security update for cockpit-machines | 2026-02-06T08:02:32Z | 2026-02-06T08:02:32Z |
| suse-su-2026:0396-1 | Security update for cockpit-machines | 2026-02-06T08:02:20Z | 2026-02-06T08:02:20Z |
| suse-su-2026:0395-1 | Security update for sqlite3 | 2026-02-06T08:02:10Z | 2026-02-06T08:02:10Z |
| suse-su-2026:0385-1 | Security update for the Linux Kernel | 2026-02-04T12:55:07Z | 2026-02-04T12:55:07Z |
| suse-su-2026:0384-1 | Security update for ImageMagick | 2026-02-04T12:46:45Z | 2026-02-04T12:46:45Z |
| suse-su-2026:0383-1 | Security update for rekor | 2026-02-04T12:46:28Z | 2026-02-04T12:46:28Z |
| suse-su-2026:0382-1 | Security update for java-1_8_0-ibm | 2026-02-04T12:45:58Z | 2026-02-04T12:45:58Z |
| suse-su-2026:0381-1 | Security update for abseil-cpp | 2026-02-04T09:34:53Z | 2026-02-04T09:34:53Z |
| suse-su-2026:0379-1 | Security update for cockpit-podman | 2026-02-04T07:38:28Z | 2026-02-04T07:38:28Z |
| suse-su-2026:0378-1 | Security update for gpg2 | 2026-02-04T07:38:13Z | 2026-02-04T07:38:13Z |
| suse-su-2026:0377-1 | Security update for libheif | 2026-02-04T07:37:59Z | 2026-02-04T07:37:59Z |
| suse-su-2026:0375-1 | Security update for libvirt | 2026-02-04T07:37:40Z | 2026-02-04T07:37:40Z |
| suse-su-2026:0374-1 | Security update for protobuf | 2026-02-04T07:03:36Z | 2026-02-04T07:03:36Z |
| suse-su-2026:0373-1 | Security update for glib2 | 2026-02-04T02:50:42Z | 2026-02-04T02:50:42Z |
| suse-su-2026:0372-1 | Security update for glib2 | 2026-02-04T01:43:44Z | 2026-02-04T01:43:44Z |
| suse-su-2026:0371-1 | Security update for glibc | 2026-02-03T18:08:50Z | 2026-02-03T18:08:50Z |
| suse-su-2026:0369-1 | Security update for the Linux Kernel | 2026-02-03T13:42:47Z | 2026-02-03T13:42:47Z |
| suse-su-2026:0368-1 | Security update for libsodium | 2026-02-03T13:40:57Z | 2026-02-03T13:40:57Z |
| suse-su-2026:0367-1 | Security update for python-urllib3 | 2026-02-03T13:09:47Z | 2026-02-03T13:09:47Z |
| suse-su-2026:0366-1 | Security update for util-linux | 2026-02-03T12:53:11Z | 2026-02-03T12:53:11Z |
| suse-su-2026:0364-1 | Security update for libpng16 | 2026-02-03T09:50:54Z | 2026-02-03T09:50:54Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2026:20140-1 | Security update for alloy | 2026-01-30T14:38:31Z | 2026-01-30T14:38:31Z |
| opensuse-su-2026:20141-1 | Security update for udisks2 | 2026-01-30T14:30:57Z | 2026-01-30T14:30:57Z |
| opensuse-su-2026:20142-1 | Security update for libsoup | 2026-01-30T14:27:58Z | 2026-01-30T14:27:58Z |
| opensuse-su-2026:20139-1 | Security update for unbound | 2026-01-30T10:05:07Z | 2026-01-30T10:05:07Z |
| opensuse-su-2026:20138-1 | Security update for jasper | 2026-01-30T09:59:14Z | 2026-01-30T09:59:14Z |
| opensuse-su-2026:10127-1 | rekor-1.5.0-1.1 on GA media | 2026-01-30T00:00:00Z | 2026-01-30T00:00:00Z |
| opensuse-su-2026:10126-1 | python315-3.15.0~a3-3.1 on GA media | 2026-01-30T00:00:00Z | 2026-01-30T00:00:00Z |
| opensuse-su-2026:10125-1 | python311-django-storages-1.14.6-1.1 on GA media | 2026-01-30T00:00:00Z | 2026-01-30T00:00:00Z |
| opensuse-su-2026:10124-1 | golang-github-prometheus-prometheus-3.9.1-2.1 on GA media | 2026-01-30T00:00:00Z | 2026-01-30T00:00:00Z |
| opensuse-su-2026:10123-1 | freerdp-3.21.0-2.1 on GA media | 2026-01-30T00:00:00Z | 2026-01-30T00:00:00Z |
| opensuse-su-2026:10122-1 | fontforge-20251009-4.1 on GA media | 2026-01-30T00:00:00Z | 2026-01-30T00:00:00Z |
| opensuse-su-2026:10121-1 | chromedriver-144.0.7559.109-1.1 on GA media | 2026-01-30T00:00:00Z | 2026-01-30T00:00:00Z |
| opensuse-su-2026:10120-1 | MozillaFirefox-147.0.2-1.1 on GA media | 2026-01-30T00:00:00Z | 2026-01-30T00:00:00Z |
