Recent vulnerabilities

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2025-66077	4.3 (3.1)	WordPress Legal Pages plugin <= 1.4.6 - Broken Access …	wpWax	Legal Pages	2025-11-21T12:29:57.063Z	2026-01-20T14:28:23.798Z
CVE-2025-66083	4.3 (3.1)	WordPress WpEvently plugin <= 5.0.4 - Broken Access Co…	magepeopleteam	WpEvently	2025-11-21T12:29:57.750Z	2026-01-20T14:28:23.721Z
CVE-2025-66068	6.5 (3.1)	WordPress InstaWP Connect plugin <= 0.1.1.9 - Broken A…	InstaWP	InstaWP Connect	2025-12-18T07:22:17.312Z	2026-01-20T14:28:23.688Z
CVE-2025-66086	5.3 (3.1)	WordPress SMS Alert Order Notifications plugin <= 3.8.…	Cozy Vision	SMS Alert Order Notifications	2025-11-21T12:29:58.296Z	2026-01-20T14:28:23.427Z
CVE-2025-66084	4.3 (3.1)	WordPress FluentCommunity plugin <= 2.0.0 - Broken Acc…	Shahjahan Jewel	FluentCommunity	2025-11-21T12:29:57.920Z	2026-01-20T14:28:23.392Z
CVE-2025-66057	6.3 (3.1)	WordPress Bold Page Builder plugin <= 5.5.2 - Cross Si…	boldthemes	Bold Page Builder	2025-11-21T12:29:54.209Z	2026-01-20T14:28:23.380Z
CVE-2025-66073	6.5 (3.1)	WordPress WP Webhooks plugin <= 3.3.8 - PHP Object Inj…	Cozmoslabs	WP Webhooks	2025-11-21T12:29:56.667Z	2026-01-20T14:28:23.347Z
CVE-2025-64638	5.3 (3.1)	WordPress OnPay.io for WooCommerce plugin <= 1.0.47 - …	OnPay.io	OnPay.io for WooCommerce	2025-12-16T08:12:51.913Z	2026-01-20T14:28:23.328Z
CVE-2025-66072	9.8 (3.1)	WordPress UsersWP plugin <= 1.2.47 - Broken Access Con…	Stiofan	UsersWP	2025-11-21T12:29:56.382Z	2026-01-20T14:28:23.321Z
CVE-2025-66059	5.3 (3.1)	WordPress Seriously Simple Podcasting plugin <= 3.13.0…	Craig Hewitt	Seriously Simple Podcasting	2025-11-21T12:29:54.426Z	2026-01-20T14:28:23.317Z
CVE-2025-66082	4.3 (3.1)	WordPress WpEvently plugin <= 5.0.4 - Broken Access Co…	magepeopleteam	WpEvently	2025-11-21T12:29:57.578Z	2026-01-20T14:28:23.316Z
CVE-2025-66056	4.3 (3.1)	WordPress Uncanny Automator plugin < 6.10.0 - Sensitiv…	Uncanny Owl	Uncanny Automator	2025-11-21T12:29:54.000Z	2026-01-20T14:28:23.283Z
CVE-2025-66062	3.7 (3.1)	WordPress WP YouTube Lyte plugin <= 1.7.28 - Open Redi…	Frank Goossens	WP YouTube Lyte	2025-11-21T12:29:54.981Z	2026-01-20T14:28:23.280Z
CVE-2025-66054	7.5 (3.1)	WordPress LearnPress plugin <= 4.2.9.4 - Broken Access…	ThimPress	LearnPress	2025-12-18T07:22:17.129Z	2026-01-20T14:28:23.253Z
CVE-2025-66060	5.3 (3.1)	WordPress Seriously Simple Podcasting plugin <= 3.13.0…	Craig Hewitt	Seriously Simple Podcasting	2025-11-21T12:29:54.618Z	2026-01-20T14:28:23.244Z
CVE-2025-66079	7.3 (3.1)	WordPress Gutenverse Form plugin <= 2.2.0 - Broken Acc…	Jegstudio	Gutenverse Form	2025-11-21T12:29:57.227Z	2026-01-20T14:28:23.242Z
CVE-2025-66055	7.2 (3.1)	WordPress Email Subscribers & Newsletters plugin <= 5.…	Icegram	Email Subscribers & Newsletters	2025-11-21T12:29:53.666Z	2026-01-20T14:28:23.237Z
CVE-2025-66064	5.3 (3.1)	WordPress Giveaways and Contests by RafflePress plugin…	Syed Balkhi	Giveaways and Contests by RafflePress	2025-11-21T12:29:55.338Z	2026-01-20T14:28:23.234Z
CVE-2025-66067	5.4 (3.1)	WordPress Funnel Builder by FunnelKit plugin <= 3.13.1…	FunnelKit	Funnel Builder by FunnelKit	2025-11-21T12:29:55.849Z	2026-01-20T14:28:23.233Z
CVE-2025-66075	4.2 (3.1)	WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy C…	WP Legal Pages	WP Cookie Notice for GDPR, CCPA & ePrivacy Consent	2025-11-21T12:29:56.896Z	2026-01-20T14:28:23.221Z
CVE-2025-66080	5.3 (3.1)	WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy C…	WP Legal Pages	WP Cookie Notice for GDPR, CCPA & ePrivacy Consent	2025-12-30T16:10:40.664Z	2026-01-20T14:28:23.215Z
CVE-2025-66069	4.3 (3.1)	WordPress PPOM for WooCommerce plugin <= 33.0.16 - Bro…	Themeisle	PPOM for WooCommerce	2025-11-21T12:29:56.025Z	2026-01-20T14:28:23.215Z
CVE-2025-64384	6.3 (3.1)	WordPress JetFormBuilder plugin <= 3.5.3 - Broken Acce…	jetmonsters	JetFormBuilder	2025-11-13T09:24:36.292Z	2026-01-20T14:28:23.177Z
CVE-2025-66074	9 (3.1)	WordPress WP Webhooks plugin <= 3.3.8 - Arbitrary File…	Cozmoslabs	WP Webhooks	2025-12-18T07:22:17.689Z	2026-01-20T14:28:23.166Z
CVE-2025-66071	9.8 (3.1)	WordPress Custom Order Numbers for WooCommerce plugin …	tychesoftwares	Custom Order Numbers for WooCommerce	2025-11-21T12:29:56.210Z	2026-01-20T14:28:23.159Z
CVE-2025-66061	4.3 (3.1)	WordPress Seriously Simple Podcasting plugin <= 3.13.0…	Craig Hewitt	Seriously Simple Podcasting	2025-11-21T12:29:54.807Z	2026-01-20T14:28:23.136Z
CVE-2025-66066	6.1 (3.1)	WordPress Envo Extra plugin <= 1.9.11 - Cross Site Scr…	EnvoThemes	Envo Extra	2025-11-21T12:29:55.680Z	2026-01-20T14:28:23.127Z
CVE-2025-66070	7.5 (3.1)	WordPress wpForo Forum plugin <= 2.4.10 - Broken Acces…	Tomdever	wpForo Forum	2025-12-18T07:22:17.491Z	2026-01-20T14:28:23.120Z
CVE-2025-64634	8.8 (3.1)	WordPress Avada theme <= 7.13.1 - Broken Access Contro…	ThemeFusion	Avada	2025-12-16T08:12:51.156Z	2026-01-20T14:28:23.104Z
CVE-2025-66058	6.5 (3.1)	WordPress Post Grid and Gutenberg Blocks plugin <= 2.3…	PickPlugins	Post Grid and Gutenberg Blocks	2025-12-18T16:15:15.498Z	2026-01-20T14:28:23.035Z

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2025-66165	5.4 (3.1)	WordPress Lottier for WPBakery plugin <= 1.1.7 - Broke…	merkulove	Lottier for WPBakery	2025-12-16T08:12:56.408Z	2026-01-20T14:28:24.537Z
CVE-2025-66164	5.4 (3.1)	WordPress Laser plugin <= 1.1.1 - Broken Access Contro…	merkulove	Laser	2025-12-16T08:12:56.211Z	2026-01-20T14:28:24.509Z
CVE-2025-66163	5.4 (3.1)	WordPress Masker for Elementor plugin <= 1.1.4 - Broke…	merkulove	Masker for Elementor	2025-12-16T08:12:55.859Z	2026-01-20T14:28:24.419Z
CVE-2025-66162	5.4 (3.1)	WordPress Spoter for Elementor plugin <= 1.04 - Broken…	merkulove	Spoter for Elementor	2025-12-16T08:12:55.672Z	2026-01-20T14:28:24.446Z
CVE-2025-66161	5.4 (3.1)	WordPress Grider for Elementor plugin <= 1.0.8 - Broke…	merkulove	Grider for Elementor	2025-12-16T08:12:55.484Z	2026-01-20T14:28:24.442Z
CVE-2025-66160	5.4 (3.1)	WordPress Select Graphist for Elementor Graphist for …	merkulove	Select Graphist for Elementor Graphist for Elementor	2025-12-31T16:50:19.182Z	2026-01-20T14:28:24.538Z
CVE-2025-66159	5.4 (3.1)	WordPress Walker for Elementor plugin <= 1.1.6 - Broke…	merkulove	Walker for Elementor	2025-12-31T16:51:12.320Z	2026-01-20T14:28:24.501Z
CVE-2025-66158	5.4 (3.1)	WordPress Gmaper for Elementor plugin <= 1.0.9 - Broke…	merkulove	Gmaper for Elementor	2025-12-31T16:51:58.259Z	2026-01-20T14:28:24.495Z
CVE-2025-66157	5.4 (3.1)	WordPress Slider for Elementor plugin <= 1.0.10 - Brok…	merkulove	Slider for Elementor	2025-12-31T16:58:24.314Z	2026-01-20T14:28:24.553Z
CVE-2025-66156	5.4 (3.1)	WordPress Watcher for Elementor plugin <= 1.0.9 - Brok…	merkulove	Watcher for Elementor	2025-12-31T16:59:07.770Z	2026-01-20T14:28:24.495Z
CVE-2025-66155	5.4 (3.1)	WordPress Questionar for Elementor plugin <= 1.1.7 - B…	merkulove	Questionar for Elementor	2025-12-31T17:00:37.052Z	2026-01-20T14:28:24.566Z
CVE-2025-66154	5.4 (3.1)	WordPress Couponer for Elementor plugin <= 1.1.7 - Bro…	merkulove	Couponer for Elementor	2025-12-31T17:01:26.537Z	2026-01-20T14:28:24.410Z
CVE-2025-66153	5.4 (3.1)	WordPress Headinger for Elementor plugin <= 1.1.4 - Br…	merkulove	Headinger for Elementor	2025-12-31T18:31:21.816Z	2026-01-20T14:28:24.444Z
CVE-2025-66152	5.4 (3.1)	WordPress Criptopayer for Elementor plugin <= 1.0.1 - …	merkulove	Criptopayer for Elementor	2025-12-31T18:32:07.924Z	2026-01-20T14:28:24.511Z
CVE-2025-66151	5.4 (3.1)	WordPress Countdowner for Elementor plugin <= 1.0.4 - …	merkulove	Countdowner for Elementor	2025-12-31T18:32:49.483Z	2026-01-20T14:28:24.546Z
CVE-2025-66150	5.4 (3.1)	WordPress Appender plugin <= 1.1.1 - Broken Access Con…	merkulove	Appender	2025-12-31T18:35:57.735Z	2026-01-20T14:28:24.539Z
CVE-2025-66149	5.4 (3.1)	WordPress UnGrabber plugin <= 3.1.3 - Broken Access Co…	merkulove	UnGrabber	2025-12-31T18:38:14.772Z	2026-01-20T14:28:24.511Z
CVE-2025-66148	5.4 (3.1)	WordPress Conformer for Elementor plugin <= 1.0.7 - Br…	merkulove	Conformer for Elementor	2025-12-31T19:49:17.102Z	2026-01-20T14:28:24.475Z
CVE-2025-66147	5.4 (3.1)	WordPress Coder for Elementor plugin <= 1.0.13 - Broke…	merkulove	Coder for Elementor	2025-12-16T08:12:55.284Z	2026-01-20T14:28:24.524Z
CVE-2025-66146	5.4 (3.1)	WordPress Logger for Elementor plugin <= 1.0.9 - Broke…	merkulove	Logger for Elementor	2025-12-31T19:50:21.260Z	2026-01-20T14:28:24.515Z
CVE-2025-66145	5.4 (3.1)	WordPress Worker for WPBakery plugin <= 1.1.1 - Broken…	merkulove	Worker for WPBakery	2025-12-31T19:51:22.621Z	2026-01-20T14:28:24.457Z
CVE-2025-66144	5.4 (3.1)	WordPress Worker for Elementor plugin <= 1.0.10 - Brok…	merkulove	Worker for Elementor	2025-12-31T19:51:58.516Z	2026-01-20T14:28:24.464Z
CVE-2025-66134	5.4 (3.1)	WordPress FileBird Pro plugin <= 6.4.9 - Broken Access…	NinjaTeam	FileBird Pro	2025-12-16T08:12:55.088Z	2026-01-20T14:28:24.432Z
CVE-2025-66133	5.3 (3.1)	WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy C…	WP Legal Pages	WP Cookie Notice for GDPR, CCPA & ePrivacy Consent	2025-12-16T08:12:54.808Z	2026-01-20T14:28:24.495Z
CVE-2025-66132	6.5 (3.1)	WordPress FAPI Member plugin <= 2.2.26 - Insecure Dire…	FAPI Business s.r.o.	FAPI Member	2025-12-16T08:12:54.562Z	2026-01-20T14:28:24.662Z
CVE-2025-66131	9.1 (3.1)	WordPress Yaad Sarig Payment Gateway For WC plugin <= …	yaadsarig	Yaad Sarig Payment Gateway For WC	2025-12-16T08:12:54.364Z	2026-01-20T14:28:24.534Z
CVE-2025-66130	5.3 (3.1)	WordPress WP Views Counter plugin <= 2.1.2 - Broken Ac…	etruel	WP Views Counter	2025-12-16T08:12:54.174Z	2026-01-20T14:28:24.483Z
CVE-2025-66129	5.3 (3.1)	WordPress Pochipp plugin <= 1.18.0 - Broken Access Con…	wppochipp	Pochipp	2025-12-16T08:12:53.976Z	2026-01-20T14:28:24.628Z
CVE-2025-66128	5.3 (3.1)	WordPress Sendinblue for WooCommerce plugin <= 4.0.49 …	Brevo	Sendinblue for WooCommerce	2025-12-16T08:12:53.783Z	2026-01-20T14:28:24.551Z
CVE-2025-66127	5.4 (3.1)	WordPress Essential Real Estate plugin <= 5.2.2 - Brok…	g5theme	Essential Real Estate	2025-12-16T08:12:53.580Z	2026-01-20T14:28:24.400Z

ID	Description	Published	Updated
fkie_cve-2025-66145	Missing Authorization vulnerability in merkulove Worker for WPBakery allows Exploiting Incorrectly …	2025-12-31T20:15:43.213	2026-01-20T15:19:10.683
fkie_cve-2025-66144	Missing Authorization vulnerability in merkulove Worker for Elementor allows Exploiting Incorrectly…	2025-12-31T20:15:43.073	2026-01-20T15:19:10.587
fkie_cve-2025-66134	Missing Authorization vulnerability in NinjaTeam FileBird Pro filebird-pro allows Exploiting Incorr…	2025-12-16T09:15:58.040	2026-01-20T15:19:10.450
fkie_cve-2025-66133	Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Co…	2025-12-16T09:15:57.913	2026-01-20T15:19:10.320
fkie_cve-2025-66132	Authorization Bypass Through User-Controlled Key vulnerability in FAPI Business s.r.o. FAPI Member …	2025-12-16T09:15:57.780	2026-01-20T15:19:10.190
fkie_cve-2025-66131	Missing Authorization vulnerability in yaadsarig Yaad Sarig Payment Gateway For WC yaad-sarig-payme…	2025-12-16T09:15:57.653	2026-01-20T15:19:10.060
fkie_cve-2025-66130	Missing Authorization vulnerability in etruel WP Views Counter wpecounter allows Exploiting Incorre…	2025-12-16T09:15:57.527	2026-01-20T15:19:09.927
fkie_cve-2025-66129	Missing Authorization vulnerability in wppochipp Pochipp pochipp allows Exploiting Incorrectly Conf…	2025-12-16T09:15:57.397	2026-01-20T15:19:09.800
fkie_cve-2025-66128	Missing Authorization vulnerability in Brevo Sendinblue for WooCommerce woocommerce-sendinblue-news…	2025-12-16T09:15:57.267	2026-01-20T15:19:09.670
fkie_cve-2025-66127	Missing Authorization vulnerability in g5theme Essential Real Estate essential-real-estate allows E…	2025-12-16T09:15:57.140	2026-01-20T15:19:09.533
fkie_cve-2025-66126	Insertion of Sensitive Information Into Sent Data vulnerability in wowpress.host Fix Media Library …	2025-12-16T09:15:56.993	2026-01-20T15:19:09.390
fkie_cve-2025-66125	Insertion of Sensitive Information Into Sent Data vulnerability in Nitesh Ultimate Auction ultimat…	2025-12-16T09:15:56.853	2026-01-20T15:19:09.223
fkie_cve-2025-66124	Missing Authorization vulnerability in ZEEN101 Leaky Paywall leaky-paywall allows Exploiting Incorr…	2025-12-16T09:15:56.700	2026-01-20T15:19:09.097
fkie_cve-2025-66122	Missing Authorization vulnerability in Design Stylish Price List stylish-price-list allows Exploiti…	2025-12-16T09:15:56.547	2026-01-20T15:19:08.967
fkie_cve-2025-66121	Missing Authorization vulnerability in SiteGround SiteGround Security sg-security allows Exploiting…	2025-12-16T09:15:56.410	2026-01-20T15:19:08.830
fkie_cve-2025-66120	Missing Authorization vulnerability in CatFolders CatFolders catfolders allows Exploiting Incorrect…	2025-12-16T09:15:56.280	2026-01-20T15:19:08.707
fkie_cve-2025-66119	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-18T08:16:16.563	2026-01-20T15:19:08.577
fkie_cve-2025-66118	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-18T08:16:16.440	2026-01-20T15:19:08.443
fkie_cve-2025-66117	Missing Authorization vulnerability in Ays Pro Easy Form easy-form allows Exploiting Incorrectly Co…	2025-12-18T08:16:16.310	2026-01-20T15:19:08.310
fkie_cve-2025-66116	Insertion of Sensitive Information Into Sent Data vulnerability in UserElements Ultimate Member Wid…	2025-12-18T08:16:16.193	2026-01-20T15:19:08.180
fkie_cve-2025-66115	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-11-21T13:15:53.440	2026-01-20T15:19:08.047
fkie_cve-2025-66114	Missing Authorization vulnerability in theme funda Show Variations as Single Products Woocommerce w…	2025-11-21T13:15:53.297	2026-01-20T15:19:07.917
fkie_cve-2025-66113	Missing Authorization vulnerability in ThemeAtelier Better Chat Support for Messenger better-chat-s…	2025-11-21T13:15:53.153	2026-01-20T15:19:07.787
fkie_cve-2025-66112	Missing Authorization vulnerability in WebToffee Accessibility Toolkit by WebYes accessibility-plus…	2025-11-21T13:15:52.987	2026-01-20T15:19:07.660
fkie_cve-2025-66111	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-11-21T13:15:52.840	2026-01-20T15:19:07.513
fkie_cve-2025-66110	Missing Authorization vulnerability in bPlugins Tiktok Feed b-tiktok-feed allows Exploiting Incorre…	2025-11-21T13:15:52.660	2026-01-20T15:19:07.377
fkie_cve-2025-66109	Missing Authorization vulnerability in octolize Cart Weight for WooCommerce woo-cart-weight allows …	2025-11-21T13:15:52.470	2026-01-20T15:19:07.240
fkie_cve-2025-66108	Missing Authorization vulnerability in Merlot Digital (by TNC) TNC Toolbox: Web Performance tnc-too…	2025-11-21T13:15:52.320	2026-01-20T15:19:07.110
fkie_cve-2025-66107	Missing Authorization vulnerability in Scott Paterson Subscriptions & Memberships for PayPal subscr…	2025-11-21T13:15:52.147	2026-01-20T15:19:06.980
fkie_cve-2025-66106	Missing Authorization vulnerability in Essential Plugin Featured Post Creative featured-post-creati…	2025-11-21T13:15:51.793	2026-01-20T15:19:06.833