| opensuse-su-2026:10119-1 | ImageMagick-7.1.2.13-2.1 on GA media | 2026-01-30T00:00:00Z | 2026-01-30T00:00:00Z |
| opensuse-su-2026:20134-1 | Security update for java-17-openjdk | 2026-01-29T17:44:57Z | 2026-01-29T17:44:57Z |
| opensuse-su-2026:20133-1 | Security update for glibc | 2026-01-29T17:44:57Z | 2026-01-29T17:44:57Z |
| opensuse-su-2026:20137-1 | Security update for openvpn | 2026-01-29T16:14:38Z | 2026-01-29T16:14:38Z |
| opensuse-su-2026:20136-1 | Security update for gpg2 | 2026-01-29T16:14:38Z | 2026-01-29T16:14:38Z |
| opensuse-su-2026:20132-1 | Security update for elemental-register, elemental-toolkit | 2026-01-29T15:32:26Z | 2026-01-29T15:32:26Z |
| opensuse-su-2026:20127-1 | Security update for python-urllib3 | 2026-01-29T14:48:50Z | 2026-01-29T14:48:50Z |
| opensuse-su-2026:20131-1 | Security update for postgresql17 and postgresql18 | 2026-01-29T13:21:20Z | 2026-01-29T13:21:20Z |
| opensuse-su-2026:20130-1 | Security update for postgresql16 | 2026-01-29T10:55:17Z | 2026-01-29T10:55:17Z |
| opensuse-su-2026:10118-1 | xen-4.21.0_04-1.1 on GA media | 2026-01-29T00:00:00Z | 2026-01-29T00:00:00Z |
| opensuse-su-2026:10117-1 | python314-3.14.2-2.1 on GA media | 2026-01-29T00:00:00Z | 2026-01-29T00:00:00Z |
| opensuse-su-2026:10116-1 | python311-pypdf-6.6.2-1.1 on GA media | 2026-01-29T00:00:00Z | 2026-01-29T00:00:00Z |
| opensuse-su-2026:10115-1 | python311-djangorestframework-3.16.1-2.1 on GA media | 2026-01-29T00:00:00Z | 2026-01-29T00:00:00Z |
| opensuse-su-2026:10114-1 | logback-1.2.13-2.1 on GA media | 2026-01-29T00:00:00Z | 2026-01-29T00:00:00Z |
| opensuse-su-2026:10113-1 | icinga2-2.15.2-1.1 on GA media | 2026-01-29T00:00:00Z | 2026-01-29T00:00:00Z |
| opensuse-su-2026:10112-1 | dirmngr-2.5.17-1.1 on GA media | 2026-01-29T00:00:00Z | 2026-01-29T00:00:00Z |
| opensuse-su-2026:10111-1 | gio-branding-upstream-2.86.3-3.1 on GA media | 2026-01-29T00:00:00Z | 2026-01-29T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| sevd-2024-191-03 | EcoStruxure Foxboro SCADA FoxRTU Station | 2024-07-09T00:00:00.000Z | 2024-07-09T00:00:00.000Z |
| sevd-2024-191-02 | EcoStruxureTM Foxboro DCS Core Control Services | 2024-07-09T00:00:00.000Z | 2024-07-09T00:00:00.000Z |
| sevd-2024-191-01 | Wiser Home Controller WHC-5918A | 2024-07-09T00:00:00.000Z | 2024-07-09T00:00:00.000Z |
| sevd-2024-163-05 | SAGE RTU | 2024-06-11T00:00:00.000Z | 2024-07-09T00:00:00.000Z |
| sevd-2024-044-01 | EcoStruxure™ Control Expert, EcoStruxure™ Process Expert and Modicon M340, M580 and M580 Safety PLCs | 2024-02-13T12:41:43.000Z | 2024-07-09T00:00:00.000Z |
| sevd-2024-163-04 | SpaceLogic AS-P and AS-B Automation Servers | 2024-06-11T00:00:00.000Z | 2024-06-11T00:00:00.000Z |
| sevd-2024-163-03 | EVlink Home Smart | 2024-06-11T00:00:00.000Z | 2024-06-11T00:00:00.000Z |
| sevd-2023-101-04 | Easy UPS Online Monitoring Software | 2023-04-11T14:09:13.000Z | 2024-06-11T00:00:00.000Z |
| sevd-2024-100-01 | Easergy Studio | 2024-04-09T00:00:00.000Z | 2024-04-09T00:00:00.000Z |
| sevd-2023-346-01 | Trio™ Licensed and License-free Data Radios | 2023-12-12T00:00:00.000Z | 2024-04-09T00:00:00.000Z |
| sevd-2023-318-03 | Galaxy VS and Galaxy VL | 2023-11-14T08:28:19.000Z | 2024-04-09T00:00:00.000Z |
| sevd-2024-072-01 | Easergy T200 Multiple Vulnerabilities | 2024-03-12T07:02:04.000Z | 2024-03-12T07:02:04.000Z |
| sevd-2024-072-02 | EcoStruxure Power Design - Ecodial | 2024-03-12T05:00:00.000Z | 2024-03-12T05:00:00.000Z |
| sevd-2024-044-03 | EcoStruxure IT Gateway | 2024-02-13T12:21:44.000Z | 2024-02-13T12:21:44.000Z |
| sevd-2024-044-02 | Harmony Relay NFC | 2024-02-13T04:05:07.000Z | 2024-02-13T04:05:07.000Z |