ID	Severity	Description	Published	Updated
ghsa-cqxc-j3v9-5m9g	9.8 (3.1)	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-9r4p-xvf3-9x4q	6.5 (3.1)	Missing Authorization vulnerability in WP Delicious WP Delicious delicious-recipes allows Exploitin…	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-9gx8-7m79-g5p3	6.5 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-98c9-f4v9-v6qr	6.5 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-93x9-7c94-7879	6.5 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-93x7-mfr3-2vx3	5.4 (3.1)	Missing Authorization vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by …	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-8q5w-6x37-j5hg	6.5 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-865r-5g86-hfxf	5.3 (3.1)	Missing Authorization vulnerability in Saad Iqbal Post SMTP post-smtp allows Exploiting Incorrectly…	2025-12-09T18:30:43Z	2026-01-20T15:32:11Z
ghsa-7f3f-ppww-82r3	9.8 (3.1)	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-74xg-56wg-gvpj	6.5 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-6pvg-49r3-g3c7	9.8 (3.1)	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-6j84-m7wp-j9jm	7.1 (3.1)	Cross-Site Request Forgery (CSRF) vulnerability in Jacques Malgrange Rencontre rencontre allows Sto…	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-59m8-jmcc-pxx7	6.5 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-57rv-vq9v-c6qg	5.9 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-5263-ggmq-48gj	5.4 (3.1)	Missing Authorization vulnerability in Oleksandr Lysyi Debug Log Viewer debug-log-viewer allows Exp…	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-3662-gvg6-j9xx	6.5 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-2wqc-47g4-pm22	6.5 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-2w86-r6rm-76wr	5.3 (3.1)	Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in uixthem…	2025-12-09T18:30:43Z	2026-01-20T15:32:11Z
ghsa-2q9h-6v2j-hfpp	9.8 (3.1)	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-2jf2-fhpf-vfw3	6.5 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-2hgv-qvvq-63hq	6.5 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-29qw-9m44-pf9w	9.8 (3.1)	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-09T18:30:42Z	2026-01-20T15:32:11Z
ghsa-37mj-762c-hqp3	9.8 (3.1)	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-09T18:30:42Z	2026-01-20T15:32:10Z
ghsa-wgpc-jm6c-j4j7	9.8 (3.1)	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability …	2025-12-09T18:30:41Z	2026-01-20T15:32:05Z
ghsa-vfrr-rhvp-vvw9	8.8 (3.1)	Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud Simple Link Directory simple-link-d…	2025-12-09T18:30:41Z	2026-01-20T15:32:05Z
ghsa-vfj6-fgcq-5c93	4.3 (3.1)	Missing Authorization vulnerability in Ultimate Member ForumWP forumwp allows Exploiting Incorrectl…	2025-12-09T18:30:41Z	2026-01-20T15:32:05Z
ghsa-v3j5-8g9v-3768	9.8 (3.1)	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability …	2025-12-09T18:30:42Z	2026-01-20T15:32:05Z
ghsa-qp8q-xvwm-2x2q	8.8 (3.1)	Cross-Site Request Forgery (CSRF) vulnerability in vcita Online Booking & Scheduling Calendar for W…	2025-12-09T18:30:41Z	2026-01-20T15:32:05Z
ghsa-pp33-jqv4-5hjf	9.8 (3.1)	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability …	2025-12-09T18:30:41Z	2026-01-20T15:32:05Z
ghsa-mw6g-37x4-p223	9.8 (3.1)	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-09T18:30:42Z	2026-01-20T15:32:05Z

ID	Description	Package	Published	Updated
pysec-2021-513	TensorFlow is an end-to-end open source platform for machine learning. The TFLite computa…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:56.553875Z
pysec-2021-512	TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:56.381620Z
pysec-2021-511	TensorFlow is an end-to-end open source platform for machine learning. The implementation…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:56.228145Z
pysec-2021-510	TensorFlow is an end-to-end open source platform for machine learning. Due to lack of val…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:56.077512Z
pysec-2021-509	TensorFlow is an end-to-end open source platform for machine learning. Due to lack of val…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:55.926686Z
pysec-2021-508	TensorFlow is an end-to-end open source platform for machine learning. The implementation…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:55.778346Z
pysec-2021-507	TensorFlow is an end-to-end open source platform for machine learning. The implementation…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:55.622531Z
pysec-2021-506	TensorFlow is an end-to-end open source platform for machine learning. The implementation…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:55.459344Z
pysec-2021-505	TensorFlow is an end-to-end open source platform for machine learning. The implementation…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:55.310052Z
pysec-2021-504	TensorFlow is an end-to-end open source platform for machine learning. The implementation…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:55.161027Z
pysec-2021-503	TensorFlow is an end-to-end open source platform for machine learning. The implementation…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:55.002066Z
pysec-2021-502	TensorFlow is an end-to-end open source platform for machine learning. The implementation…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:54.849798Z
pysec-2021-501	TensorFlow is an end-to-end open source platform for machine learning. The implementation…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:54.700321Z
pysec-2021-500	TensorFlow is an end-to-end open source platform for machine learning. The implementation…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:54.530775Z
pysec-2021-499	TensorFlow is an end-to-end open source platform for machine learning. The implementation…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:54.370426Z
pysec-2021-498	TensorFlow is an end-to-end open source platform for machine learning. The implementation…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:54.218525Z
pysec-2021-497	TensorFlow is an end-to-end open source platform for machine learning. The implementation…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:54.064557Z
pysec-2021-496	TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:53.905703Z
pysec-2021-495	TensorFlow is an end-to-end open source platform for machine learning. Due to lack of val…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:53.752999Z
pysec-2021-494	TensorFlow is an end-to-end open source platform for machine learning. An attacker can wr…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:53.596467Z
pysec-2021-493	TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:53.440506Z
pysec-2021-492	TensorFlow is an end-to-end open source platform for machine learning. An attacker can tr…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:53.290029Z
pysec-2021-491	TensorFlow is an end-to-end open source platform for machine learning. An attacker can ca…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:53.142665Z
pysec-2021-490	TensorFlow is an end-to-end open source platform for machine learning. An attacker can ca…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:52.986581Z
pysec-2021-489	TensorFlow is an end-to-end open source platform for machine learning. An attacker can ca…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:52.832408Z
pysec-2021-488	TensorFlow is an end-to-end open source platform for machine learning. An attacker can ca…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:52.680803Z
pysec-2021-487	TensorFlow is an end-to-end open source platform for machine learning. An attacker can ac…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:52.523360Z
pysec-2021-486	TensorFlow is an end-to-end open source platform for machine learning. An attacker can ca…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:52.373382Z
pysec-2021-485	TensorFlow is an end-to-end open source platform for machine learning. An attacker can ca…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:52.215362Z
pysec-2021-484	TensorFlow is an end-to-end open source platform for machine learning. An attacker can ca…	tensorflow-cpu	2021-05-14T20:15:00Z	2021-12-09T06:34:52.071121Z