| sevd-2024-009-02 | Easergy Studio | 2024-01-09T14:51:40.000Z | 2024-01-09T14:51:40.000Z |
| sevd-2023-101-01 | CODESYS Runtime Vulnerabilities | 2023-04-11T13:31:49.000Z | 2024-01-09T13:31:00.000Z |
| sevd-2023-101-03 | EcoStruxure™ Control Expert | 2023-04-11T10:14:15.000Z | 2024-01-09T10:14:00.000Z |
| sevd-2019-225-01 | Harmony (formerly known as Magelis) HMI Panels | 2019-08-13T09:59:02.000Z | 2024-01-09T09:59:02.000Z |
| sevd-2023-346-03 | Easy UPS Online Monitoring Software | 2023-12-12T00:00:00.000Z | 2023-12-12T00:00:00.000Z |
| sevd-2023-346-02 | ProLeiT Plant iT/Brewmaxx | 2023-12-12T00:00:00.000Z | 2023-12-12T00:00:00.000Z |
| sevd-2023-318-01 | PowerLogic ION8650, PowerLogic ION8800 | 2023-11-14T00:00:00.000Z | 2023-12-12T00:00:00.000Z |
| sevd-2023-318-02 | EcoStruxure Power Monitoring Expert and EcoStruxure™ Power Operation with Advanced Reporting and Dashboards Module | 2023-11-14T00:00:00.000Z | 2023-11-14T00:00:00.000Z |
| sevd-2023-283-02 | EcoStruxure Power Monitoring Expert and EcoStruxure™ Power | 2023-10-10T12:17:45.000Z | 2023-10-10T12:17:45.000Z |
| sevd-2023-283-01 | SpaceLogic C-Bus Toolkit | 2023-10-10T12:00:34.000Z | 2023-10-10T12:00:34.000Z |
| sevd-2023-255-01 | IGSS (Interactive Graphical SCADA System) | 2023-09-12T10:52:23.000Z | 2023-09-12T10:52:23.000Z |
| sevd-2023-220-01 | Pro-face GP-Pro EX | 2023-08-08T06:32:38.000Z | 2023-08-08T06:32:38.000Z |
| sevd-2023-192-01 | StruxureWare Data Center Expert | 2023-07-11T07:37:38.000Z | 2023-07-11T07:37:38.000Z |
| sevd-2023-192-03 | Accutech Manager | 2023-07-11T06:49:15.000Z | 2023-07-11T06:49:15.000Z |
| sevd-2023-164-03 | Foxboro SCADA | 2023-06-13T12:34:32.000Z | 2023-06-13T12:34:32.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-valkey-2024-46981 | Redis' Lua library commands may lead to remote code execution | 2025-01-08T07:22:30.615Z | 2026-02-11T09:09:18.507Z |
| bit-tomcat-2024-34750 | Apache Tomcat: HTTP/2 excess header handling DoS | 2025-07-29T14:30:29.115Z | 2026-02-11T09:09:18.507Z |
| bit-tomcat-2023-44487 | 2025-07-17T08:09:39.495Z | 2026-02-11T09:09:18.507Z | |
| bit-sqlite-2025-29087 | 2025-04-11T19:26:41.394Z | 2026-02-11T09:09:18.507Z | |
| bit-setuptools-2024-6345 | Remote Code Execution in pypa/setuptools | 2024-08-03T07:36:56.917Z | 2026-02-11T09:09:18.507Z |
| bit-redis-2025-21605 | Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client | 2025-04-25T07:24:43.793Z | 2026-02-11T09:09:18.507Z |
| bit-redis-2024-51741 | Redis allows denial-of-service due to malformed ACL selectors | 2025-01-08T07:20:15.238Z | 2026-02-11T09:09:18.507Z |
| bit-redis-2024-46981 | Redis' Lua library commands may lead to remote code execution | 2025-01-08T07:20:24.318Z | 2026-02-11T09:09:18.507Z |
| bit-python-2025-8194 | Tarfile infinite loop during parsing with negative member offset | 2025-08-11T14:00:02.142Z | 2026-02-11T09:09:18.507Z |
| bit-python-2024-50602 | 2024-12-05T07:15:23.404Z | 2026-02-11T09:09:18.507Z | |
| bit-python-2022-45061 | 2024-10-04T16:38:13.524Z | 2026-02-11T09:09:18.507Z | |
| bit-pillow-2024-28219 | 2024-07-02T07:31:57.223Z | 2026-02-11T09:09:18.507Z | |
| bit-php-2022-4900 | Potential buffer overflow in php_cli_server_startup_workers | 2024-03-06T11:02:23.605Z | 2026-02-11T09:09:18.507Z |
| bit-node-2024-36138 | 2024-09-10T07:13:39.524Z | 2026-02-11T09:09:18.507Z | |
| bit-node-2024-27983 | 2024-06-04T09:49:21.510Z | 2026-02-11T09:09:18.507Z | |
| bit-node-2024-27982 | 2024-06-04T09:49:37.511Z | 2026-02-11T09:09:18.507Z | |
| bit-node-2024-22025 | 2024-06-04T09:49:52.511Z | 2026-02-11T09:09:18.507Z | |
| bit-node-2024-22020 | 2024-07-11T07:28:44.706Z | 2026-02-11T09:09:18.507Z | |