ID	Description	Type

ID	Description	Updated
gsd-2024-3797	A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been decl…	2024-04-16T05:01:59.613274Z
gsd-2024-3790	Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting (XS…	2024-04-16T05:01:59.612027Z
gsd-2024-3859	On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that po…	2024-04-16T05:01:59.607140Z
gsd-2024-3869	The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized a…	2024-04-16T05:01:59.603165Z
gsd-2024-3841	Insufficient data validation in Browser Switcher in Google Chrome prior to 124.0.6367.60 …	2024-04-16T05:01:59.600187Z
gsd-2024-3786	Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Si…	2024-04-16T05:01:59.599646Z
gsd-2024-3853	A use-after-free could result if a JavaScript realm was in the process of being initializ…	2024-04-16T05:01:59.597508Z
gsd-2024-3803	A vulnerability classified as critical was found in Vesystem Cloud Desktop up to 20240408…	2024-04-16T05:01:59.588357Z
gsd-2024-3804	A vulnerability, which was classified as critical, has been found in Vesystem Cloud Deskt…	2024-04-16T05:01:59.582546Z
gsd-2024-3840	Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60…	2024-04-16T05:01:59.576849Z
gsd-2024-3808	The format of the source doesn't require a description, click on the link for more details.	2024-04-16T05:01:59.576112Z
gsd-2024-3850	The format of the source doesn't require a description, click on the link for more details.	2024-04-16T05:01:59.572602Z
gsd-2024-3855	In certain cases the JIT incorrectly optimized MSubstr operations, which led to out-of-bo…	2024-04-16T05:01:59.571450Z
gsd-2024-3818	The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for Wor…	2024-04-16T05:01:59.566901Z
gsd-2024-3795	Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting (XS…	2024-04-16T05:01:59.565782Z
gsd-2024-3813	The format of the source doesn't require a description, click on the link for more details.	2024-04-16T05:01:59.563144Z
gsd-2024-3781	Command injection vulnerability in the operating system. Improper neutralisation of speci…	2024-04-16T05:01:59.559921Z
gsd-2024-3854	In some code patterns the JIT incorrectly optimized switch statements and generated code …	2024-04-16T05:01:59.553281Z
gsd-2024-3849	The format of the source doesn't require a description, click on the link for more details.	2024-04-16T05:01:59.546073Z
gsd-2024-3819	The format of the source doesn't require a description, click on the link for more details.	2024-04-16T05:01:59.535261Z
gsd-2024-3783	The Backup Agents section in WBSAirback 21.02.04 is affected by a Path Traversal vulnerab…	2024-04-16T05:01:59.533875Z
gsd-2024-3856	A use-after-free could occur during WASM execution if garbage collection ran during the c…	2024-04-16T05:01:59.524395Z
gsd-2024-3863	The executable file warning was not presented when downloading .xrm-ms files. *Note: Th…	2024-04-16T05:01:59.524195Z
gsd-2024-3805	The format of the source doesn't require a description, click on the link for more details.	2024-04-16T05:01:59.523985Z
gsd-2024-3789	Uncontrolled resource consumption vulnerability in White Bear Solutions WBSAirback, versi…	2024-04-16T05:01:59.519841Z
gsd-2024-3788	Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Si…	2024-04-16T05:01:59.519461Z
gsd-2024-3814	The format of the source doesn't require a description, click on the link for more details.	2024-04-16T05:01:59.515931Z
gsd-2024-3827	The format of the source doesn't require a description, click on the link for more details.	2024-04-16T05:01:59.512732Z
gsd-2024-3822	The format of the source doesn't require a description, click on the link for more details.	2024-04-16T05:01:59.503170Z
gsd-2024-3860	An out-of-memory condition during object initialization could result in an empty shape li…	2024-04-16T05:01:59.498245Z

ID	Description	Published	Updated
mal-2025-3471	Malicious code in story-mcp-hub (PyPI)	2024-07-26T16:53:30Z	2025-12-11T09:27:54Z
mal-2025-3469	Malicious code in sccket (PyPI)	2025-03-31T12:54:29Z	2025-12-11T09:27:54Z
mal-2025-3278	Malicious code in subdomainer (PyPI)	2024-07-26T16:53:30Z	2025-12-11T09:27:54Z
mal-2025-3019	Malicious code in wiki-requests (PyPI)	2025-03-09T20:47:18Z	2025-12-11T09:27:54Z
mal-2025-3018	Malicious code in whalebone7-poc (PyPI)	2024-09-06T11:29:16Z	2025-12-11T09:27:54Z
mal-2025-3017	Malicious code in web3socket (PyPI)	2025-02-17T10:36:37Z	2025-12-11T09:27:54Z
mal-2025-3016	Malicious code in web3node (PyPI)	2025-02-17T10:36:37Z	2025-12-11T09:27:54Z
mal-2025-3015	Malicious code in watchitoring (PyPI)	2025-02-13T13:18:05Z	2025-12-11T09:27:54Z
mal-2025-3014	Malicious code in w3socket (PyPI)	2025-02-17T10:36:37Z	2025-12-11T09:27:54Z
mal-2025-3011	Malicious code in transaction-analyze (PyPI)	2025-02-24T10:06:17Z	2025-12-11T09:27:54Z
mal-2025-3010	Malicious code in transaction-analysis (PyPI)	2025-02-24T10:06:17Z	2025-12-11T09:27:54Z
mal-2025-3008	Malicious code in tlsclient3 (PyPI)	2025-03-08T08:42:32Z	2025-12-11T09:27:54Z
mal-2025-3006	Malicious code in tcloud-python-test (PyPI)	2025-02-25T18:18:21Z	2025-12-11T09:27:54Z
mal-2025-3005	Malicious code in szn-search-mlops-serp-downloader (PyPI)	2024-07-26T16:53:30Z	2025-12-11T09:27:54Z
mal-2025-3002	Malicious code in speedtestpython (PyPI)	2025-02-13T13:18:05Z	2025-12-11T09:27:54Z
mal-2025-3000	Malicious code in solders-utils (PyPI)	2025-02-21T21:50:10Z	2025-12-11T09:27:54Z
mal-2025-2999	Malicious code in solana-utils (PyPI)	2025-02-21T21:50:10Z	2025-12-11T09:27:54Z
mal-2025-2012	Malicious code in web3imports (PyPI)	2025-02-01T00:45:27Z	2025-12-11T09:27:54Z
mal-2025-2011	Malicious code in wasig4321 (PyPI)	2024-07-26T16:53:30Z	2025-12-11T09:27:54Z
mal-2025-2010	Malicious code in waseem4321 (PyPI)	2024-07-26T16:53:30Z	2025-12-11T09:27:54Z
mal-2025-2009	Malicious code in w7-poc (PyPI)	2024-07-26T16:53:30Z	2025-12-11T09:27:54Z
mal-2025-1997	Malicious code in testospkg (PyPI)	2024-07-26T16:53:30Z	2025-12-11T09:27:54Z
mal-2025-1996	Malicious code in superline (PyPI)	2025-01-25T16:48:57Z	2025-12-11T09:27:54Z
mal-2025-191945	Malicious code in zsender (PyPI)	2025-04-20T12:05:56Z	2025-12-11T09:27:54Z
mal-2025-191944	Malicious code in zscaner (PyPI)	2025-04-20T12:05:56Z	2025-12-11T09:27:54Z
mal-2025-191943	Malicious code in zmaker (PyPI)	2025-04-20T12:05:56Z	2025-12-11T09:27:54Z
mal-2025-191942	Malicious code in zamino (PyPI)	2025-06-14T09:18:22Z	2025-12-11T09:27:54Z
mal-2025-191935	Malicious code in win32str (PyPI)	2025-06-10T20:26:30Z	2025-12-11T09:27:54Z
mal-2025-191934	Malicious code in win32evtlogutil (PyPI)	2025-06-10T20:26:30Z	2025-12-11T09:27:54Z
mal-2025-191932	Malicious code in win32con (PyPI)	2025-06-07T16:33:11Z	2025-12-11T09:27:54Z

ID	Description	Published	Updated
wid-sec-w-2022-0999	Intel Prozessoren: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen	2020-11-10T23:00:00.000+00:00	2025-10-12T22:00:00.000+00:00
wid-sec-w-2022-0609	Linux Kernel: Schwachstelle ermöglicht Erlangen von Systemrechten	2021-07-07T22:00:00.000+00:00	2025-10-12T22:00:00.000+00:00
wid-sec-w-2022-0461	CoreDNS: Mehrere Schwachstellen ermöglichen Denial of Service	2022-06-23T22:00:00.000+00:00	2025-10-12T22:00:00.000+00:00
wid-sec-w-2025-2254	Lenovo BIOS: Schwachstelle ermöglicht Codeausführung	2025-10-09T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2025-2253	Checkmk: Mehrere Schwachstellen	2025-10-09T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2025-2252	ServiceNow Now Platform (AI Platform): Mehrere Schwachstellen ermöglichen Cross-Site Scripting	2025-10-09T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2025-2250	Liferay Portal: Schwachstelle ermöglicht Cross-Site Scripting	2025-10-09T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2025-2248	BigBlueButton: Mehrere Schwachstellen	2025-10-09T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2025-2245	Grafana Image Renderer Plugin: Schwachstelle ermöglicht Codeausführung	2025-10-08T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2025-2244	Red Hat Satellite (cJSON, django, rexml): Mehrere Schwachstellen	2025-10-08T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2025-2238	Juniper JUNOS OS, Space, OS Evolved: Mehrere Schwachstellen	2025-10-08T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2025-2237	Palo Alto Networks PAN-OS: Mehrere Schwachstellen	2025-10-08T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2025-2232	Liferay Portal: Mehrere Schwachstellen ermöglichen Cross-Site Scripting	2025-10-08T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2025-2218	Flowise: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-10-06T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2025-2025	Red Hat Enterprise Linux (python-cryptography): Schwachstelle ermöglicht Denial of Service	2025-09-09T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2025-1519	Juniper JUNOS: Mehrere Schwachstellen ermöglichen Privilegieneskalation	2025-07-09T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2025-0130	vim: Schwachstelle ermöglicht Denial of Service	2025-01-20T23:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2024-1447	Squid: Schwachstelle ermöglicht Denial of Service	2024-06-24T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2022-0364	vim: Mehrere Schwachstellen	2022-05-19T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2022-0131	vim: Mehrere Schwachstellen	2022-05-30T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2022-0130	vim: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2022-05-29T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2022-0126	vim: Mehrere Schwachstellen	2022-05-10T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2022-0032	vim: Mehrere Schwachstellen ermöglichen Codeausführung	2022-03-30T22:00:00.000+00:00	2025-10-09T22:00:00.000+00:00
wid-sec-w-2025-2235	Elasticsearch: Schwachstelle ermöglicht Offenlegung von Informationen	2019-01-01T23:00:00.000+00:00	2025-10-08T22:00:00.000+00:00
wid-sec-w-2025-2234	Elasticsearch: Mehrere Schwachstellen ermöglichen Codeausführung und die Offenlegung von Informationen	2015-07-16T22:00:00.000+00:00	2025-10-08T22:00:00.000+00:00
wid-sec-w-2025-2233	Elasticsearch: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes	2015-02-11T23:00:00.000+00:00	2025-10-08T22:00:00.000+00:00
wid-sec-w-2025-2223	Liferay Portal und DXP: Mehrere Schwachstellen ermöglichen Cross-Site Scripting	2025-10-07T22:00:00.000+00:00	2025-10-08T22:00:00.000+00:00
wid-sec-w-2023-1612	Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation	2023-06-29T22:00:00.000+00:00	2025-10-08T22:00:00.000+00:00
wid-sec-w-2023-0063	Juniper Junos Space: Mehrere Schwachstellen	2022-01-12T23:00:00.000+00:00	2025-10-08T22:00:00.000+00:00
wid-sec-w-2025-2225	IBM InfoSphere Data Replication: Schwachstelle ermöglicht Codeausführung	2025-10-07T22:00:00.000+00:00	2025-10-07T22:00:00.000+00:00

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated
rhsa-2023:2340	Red Hat Security Advisory: libtiff security update	2023-05-09T10:02:52+00:00	2026-01-22T15:21:08+00:00
rhba-2024:0928	Red Hat Bug Fix Advisory: MTV 2.5.5 Images	2024-02-20T15:58:35+00:00	2026-01-22T15:21:02+00:00
rhba-2026:0860	Red Hat Bug Fix Advisory: open-vm-tools bug fix and enhancement update	2026-01-20T14:46:22+00:00	2026-01-22T12:57:05+00:00
rhba-2025:20841	Red Hat Bug Fix Advisory: open-vm-tools bug fix and enhancement update	2025-11-11T09:19:58+00:00	2026-01-22T12:57:00+00:00
rhsa-2026:0755	Red Hat Security Advisory: kernel security update	2026-01-19T01:39:54+00:00	2026-01-22T12:24:11+00:00
rhsa-2026:0754	Red Hat Security Advisory: kernel-rt security update	2026-01-19T01:18:28+00:00	2026-01-22T12:24:06+00:00
rhsa-2025:18098	Red Hat Security Advisory: kernel-rt security update	2025-10-15T11:39:50+00:00	2026-01-22T12:24:01+00:00
rhsa-2025:18054	Red Hat Security Advisory: kernel security update	2025-10-15T07:08:30+00:00	2026-01-22T12:24:01+00:00
rhsa-2025:17734	Red Hat Security Advisory: kernel security update	2025-10-13T00:28:33+00:00	2026-01-22T12:24:01+00:00
rhsa-2025:17241	Red Hat Security Advisory: kernel security update	2025-10-02T10:07:46+00:00	2026-01-22T12:24:01+00:00
rhsa-2025:15011	Red Hat Security Advisory: kernel security update	2025-09-02T07:19:50+00:00	2026-01-22T12:24:01+00:00
rhsa-2025:15005	Red Hat Security Advisory: kernel security update	2025-09-02T06:55:20+00:00	2026-01-22T12:24:01+00:00
rhsa-2025:0664	Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.35.0 security update & enhancements	2025-01-23T13:02:37+00:00	2026-01-22T10:29:06+00:00
rhsa-2024:9615	Red Hat Security Advisory: OpenShift Container Platform 4.16.23 bug fix and security update	2024-11-20T00:46:32+00:00	2026-01-22T10:28:25+00:00
rhsa-2024:8704	Red Hat Security Advisory: Kube Descheduler Operator for Red Hat OpenShift 5.0.2 for RHEL 9	2024-12-02T14:11:34+00:00	2026-01-22T10:28:21+00:00
rhsa-2024:8434	Red Hat Security Advisory: OpenShift Container Platform 4.17.3 security update	2024-10-29T17:50:43+00:00	2026-01-22T10:28:15+00:00
rhsa-2024:8415	Red Hat Security Advisory: OpenShift Container Platform 4.16.19 bug fix and security update	2024-10-30T01:12:50+00:00	2026-01-22T10:28:12+00:00
rhsa-2024:7941	Red Hat Security Advisory: OpenShift Container Platform 4.13.z security update	2024-10-16T20:30:11+00:00	2026-01-22T10:28:04+00:00
rhsa-2024:7187	Red Hat Security Advisory: OpenShift Container Platform 4.14.38 security update	2024-10-03T11:24:56+00:00	2026-01-22T10:28:00+00:00
rhsa-2024:7182	Red Hat Security Advisory: OpenShift Container Platform 4.15.35 packages and security update	2024-10-02T06:08:52+00:00	2026-01-22T10:27:54+00:00
rhsa-2024:7174	Red Hat Security Advisory: OpenShift Container Platform 4.16.15 bug fix and security update	2024-10-02T05:27:44+00:00	2026-01-22T10:27:54+00:00
rhsa-2024:6824	Red Hat Security Advisory: OpenShift Container Platform 4.16.14 security update	2024-09-24T15:28:01+00:00	2026-01-22T10:27:52+00:00
rhsa-2024:6818	Red Hat Security Advisory: OpenShift Container Platform 4.15.34 bug fix and security update	2024-09-25T13:59:31+00:00	2026-01-22T10:27:50+00:00
rhsa-2024:6708	Red Hat Security Advisory: ACS 4.5 enhancement and security update	2024-09-16T18:26:56+00:00	2026-01-22T10:27:47+00:00
rhsa-2024:5951	Red Hat Security Advisory: OpenShift Virtualization 4.15.5 Images	2024-08-28T16:28:45+00:00	2026-01-22T10:27:33+00:00
rhsa-2024:5422	Red Hat Security Advisory: OpenShift Container Platform 4.16.8 bug fix and security update	2024-08-20T15:21:42+00:00	2026-01-22T10:27:32+00:00
rhsa-2024:5054	Red Hat Security Advisory: OpenShift Virtualization 4.16.1 Images security update	2024-08-06T16:21:05+00:00	2026-01-22T10:27:30+00:00
rhsa-2024:4850	Red Hat Security Advisory: OpenShift Container Platform 4.15.24 bug fix and security update	2024-07-31T00:28:34+00:00	2026-01-22T10:27:21+00:00
rhsa-2024:4626	Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.11.6 security update	2024-07-18T13:37:38+00:00	2026-01-22T10:27:21+00:00
rhsa-2024:4246	Red Hat Security Advisory: container-tools security update	2024-07-02T15:45:28+00:00	2026-01-22T10:27:10+00:00