| bit-node-2024-22019 | 2024-05-24T07:26:57.950Z | 2026-02-11T09:09:18.507Z | |
| bit-node-2024-22018 | 2024-07-12T07:29:02.117Z | 2026-02-11T09:09:18.507Z | |
| bit-node-2024-22017 | 2024-11-29T14:03:41.826Z | 2026-02-11T09:09:18.507Z | |
| bit-node-2024-21896 | 2024-06-04T09:50:22.403Z | 2026-02-11T09:09:18.507Z | |
| bit-node-2024-21892 | 2024-05-24T07:27:13.552Z | 2026-02-11T09:09:18.507Z | |
| bit-node-2024-21891 | 2024-06-04T09:50:51.602Z | 2026-02-11T09:09:18.507Z | |
| bit-node-2024-21890 | 2024-06-04T09:51:05.804Z | 2026-02-11T09:09:18.507Z | |
| bit-node-2023-44487 | 2024-03-06T10:58:56.877Z | 2026-02-11T09:09:18.507Z | |
| bit-nginx-2023-44487 | 2024-03-06T10:58:49.980Z | 2026-02-11T09:09:18.507Z | |
| bit-mlflow-2024-27133 | Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset. | 2024-03-31T18:21:40.530Z | 2026-02-11T09:09:18.507Z |
| bit-mlflow-2024-27132 | Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. | 2024-03-31T18:21:50.638Z | 2026-02-11T09:09:18.507Z |
| bit-memcached-2021-37519 | 2024-11-08T19:14:19.674Z | 2026-02-11T09:09:18.507Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-xo66167 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T14:49:52.662006Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xo49545 | Within HostnameError | 2026-01-30T16:21:25.500719Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xl45869 | Moby is an open-source project created by Docker for software containerization | 2026-01-30T16:57:56.432971Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xi02879 | When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11 | 2026-01-30T16:18:55.578686Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xd92996 | Cancelling a query (e | 2026-01-30T15:46:24.650971Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xb70091 | Within HostnameError | 2026-01-30T14:03:50.560679Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-xb16901 | When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers | 2026-01-30T17:13:56.781902Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-wq07901 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T16:01:54.911193Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-wp20592 | SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption | 2026-01-30T16:05:24.814830Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-wi75198 | vulnerability has been identified in Node | 2026-01-30T17:34:27.754206Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-wi17406 | Redis is an open source, in-memory database that persists on disk | 2026-01-30T17:35:28.375848Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-wg18689 | attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests | 2026-01-30T16:29:25.690410Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-we92783 | SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption | 2026-01-30T16:05:24.753007Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-wa03785 | SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption | 2026-01-30T16:05:24.799763Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-vv68546 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate | 2026-01-30T16:35:55.883570Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-vs64679 | ParseAddress function constructs domain-literal address components through repeated string concatenation | 2026-01-30T16:35:25.680295Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-vl83369 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:03:53.758258Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-vf66781 | Within HostnameError | 2026-01-30T14:57:22.763452Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-vc16841 | Within HostnameError | 2026-01-30T15:02:22.944744Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-uz73015 | Cancelling a query (e | 2026-01-30T16:09:25.315533Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-uy85485 | Within HostnameError | 2026-01-30T14:45:52.628542Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-uy81473 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:44:54.187987Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-uu56048 | Within HostnameError | 2026-01-30T15:16:53.077326Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-uu20906 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T14:48:52.774829Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ur80185 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:30:24.609590Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-um63521 | Within HostnameError | 2026-01-30T16:12:25.029065Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ul17352 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T16:29:25.464127Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-uj17204 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:03:52.998379Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ui65993 | Within HostnameError | 2026-01-30T16:21:25.457624Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ty78539 | ParseAddress function constructs domain-literal address components through repeated string concatenation | 2026-01-30T16:35:55.295657Z | 2026-01-29T18:58:54Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2025-065 | 2025-05-21T17:28:31.000Z | 2025-05-21T17:28:31.000Z | |
| drupal-contrib-2025-064 | 2025-05-21T17:28:11.000Z | 2025-05-21T17:28:11.000Z | |
| drupal-contrib-2025-057 | 2025-05-14T18:04:31.000Z | 2025-05-14T19:39:43.000Z | |
| drupal-contrib-2025-063 | 2025-05-14T18:05:32.000Z | 2025-05-14T18:05:32.000Z | |
| drupal-contrib-2025-062 | 2025-05-14T18:05:22.000Z | 2025-05-14T18:05:22.000Z | |
| drupal-contrib-2025-061 | 2025-05-14T18:05:13.000Z | 2025-05-14T18:05:13.000Z | |
| drupal-contrib-2025-060 | 2025-05-14T18:05:04.000Z | 2025-05-14T18:05:04.000Z | |
| drupal-contrib-2025-056 | 2025-05-07T17:08:31.000Z | 2025-05-07T17:16:40.000Z | |
| drupal-contrib-2025-055 | 2025-05-07T17:07:46.000Z | 2025-05-07T17:16:36.000Z | |
| drupal-contrib-2025-054 | 2025-05-07T17:07:32.000Z | 2025-05-07T17:16:32.000Z | |
| drupal-contrib-2025-053 | 2025-05-07T17:07:22.000Z | 2025-05-07T17:16:27.000Z | |
| drupal-contrib-2025-052 | 2025-05-07T17:07:14.000Z | 2025-05-07T17:16:21.000Z | |
| drupal-contrib-2025-047 | 2025-05-07T17:06:16.000Z | 2025-05-07T17:06:16.000Z | |
| drupal-contrib-2025-033 | 2025-04-09T17:04:56.000Z | 2025-04-29T07:18:22.000Z | |
| drupal-contrib-2025-046 | 2025-04-23T16:59:33.000Z | 2025-04-23T16:59:33.000Z | |
| drupal-contrib-2025-045 | 2025-04-23T16:59:19.000Z | 2025-04-23T16:59:19.000Z | |
| drupal-contrib-2025-044 | 2025-04-23T16:59:11.000Z | 2025-04-23T16:59:11.000Z | |
| drupal-contrib-2025-043 | 2025-04-23T16:59:01.000Z | 2025-04-23T16:59:01.000Z | |
| drupal-contrib-2025-042 | 2025-04-23T16:58:51.000Z | 2025-04-23T16:58:51.000Z | |
| drupal-contrib-2025-040 | 2025-04-16T16:26:13.000Z | 2025-04-16T16:26:13.000Z | |
| drupal-contrib-2025-039 | 2025-04-16T16:25:56.000Z | 2025-04-16T16:25:56.000Z | |
| drupal-contrib-2025-038 | 2025-04-16T16:25:45.000Z | 2025-04-16T16:25:45.000Z | |
| drupal-contrib-2025-037 | 2025-04-16T16:25:35.000Z | 2025-04-16T16:25:35.000Z | |
| drupal-contrib-2025-036 | 2025-04-16T16:25:27.000Z | 2025-04-16T16:25:27.000Z | |
| drupal-contrib-2025-035 | 2025-04-16T16:25:12.000Z | 2025-04-16T16:25:12.000Z | |