ID	Description	Published	Updated
icsa-24-046-05	Siemens Location Intelligence	2024-02-13T00:00:00.000000Z	2024-02-13T00:00:00.000000Z
icsa-24-046-04	Siemens CP343-1 Devices	2024-02-13T00:00:00.000000Z	2024-02-13T00:00:00.000000Z
icsa-24-046-03	Siemens SIMATIC RTLS Gateways	2024-02-13T00:00:00.000000Z	2024-02-13T00:00:00.000000Z
icsa-24-046-02	Siemens SIDIS Prime	2024-02-13T00:00:00.000000Z	2024-02-13T00:00:00.000000Z
icsa-21-222-05	Siemens Industrial Products Intel CPUs (Update F)	2021-08-10T00:00:00.000000Z	2024-02-13T00:00:00.000000Z
icsa-24-039-01	Qolsys IQ Panel 4, IQ4 HUB	2024-02-08T07:00:00.000000Z	2024-02-08T07:00:00.000000Z
icsa-23-082-06	ProPump and Controls Osprey Pump Controller (Update A)	2023-03-23T06:00:00.000000Z	2024-02-08T07:00:00.000000Z
icsa-24-037-02	HID Global Reader Configuration Cards	2024-02-06T07:00:00.000000Z	2024-02-06T07:00:00.000000Z
icsa-24-037-01	HID Global Encoders	2024-02-06T07:00:00.000000Z	2024-02-06T07:00:00.000000Z
icsa-24-032-03	AVEVA Edge products (formerly known as InduSoft Web Studio)	2024-02-01T07:00:00.000000Z	2024-02-01T07:00:00.000000Z
icsa-24-030-07	Rockwell Automation LP30/40/50 and BM40 Operator Interface	2024-01-30T07:00:00.000000Z	2024-01-30T07:00:00.000000Z
icsa-24-030-06	Rockwell Automation FactoryTalk Service Platform	2024-01-30T07:00:00.000000Z	2024-01-30T07:00:00.000000Z
icsa-24-030-05	Rockwell Automation ControlLogix and GuardLogix	2024-01-30T07:00:00.000000Z	2024-01-30T07:00:00.000000Z
icsa-24-030-04	Hitron Systems Security Camera DVR	2024-01-30T07:00:00.000000Z	2024-01-30T07:00:00.000000Z
icsa-24-030-03	Mitsubishi Electric MELSEC WS Series Ethernet Interface Module	2024-01-30T07:00:00.000000Z	2024-01-30T07:00:00.000000Z
icsa-23-208-03	Mitsubishi Electric CNC Series (Update E)	2023-07-27T06:00:00.000000Z	2024-01-30T07:00:00.000000Z
icsa-24-025-02	SystemK NVR 504/508/516	2024-01-25T07:00:00.000000Z	2024-01-25T07:00:00.000000Z
icsa-24-025-01	MachineSense FeverWarn	2024-01-25T07:00:00.000000Z	2024-01-25T07:00:00.000000Z
icsma-24-023-01	Orthanc Osimis DICOM Web Viewer	2024-01-23T07:00:00.000000Z	2024-01-23T07:00:00.000000Z
icsa-24-023-05	Lantronix XPort	2024-01-23T07:00:00.000000Z	2024-01-23T07:00:00.000000Z
icsa-24-023-04	Westermo Lynx 206-F2G	2024-01-23T07:00:00.000000Z	2024-01-23T07:00:00.000000Z
icsa-24-023-03	Voltronic Power ViewPower Pro	2024-01-23T07:00:00.000000Z	2024-01-23T07:00:00.000000Z
icsa-24-023-02	Crestron AM-300	2024-01-23T07:00:00.000000Z	2024-01-23T07:00:00.000000Z
icsa-24-023-01	APsystems Energy Communication Unit (ECU-C) Power Control Software	2024-01-23T07:00:00.000000Z	2024-01-23T07:00:00.000000Z
icsa-25-021-01	Traffic Alert and Collision Avoidance System (TCAS) II	2024-01-21T07:00:00.000000Z	2024-01-21T07:00:00.000000Z
icsa-24-018-01	AVEVA PI Server	2024-01-18T07:00:00.000000Z	2024-01-18T07:00:00.000000Z
icsa-24-011-05	Schneider Electric Easergy Studio	2024-01-11T07:00:00.000000Z	2024-01-11T07:00:00.000000Z
icsa-24-011-04	Horner Automation Cscape	2024-01-11T07:00:00.000000Z	2024-01-11T07:00:00.000000Z
icsa-24-011-03	Rapid Software LLC Rapid SCADA	2024-01-11T07:00:00.000000Z	2024-01-11T07:00:00.000000Z
icsa-23-348-01	Cambium ePMP 5GHz Force 300-25 Radio (Update A)	2023-12-14T07:00:00.000000Z	2024-01-09T07:00:00.000000Z

ID	Description	Published	Updated
cisco-sa-20190925-webui-cmd-injection	Cisco IOS XE Software Web UI Command Injection Vulnerabilities	2019-09-25T16:00:00+00:00	2019-10-14T18:25:06+00:00
cisco-sa-20191002-ftd-fpmc-dos	Cisco FTD, FMC, and FXOS Software Pluggable Authentication Module Denial of Service Vulnerability	2019-10-02T16:00:00+00:00	2019-10-09T14:08:32+00:00
cisco-sa-20190828-nxos-fsip-dos	Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability	2019-08-28T16:00:00+00:00	2019-10-08T14:45:56+00:00
cisco-sa-20190828-fxnxos-snmp-dos	Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability	2019-08-28T16:00:00+00:00	2019-10-08T14:45:55+00:00
cisco-sa-20190828-ucs-privescalation	Cisco Unified Computing System Fabric Interconnect root Privilege Escalation Vulnerability	2019-08-28T16:00:00+00:00	2019-10-08T14:45:54+00:00
cisco-sa-20190828-nxos-memleak-dos	Cisco NX-OS Software Remote Management Memory Leak Denial of Service Vulnerability	2019-08-28T16:00:00+00:00	2019-10-08T14:45:53+00:00
cisco-sa-20190828-nxos-ntp-dos	Cisco NX-OS Software Network Time Protocol Denial of Service Vulnerability	2019-08-28T16:00:00+00:00	2019-10-08T14:45:52+00:00
cisco-sa-20191002-asa-scp-dos	Cisco Adaptive Security Appliance Software Secure Copy Denial of Service Vulnerability	2019-10-02T16:00:00+00:00	2019-10-07T15:13:20+00:00
cisco-sa-20190925-sip-dos	Cisco IOS and IOS XE Software Session Initiation Protocol Denial of Service Vulnerability	2019-09-25T16:00:00+00:00	2019-10-04T22:21:48+00:00
cisco-sa-20191002-fmc-rce-12689	Cisco Firepower Management Center Remote Code Execution Vulnerability	2019-10-02T16:00:00+00:00	2019-10-02T23:28:51+00:00
cisco-sa-20191002-fmc-sql-inj	Cisco Firepower Management Center SQL Injection Vulnerabilities	2019-10-02T16:00:00+00:00	2019-10-02T23:28:50+00:00
cisco-sa-20191002-uccx-http	Cisco Unified Contact Center Express HTTP Response Splitting Vulnerability	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-sm-java-deserial	Cisco Security Manager Java Deserialization Vulnerability	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-pi-xss-12712	Cisco Prime Infrastructure Cross-Site Scripting Vulnerability	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-ic3000-icg-dos	Cisco IC3000 Industrial Compute Gateway Denial of Service Vulnerability	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-fxos-cmd-inject	Cisco FXOS Software and Firepower Threat Defense Software Command Injection Vulnerabilities	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-ftd-container-esc	Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-ftd-cmdinj	Cisco Firepower Threat Defense Software Command Injection Vulnerability	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-fmc-dir-trav	Cisco Firepower Management Center Directory Traversal Vulnerability	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-firepwr-bypass	Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-fire-bypass	Cisco Firepower Management Center Software File and Malware Policy Bypass Vulnerability	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-cucm-xss-12716	Cisco Unified Communications Manager Cross-Site Scripting Vulnerability	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-cucm-xss-12715	Cisco Unified Communications Manager Cross-Site Scripting Vulnerability	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-cuc-xss	Multiple Cisco Unified Communications Products Cross-Site Scripting Vulnerability	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-cuc-inject	Cisco Unified Communications Manager SQL Injection Vulnerability	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-asa-xss	Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerability	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-asa-ssl-vpn-dos	Cisco Adaptive Security Appliance Software SSL VPN Denial of Service Vulnerability	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-asa-ftd-sip-dos	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-asa-ftd-ikev1-dos	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00
cisco-sa-20191002-asa-ftd-dos	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CPU Denial of Service Vulnerability	2019-10-02T16:00:00+00:00	2019-10-02T16:00:00+00:00

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated
msrc_cve-2022-31144	Potential heap overflow in Redis	2022-07-02T00:00:00.000Z	2025-10-01T23:11:17.000Z
msrc_cve-2022-3114	An issue was discovered in the Linux kernel through 5.16-rc6. imx_register_uart_clocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc() and will cause the null pointer dereference.	2022-12-02T00:00:00.000Z	2025-10-01T23:11:17.000Z
msrc_cve-2022-2961	A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function. This flaw allows a local user to crash or potentially escalate their privileges on the system.	2022-08-02T00:00:00.000Z	2025-10-01T23:11:17.000Z
msrc_cve-2022-28066	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-26280. Reason: This candidate is a duplicate of CVE-2022-26280. Notes: All CVE users should reference CVE-2022-26280 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage	2022-05-02T00:00:00.000Z	2025-10-01T23:11:16.000Z
msrc_cve-2022-25857	Denial of Service (DoS)	2022-08-02T00:00:00.000Z	2025-10-01T23:11:16.000Z
msrc_cve-2022-25345	Denial of Service (DoS)	2022-06-02T00:00:00.000Z	2025-10-01T23:11:16.000Z
msrc_cve-2022-21628	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run o	2022-10-02T00:00:00.000Z	2025-10-01T23:11:16.000Z
msrc_cve-2022-21626	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplie	2022-10-02T00:00:00.000Z	2025-10-01T23:11:15.000Z
msrc_cve-2022-21624	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web	2022-10-02T00:00:00.000Z	2025-10-01T23:11:15.000Z
msrc_cve-2022-21619	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a	2022-10-02T00:00:00.000Z	2025-10-01T23:11:15.000Z
msrc_cve-2022-21541	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Com	2022-07-02T00:00:00.000Z	2025-10-01T23:11:15.000Z
msrc_cve-2022-21540	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which	2022-07-02T00:00:00.000Z	2025-10-01T23:11:14.000Z
msrc_cve-2022-20001	Injection in fish	2022-03-02T00:00:00.000Z	2025-10-01T23:11:14.000Z
msrc_cve-2022-1966	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-32250. Reason: This candidate is a duplicate of CVE-2022-32250. Notes: All CVE users should reference CVE-2022-32250 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.	2022-06-02T00:00:00.000Z	2025-10-01T23:11:14.000Z
msrc_cve-2022-1615	In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.	2022-09-02T00:00:00.000Z	2025-10-01T23:11:13.000Z
msrc_cve-2022-1249	A NULL pointer dereference flaw was found in pesign's cms_set_pw_data() function of the cms_common.c file. The function fails to handle the NULL pwdata invocation from daemon.c, which leads to an explicit NULL dereference and crash on all attempts to daemonize pesign.	2022-04-02T00:00:00.000Z	2025-10-01T23:11:13.000Z
msrc_cve-2022-0480	A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface (POSIX) file locks.	2022-08-02T00:00:00.000Z	2025-10-01T23:11:13.000Z
msrc_cve-2022-0216	A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout function. This flaw allows a malicious privileged user within the guest to crash the QEMU process on the host, resulting in a denial of service.	2022-08-02T00:00:00.000Z	2025-10-01T23:11:13.000Z
msrc_cve-2021-44038	An issue was discovered in Quagga through 1.2.4. Unsafe chown/chmod operations in the suggested spec file allow users (with control of the non-root-owned directory /etc/quagga) to escalate their privileges to root upon package installation or update.	2021-11-02T00:00:00.000Z	2025-10-01T23:11:12.000Z
msrc_cve-2021-41186	ReDoS vulnerability in parser_apache2	2021-10-02T00:00:00.000Z	2025-10-01T23:11:12.000Z
msrc_cve-2021-3996	A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves (like /tmp) or mounted in a world-writable directory. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.	2022-08-02T00:00:00.000Z	2025-10-01T23:11:12.000Z
msrc_cve-2021-3995	A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to unmount FUSE filesystems that belong to certain other users who have a UID that is a prefix of the UID of the attacker in its string form. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.	2022-08-02T00:00:00.000Z	2025-10-01T23:11:12.000Z
msrc_cve-2021-3773	A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.	2022-02-02T00:00:00.000Z	2025-10-01T23:11:11.000Z
msrc_cve-2021-37714	Crafted input may cause the jsoup HTML and XML parser to get stuck, timeout, or throw unchecked exceptions	2021-08-02T00:00:00.000Z	2025-10-01T23:11:11.000Z
msrc_cve-2021-3716	A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBD_OPT_STRUCTURED_REPLY before proxying everything else a client sends to the server, potentially leading the client to terminate the NBD session. The highest threat from this vulnerability is to system availability.	2022-03-02T00:00:00.000Z	2025-10-01T23:11:11.000Z
msrc_cve-2021-3670	MaxQueryDuration not honoured in Samba AD DC LDAP	2022-08-02T00:00:00.000Z	2025-10-01T23:11:11.000Z
msrc_cve-2021-3634	A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secret_hash and the other session_id. Initially, both of them are the same, but after key re-exchange, previous session_id is kept and used as an input to new secret_hash. Historically, both of these buffers had shared length variable, which worked as long as these buffers were same. But the key re-exchange operation can also change the key exchange method, which can be based on hash of different size, eventually creating "secret_hash" of different size than the session_id has. This becomes an issue when the session_id memory is zeroed or when it is used again during second key re-exchange.	2021-08-02T00:00:00.000Z	2025-10-01T23:11:10.000Z
msrc_cve-2021-3571	A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync message to cause an information leak or crash. The highest threat from this vulnerability is to data confidentiality and system availability. This flaw affects linuxptp versions before 3.1.1 and before 2.0.1.	2021-07-02T00:00:00.000Z	2025-10-01T23:11:10.000Z
msrc_cve-2021-3544	Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c due to improper release of memory (i.e., free) after effective lifetime.	2021-06-02T00:00:00.000Z	2025-10-01T23:11:10.000Z
msrc_cve-2021-3507	A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host resulting in DoS scenario, or potential information leakage from the host memory.	2021-05-02T00:00:00.000Z	2025-10-01T23:11:10.000Z

ID	Description	Published	Updated

ID	Description	Updated
var-202309-0296	D-Link DAP-1325 HNAP SetHostIPv6StaticSettings StaticAddress Command Injection Remote Cod…	2025-11-26T22:32:47.664000Z
var-200609-1704	The FTP server in Apple Mac OS X 10.4.8 and earlier, when FTP Access is enabled, will cra…	2025-11-26T22:27:39.377000Z
var-200609-1220	The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.…	2025-11-26T22:15:59.356000Z
var-200609-1255	The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not properly prioritize…	2025-11-26T22:12:52.407000Z
var-200609-0808	The Apple Type Services (ATS) server in Mac OS X 10.4.8 and earlier does not securely cre…	2025-11-26T21:57:16.245000Z
var-201409-1154	GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the value…	2025-11-26T21:38:49.409000Z
var-200609-0852	The VPN service in Apple Mac OS X 10.3.x through 10.3.9 and 10.4.x through 10.4.8 does no…	2025-11-26T21:08:33.113000Z
var-200609-1595	Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, whe…	2025-11-26T20:36:29.529000Z
var-200110-0402	OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key…	2025-11-26T20:13:53.301000Z
var-202510-4376	Missing Initial Password Change.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: thro…	2025-11-25T23:05:21.365000Z
var-200609-1080	WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 allows remote atta…	2025-11-25T22:26:16.830000Z
var-200609-0787	The Airport driver for certain Orinoco based Airport cards in Darwin kernel 8.8.0 in Appl…	2025-11-25T22:15:28.375000Z
var-202302-0195	The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "na…	2025-11-25T21:51:07.974000Z
var-200609-1560	OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a de…	2025-11-25T21:23:54.275000Z
var-202509-0004	A security vulnerability has been detected in Tenda W12 up to 3.0.0.6(3948). Affected is …	2025-11-25T00:05:03.112000Z
var-202510-3717	Server Version Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.…	2025-11-25T00:03:11.153000Z
var-202211-1361	Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function fromSetRouteStatic.…	2025-11-24T23:47:53.598000Z
var-202211-1487	Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetMacFilterCfg…	2025-11-24T23:47:53.575000Z
var-202511-1019	Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the urls paramete…	2025-11-24T23:41:05.638000Z
var-202505-2378	FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ruleNameke…	2025-11-24T23:37:19.943000Z
var-202001-0784	Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network …	2025-11-24T23:31:27.878000Z
var-200609-1055	The Installer application in Apple Mac OS X 10.4.8 and earlier, when used by a user with …	2025-11-24T23:23:34.185000Z
var-200110-0224	OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a de…	2025-11-24T23:15:18.370000Z
var-200609-1416	Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.…	2025-11-24T22:25:19.396000Z
var-202510-3391	Logout Functionality not Working.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: thr…	2025-11-23T23:58:45.670000Z
var-202511-0360	A stack-based buffer overflow vulnerability was discovered in Tenda AC18 v15.03.05.05_mul…	2025-11-23T23:58:45.597000Z
var-202510-2546	Outdated and Vulnerable UI Dependencies might potentially lead to exploitation.This issue…	2025-11-23T23:57:47.230000Z
var-202510-2966	Error Messages Wrapped In HTTP Header.This issue affects BLU-IC2: through 1.19.5; BLU-IC4…	2025-11-23T23:57:47.202000Z
var-202510-4373	Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.…	2025-11-23T23:57:47.142000Z
var-202511-1827	Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the deviceId para…	2025-11-23T23:57:46.958000Z