| drupal-contrib-2025-031 | 2025-04-09T17:04:15.000Z | 2025-04-10T16:01:51.000Z | |
| drupal-contrib-2025-032 | 2025-04-09T17:04:46.000Z | 2025-04-09T17:04:46.000Z | |
| drupal-contrib-2025-030 | 2025-04-09T17:04:09.000Z | 2025-04-09T17:04:09.000Z | |
| drupal-contrib-2025-029 | 2025-04-02T17:03:15.000Z | 2025-04-02T17:03:15.000Z | |
| drupal-contrib-2025-028 | 2025-04-02T17:02:32.000Z | 2025-04-02T17:02:32.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-10324 | Google Pixel cn_NrmmDecoder.cpp文件缓冲区溢出漏洞 | 2025-12-18 | 2026-02-06 |
| cnvd-2026-10323 | Google Pixel gxp_buffer.h文件缓冲区溢出漏洞 | 2025-12-18 | 2026-02-06 |
| cnvd-2026-10322 | Google Pixel ss_LcsManagement.c文件缓冲区溢出漏洞 | 2025-12-18 | 2026-02-06 |
| cnvd-2026-10321 | Google Pixel代码执行漏洞(CNVD-2026-1032114) | 2025-12-18 | 2026-02-06 |
| cnvd-2026-10358 | Digilent DASYLab越界写入漏洞(CNVD-2026-10358) | 2025-09-04 | 2026-02-05 |
| cnvd-2026-10357 | Digilent DASYLab越界写入漏洞 | 2025-09-04 | 2026-02-05 |
| cnvd-2026-10356 | TOTOLINK X6000R命令注入漏洞(CNVD-2026-10356) | 2026-02-05 | 2026-02-05 |
| cnvd-2026-10355 | D-Link DIR-860L命令注入漏洞 | 2025-08-26 | 2026-02-05 |
| cnvd-2026-10343 | D-Link DAP-1325访问控制错误漏洞 | 2025-12-25 | 2026-02-05 |
| cnvd-2026-10318 | Tenda AX1806 fromSetSysTime函数堆栈溢出漏洞 | 2026-01-30 | 2026-02-05 |
| cnvd-2026-10317 | Oracle MySQL Server存在未明漏洞(CNVD-2026-10317) | 2026-01-30 | 2026-02-05 |
| cnvd-2026-10316 | Tenda AX1806 deviceList参数堆栈溢出漏洞 | 2026-01-30 | 2026-02-05 |
| cnvd-2026-10313 | Oracle MySQL Server存在未明漏洞(CNVD-2026-10313) | 2026-01-30 | 2026-02-05 |
| cnvd-2026-10312 | Oracle MySQL Server存在未明漏洞(CNVD-2026-10312) | 2026-01-30 | 2026-02-05 |
| cnvd-2026-09798 | Apache NiFi代码问题漏洞(CNVD-2026-09798) | 2026-01-14 | 2026-02-04 |
| cnvd-2026-09797 | Apache SIS XML外部实体注入漏洞 | 2026-01-15 | 2026-02-04 |
| cnvd-2026-09795 | Apache NimBLE代码问题漏洞 | 2026-01-19 | 2026-02-04 |
| cnvd-2026-09634 | MedDream PACS Premium notifynewstudy功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09633 | MedDream PACS Premium modifyTranscript功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09632 | MedDream PACS Premium modifyRoute功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09631 | MedDream PACS Premium modifyHL7Route功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09629 | MedDream PACS Premium modifyEmail功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09628 | MedDream PACS Premium modifyCoercion功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09627 | MedDream PACS Premium modifyAutopurgeFilter功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09626 | MedDream PACS Premium modifyAeTitle功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09625 | MedDream PACS Premium ldapUser功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09624 | MedDream PACS Premium fetchPriorStudies功能跨站脚本漏洞 | 2026-01-30 | 2026-02-04 |
| cnvd-2026-09630 | MedDream PACS Premium modifyHL7App功能跨站脚本漏洞 | 2026-01-30 | 2026-02-03 |
| cnvd-2026-09623 | MedDream PACS Premium existingUser功能跨站脚本漏洞 | 2026-01-30 | 2026-02-03 |
| cnvd-2026-09622 | MedDream PACS Premium encapsulatedDoc功能跨站脚本漏洞 | 2026-01-30 | 2026-02-03 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0140 | Multiples vulnérabilités dans les produits Axis | 2026-02-10T00:00:00.000000 | 2026-02-10T00:00:00.000000 |
| certfr-2026-avi-0139 | Multiples vulnérabilités dans les produits Siemens | 2026-02-10T00:00:00.000000 | 2026-02-10T00:00:00.000000 |
| certfr-2026-avi-0138 | Multiples vulnérabilités dans les produits Schneider Electric | 2026-02-10T00:00:00.000000 | 2026-02-10T00:00:00.000000 |
| certfr-2026-avi-0137 | Multiples vulnérabilités dans GnuTLS | 2026-02-10T00:00:00.000000 | 2026-02-10T00:00:00.000000 |
| certfr-2026-avi-0133 | Multiples vulnérabilités dans Roundcube | 2026-02-09T00:00:00.000000 | 2026-02-10T00:00:00.000000 |
| certfr-2026-avi-0136 | Vulnérabilité dans Fortinet FortiClientEMS | 2026-02-09T00:00:00.000000 | 2026-02-09T00:00:00.000000 |
| certfr-2026-avi-0135 | Vulnérabilité dans GitLab AI Gateway | 2026-02-09T00:00:00.000000 | 2026-02-09T00:00:00.000000 |
| certfr-2026-avi-0134 | Vulnérabilité dans Microsoft Edge | 2026-02-09T00:00:00.000000 | 2026-02-09T00:00:00.000000 |
| certfr-2026-avi-0132 | Multiples vulnérabilités dans VMware Tanzu Greenplum | 2026-02-09T00:00:00.000000 | 2026-02-09T00:00:00.000000 |
| certfr-2026-avi-0131 | Multiples vulnérabilités dans les produits IBM | 2026-02-06T00:00:00.000000 | 2026-02-06T00:00:00.000000 |
| certfr-2026-avi-0130 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-02-06T00:00:00.000000 | 2026-02-06T00:00:00.000000 |
| certfr-2026-avi-0129 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-02-06T00:00:00.000000 | 2026-02-06T00:00:00.000000 |
| certfr-2026-avi-0128 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-02-06T00:00:00.000000 | 2026-02-06T00:00:00.000000 |
| certfr-2026-avi-0127 | Vulnérabilité dans NetApp ONTAP 9 | 2026-02-06T00:00:00.000000 | 2026-02-06T00:00:00.000000 |
| certfr-2026-avi-0126 | Vulnérabilité dans ESET Management Agent | 2026-02-06T00:00:00.000000 | 2026-02-06T00:00:00.000000 |
| certfr-2026-avi-0125 | Multiples vulnérabilités dans les produits Moxa | 2026-02-06T00:00:00.000000 | 2026-02-06T00:00:00.000000 |
| certfr-2026-avi-0124 | Multiples vulnérabilités dans Microsoft Edge | 2026-02-06T00:00:00.000000 | 2026-02-06T00:00:00.000000 |
| certfr-2026-avi-0123 | Multiples vulnérabilités dans Asterisk | 2026-02-06T00:00:00.000000 | 2026-02-06T00:00:00.000000 |
| certfr-2026-avi-0122 | Multiples vulnérabilités dans Tenable Nessus | 2026-02-06T00:00:00.000000 | 2026-02-06T00:00:00.000000 |
| certfr-2026-avi-0121 | Vulnérabilité dans les produits Juniper Networks | 2026-02-06T00:00:00.000000 | 2026-02-06T00:00:00.000000 |
| certfr-2026-avi-0120 | Multiples vulnérabilités dans les produits F5 | 2026-02-05T00:00:00.000000 | 2026-02-05T00:00:00.000000 |
| certfr-2026-avi-0119 | Multiples vulnérabilités dans les produits Cisco | 2026-02-05T00:00:00.000000 | 2026-02-05T00:00:00.000000 |
| certfr-2026-avi-0118 | Multiples vulnérabilités dans les produits Splunk | 2026-02-05T00:00:00.000000 | 2026-02-05T00:00:00.000000 |
| certfr-2026-avi-0117 | Multiples vulnérabilités dans GLPI | 2026-02-04T00:00:00.000000 | 2026-02-04T00:00:00.000000 |
| certfr-2026-avi-0116 | Vulnérabilité dans les produits Moxa | 2026-02-04T00:00:00.000000 | 2026-02-04T00:00:00.000000 |
| certfr-2026-avi-0115 | Multiples vulnérabilités dans Tenable Identity Exposure | 2026-02-04T00:00:00.000000 | 2026-02-04T00:00:00.000000 |
| certfr-2026-avi-0114 | Multiples vulnérabilités dans Google Chrome | 2026-02-04T00:00:00.000000 | 2026-02-04T00:00:00.000000 |
| certfr-2026-avi-0113 | Vulnérabilité dans Google Pixel | 2026-02-04T00:00:00.000000 | 2026-02-04T00:00:00.000000 |
| certfr-2026-avi-0112 | Multiples vulnérabilités dans les produits VMware | 2026-02-02T00:00:00.000000 | 2026-02-02T00:00:00.000000 |
| certfr-2026-avi-0111 | Vulnérabilité dans ESET Inspect Connector | 2026-02-02T00:00:00.000000 | 2026-02-02T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2020-ale-017 | Multiples vulnérabilités dans SAP Netweaver AS JAVA | 2020-07-15T00:00:00.000000 | 2020-10-12T00:00:00.000000 |
| certfr-2020-ale-016 | Vulnérabilité dans Microsoft Domain Name System (DNS) Server | 2020-07-15T00:00:00.000000 | 2020-10-12T00:00:00.000000 |
| certfr-2020-ale-015 | Vulnérabilité dans F5 BIG-IP | 2020-07-05T00:00:00.000000 | 2020-09-15T00:00:00.000000 |
| certfr-2020-ale-014 | Vulnérabilité dans Palo Alto Networks PAN-OS | 2020-07-03T00:00:00.000000 | 2020-07-31T00:00:00.000000 |
| certfr-2020-ale-012 | Multiples vulnérabilités dans SaltStack | 2020-05-04T00:00:00.000000 | 2020-07-31T00:00:00.000000 |
| certfr-2020-ale-008 | Vulnérabilité dans l'implémentation du protocole SMB par Microsoft | 2020-03-11T00:00:00.000000 | 2020-07-31T00:00:00.000000 |
| certfr-2020-ale-002 | Vulnérabilité dans les produits Citrix ADC et Citrix Gateway | 2020-01-09T00:00:00.000000 | 2020-07-31T00:00:00.000000 |
| certfr-2020-ale-013 | Multiples vulnérabilités dans Microsoft Windows | 2020-07-01T00:00:00.000000 | 2020-07-05T00:00:00.000000 |
| certfr-2020-ale-011 | Multiples vulnérabilités dans les produits Microsoft qui utilisent la bibliothèque Autodesk FBX | 2020-04-22T00:00:00.000000 | 2020-06-23T00:00:00.000000 |
| certfr-2020-ale-009 | Multiples vulnérabilités dans Microsoft Windows | 2020-03-24T00:00:00.000000 | 2020-06-23T00:00:00.000000 |
| certfr-2020-ale-010 | Multiples vulnérabilités dans Mozilla Firefox | 2020-04-06T00:00:00.000000 | 2020-05-05T00:00:00.000000 |
| certfr-2020-ale-007 | Vulnérabilité dans Microsoft Exchange Server | 2020-02-27T00:00:00.000000 | 2020-05-05T00:00:00.000000 |
| certfr-2020-ale-001 | Multiples vulnérabilités dans les produits de Pulse Secure | 2020-01-09T00:00:00.000000 | 2020-05-05T00:00:00.000000 |
| certfr-2020-ale-006 | Vulnérabilité dans Microsoft Internet Explorer | 2020-01-20T00:00:00.000000 | 2020-02-19T00:00:00.000000 |
| certfr-2020-ale-005 | Multiples vulnérabilités dans le serveur de passerelle RDP de Windows | 2020-01-14T00:00:00.000000 | 2020-02-19T00:00:00.000000 |
| certfr-2020-ale-003 | Vulnérabilité dans les produits Mozilla | 2020-01-09T00:00:00.000000 | 2020-01-20T00:00:00.000000 |
| certfr-2020-ale-004 | Vulnérabilité dans Microsoft Windows | 2020-01-14T00:00:00.000000 | 2020-01-17T00:00:00.000000 |
| certfr-2019-ale-015 | Multiples vulnérabilités dans Google Chrome | 2019-11-04T00:00:00.000000 | 2020-01-08T00:00:00.000000 |
| certfr-2019-ale-014 | Vulnérabilité dans PHP | 2019-10-29T00:00:00.000000 | 2020-01-08T00:00:00.000000 |
| certfr-2019-ale-013 | Vulnérabilité dans Microsoft Internet Explorer | 2019-09-24T00:00:00.000000 | 2019-10-25T00:00:00.000000 |
| certfr-2019-ale-012 | Multiples vulnérabilités dans Microsoft Remote Desktop Services | 2019-08-14T00:00:00.000000 | 2019-10-25T00:00:00.000000 |
| certfr-2019-ale-006 | Vulnérabilité dans Microsoft Remote Desktop Services | 2019-05-22T00:00:00.000000 | 2019-10-25T00:00:00.000000 |
| certfr-2019-ale-011 | Vulnérabilité dans Oracle WebLogic | 2019-06-20T00:00:00.000000 | 2019-07-23T00:00:00.000000 |
| certfr-2019-ale-010 | Vulnérabilité dans Mozilla Firefox | 2019-06-20T00:00:00.000000 | 2019-07-23T00:00:00.000000 |
| certfr-2019-ale-009 | Vulnérabilité dans Exim | 2019-06-11T00:00:00.000000 | 2019-07-23T00:00:00.000000 |
| certfr-2019-ale-008 | Vulnérabilité dans Microsoft SharePoint Server | 2019-05-29T00:00:00.000000 | 2019-07-23T00:00:00.000000 |
| certfr-2019-ale-007 | Vulnérabilité dans le serveur DHCP de Windows | 2019-05-15T00:00:00.000000 | 2019-06-20T00:00:00.000000 |
| certfr-2019-ale-005 | Vulnérabilité dans Oracle WebLogic | 2019-04-26T00:00:00.000000 | 2019-06-20T00:00:00.000000 |
| certfr-2019-ale-003 | Campagnes de rançongiciels | 2019-01-31T00:00:00.000000 | 2019-06-20T00:00:00.000000 |
| certfr-2019-ale-004 | Multiples vulnérabilités dans Microsoft Edge et Internet Explorer | 2019-04-01T00:00:00.000000 | 2019-04-17T00:00:00.000000 |