ID	Description	Published	Updated
jvndb-2016-000042	baserCMS plugin "Menubook Plugin" vulnerable to cross-site scripting	2016-04-06T15:29+09:00	2016-04-08T16:51+09:00
jvndb-2016-000041	baserCMS plugin "Recruit Plugin" vulnerable to cross-site request forgery	2016-04-06T15:29+09:00	2016-04-08T16:51+09:00
jvndb-2016-000040	baserCMS plugin "Recruit Plugin" vulnerable to cross-site scripting	2016-04-06T15:29+09:00	2016-04-08T16:51+09:00
jvndb-2016-000039	AQUOS Photo Player HN-PP150 vulnerable to cross-site request forgery	2016-04-04T15:30+09:00	2016-04-07T12:05+09:00
jvndb-2016-000037	WisePoint contains issue in preventing clickjacking attacks	2016-04-04T15:30+09:00	2016-04-07T12:05+09:00
jvndb-2016-001559	Information Disclosure Vulnerability in Hitachi Compute Systems Manager	2016-03-07T17:00+09:00	2016-03-31T17:50+09:00
jvndb-2016-000034	WordPress plugin "WP Favorite Posts" vulnerable to cross-site scripting	2016-03-24T12:28+09:00	2016-03-29T15:40+09:00
jvndb-2016-000015	EXPRESSCLUSTER X vulnerable to directory traversal	2016-01-29T13:45+09:00	2016-03-16T14:24+09:00
jvndb-2016-000032	Multiple Corega wireless LAN routers vulnerable to cross-site request forgery	2016-03-02T14:52+09:00	2016-03-16T13:46+09:00
jvndb-2016-000006	Multiple Buffalo network devices vulnerable to cross-site scripting	2016-01-22T14:36+09:00	2016-03-10T17:53+09:00
jvndb-2016-000005	Multiple Buffalo network devices vulnerable to cross-site request forgery	2016-01-22T14:36+09:00	2016-03-10T17:53+09:00
jvndb-2016-000029	LINE for Windows and LINE for Mac OS vulnerable to denial-of-service (DoS)	2016-02-19T14:43+09:00	2016-03-10T17:39+09:00
jvndb-2016-000030	baserCMS vulnerable to OS command injection	2016-02-19T14:39+09:00	2016-03-07T15:51+09:00
jvndb-2016-000017	JOB-CUBE vulnerable to cross-site scripting	2016-01-29T14:06+09:00	2016-03-04T17:47+09:00
jvndb-2016-000027	EC-CUBE plugin "Help plug-in" vulnerable to SQL injection	2016-02-19T14:42+09:00	2016-03-03T17:51+09:00
jvndb-2014-005987	Multiple Vulnerabilities in JP1/Cm2/Network Node Manager i	2014-12-16T17:31+09:00	2016-02-26T17:52+09:00
jvndb-2014-005986	Multiple buffer overflows in Hitachi JP1/Cm2/Network Node Manager i	2014-12-16T17:30+09:00	2016-02-26T17:32+09:00
jvndb-2016-000031	Log-Chat vulnerable to cross-site scripting	2016-02-22T14:56+09:00	2016-02-25T15:10+09:00
jvndb-2016-000025	Cybozu Office vulnerable to open redirect	2016-02-15T16:20+09:00	2016-02-23T16:32+09:00
jvndb-2016-000024	Cybozu Office vulnerable to cross-site request forgery	2016-02-15T16:20+09:00	2016-02-23T16:32+09:00
jvndb-2016-000023	Cybozu Office access restriction bypass vulnerability	2016-02-15T15:45+09:00	2016-02-23T16:32+09:00
jvndb-2016-000022	Cybozu Office vulnerable to information disclosure	2016-02-15T15:44+09:00	2016-02-23T16:32+09:00
jvndb-2016-000021	Cybozu Office vulnerable to information disclosure	2016-02-15T15:44+09:00	2016-02-23T16:32+09:00
jvndb-2016-000020	Cybozu Office vulnerable to denial-of-service (DoS)	2016-02-15T15:43+09:00	2016-02-23T16:32+09:00
jvndb-2016-000028	Internet Explorer cross-domain policy bypass	2016-02-19T14:39+09:00	2016-02-23T11:23+09:00
jvndb-2016-000012	HOME SPOT CUBE vulnerable to OS command injection	2016-01-27T14:40+09:00	2016-02-16T17:26+09:00
jvndb-2016-000011	HOME SPOT CUBE vulnerable to clickjacking	2016-01-27T14:40+09:00	2016-02-16T17:26+09:00
jvndb-2016-000010	HOME SPOT CUBE vulnerable to cross-site request forgery	2016-01-27T14:40+09:00	2016-02-16T17:26+09:00
jvndb-2016-000009	HOME SPOT CUBE vulnerable to HTTP header injection	2016-01-27T14:40+09:00	2016-02-16T17:26+09:00
jvndb-2016-000008	HOME SPOT CUBE vulnerable to open redirect	2016-01-27T14:40+09:00	2016-02-16T17:26+09:00

ID	Description	Updated

ID	Description	Published	Updated
suse-su-2025:02369-1	Security update for FastCGI	2025-07-18T12:41:09Z	2025-07-18T12:41:09Z
suse-su-2025:02368-1	Security update for MozillaThunderbird	2025-07-18T12:37:54Z	2025-07-18T12:37:54Z
suse-su-2025:02367-1	Security update for gimp	2025-07-18T12:37:01Z	2025-07-18T12:37:01Z
suse-su-2025:20498-1	Security update for the Linux Kernel	2025-07-18T12:21:16Z	2025-07-18T12:21:16Z
suse-su-2025:02366-1	Security update for docker	2025-07-18T12:08:51Z	2025-07-18T12:08:51Z
suse-su-2025:20499-1	Security update for kernel-livepatch-MICRO-6-0-RT_Update_10	2025-07-18T10:58:20Z	2025-07-18T10:58:20Z
suse-su-2025:20486-1	Security update for kernel-livepatch-MICRO-6-0-RT_Update_10	2025-07-18T10:58:20Z	2025-07-18T10:58:20Z
suse-su-2025:20483-1	Security update for the Linux Kernel	2025-07-18T09:48:24Z	2025-07-18T09:48:24Z
suse-su-2025:02362-1	Security update for coreutils	2025-07-18T09:07:36Z	2025-07-18T09:07:36Z
suse-su-2025:02358-1	Security update for python311	2025-07-17T14:16:03Z	2025-07-17T14:16:03Z
suse-su-2025:02357-1	Security update for poppler	2025-07-17T14:15:52Z	2025-07-17T14:15:52Z
suse-su-2025:02356-1	Security update for poppler	2025-07-17T14:14:36Z	2025-07-17T14:14:36Z
suse-su-2025:02355-1	Security update for libxml2	2025-07-17T13:02:49Z	2025-07-17T13:02:49Z
suse-su-2025:02354-1	Security update for coreutils	2025-07-17T12:36:15Z	2025-07-17T12:36:15Z
suse-su-2025:02353-1	Security update for coreutils	2025-07-17T12:35:46Z	2025-07-17T12:35:46Z
suse-su-2025:02352-1	Security update for ffmpeg	2025-07-17T12:33:21Z	2025-07-17T12:33:21Z
suse-su-2025:02351-1	Security update for kubernetes1.25	2025-07-17T12:32:49Z	2025-07-17T12:32:49Z
suse-su-2025:02349-1	Security update for bind	2025-07-17T11:47:22Z	2025-07-17T11:47:22Z
suse-su-2025:02340-1	Security update for gnutls	2025-07-17T09:04:04Z	2025-07-17T09:04:04Z
suse-su-2025:02339-1	Security update for MozillaFirefox, MozillaFirefox-branding-SLE	2025-07-17T08:52:26Z	2025-07-17T08:52:26Z
suse-su-2025:02289-2	Security update for docker	2025-07-16T15:47:57Z	2025-07-16T15:47:57Z
suse-su-2025:01835-2	Security update for transfig	2025-07-16T14:52:18Z	2025-07-16T14:52:18Z
suse-su-2025:02336-1	Security update for kubernetes1.27	2025-07-16T14:50:25Z	2025-07-16T14:50:25Z
suse-su-2025:01811-2	Security update for gnuplot	2025-07-16T14:49:36Z	2025-07-16T14:49:36Z
suse-su-2025:02335-1	Security update for the Linux Kernel	2025-07-16T14:44:37Z	2025-07-16T14:44:37Z
suse-su-2025:02334-1	Security update for the Linux Kernel	2025-07-16T13:46:06Z	2025-07-16T13:46:06Z
suse-su-2025:02333-1	Security update for the Linux Kernel	2025-07-16T12:53:19Z	2025-07-16T12:53:19Z
suse-su-2025:02332-1	Security update for erlang	2025-07-16T12:35:05Z	2025-07-16T12:35:05Z
suse-su-2025:02331-1	Security update for erlang26	2025-07-16T12:34:34Z	2025-07-16T12:34:34Z
suse-su-2025:02330-1	Security update for rmt-server	2025-07-16T11:10:11Z	2025-07-16T11:10:11Z

ID	Description	Published	Updated
opensuse-su-2024:0254-2	Security update for chromium, gn, rust-bindgen	2024-08-18T22:20:17Z	2024-08-18T22:20:17Z
opensuse-su-2024:0253-1	Security update for python-Pillow	2024-08-18T16:01:19Z	2024-08-18T16:01:19Z
opensuse-su-2024:0252-1	Security update for opera	2024-08-18T14:01:24Z	2024-08-18T14:01:24Z
opensuse-su-2024:14273-1	element-desktop-1.11.73-1.1 on GA media	2024-08-18T00:00:00Z	2024-08-18T00:00:00Z
opensuse-su-2024:14272-1	chromedriver-127.0.6533.119-1.1 on GA media	2024-08-18T00:00:00Z	2024-08-18T00:00:00Z
opensuse-su-2024:14271-1	nginx-1.27.1-1.1 on GA media	2024-08-17T00:00:00Z	2024-08-17T00:00:00Z
opensuse-su-2024:0244-1	Security update for apptainer	2024-08-16T04:02:52Z	2024-08-16T04:02:52Z
opensuse-su-2024:0243-1	Security update for python-aiosmtpd	2024-08-16T04:02:47Z	2024-08-16T04:02:47Z
opensuse-su-2024:14270-1	libunbound8-1.21.0-1.1 on GA media	2024-08-16T00:00:00Z	2024-08-16T00:00:00Z
opensuse-su-2024:14269-1	bubblewrap-0.10.0-1.1 on GA media	2024-08-16T00:00:00Z	2024-08-16T00:00:00Z
opensuse-su-2024:0242-1	Security update for opera	2024-08-15T15:07:36Z	2024-08-15T15:07:36Z
opensuse-su-2024:14268-1	ucode-intel-20240813-1.1 on GA media	2024-08-15T00:00:00Z	2024-08-15T00:00:00Z
opensuse-su-2024:14267-1	klp-build-0~20240812.ad9f0e0-1.1 on GA media	2024-08-14T00:00:00Z	2024-08-14T00:00:00Z
opensuse-su-2024:14266-1	kernel-firmware-all-20240809-1.1 on GA media	2024-08-14T00:00:00Z	2024-08-14T00:00:00Z
opensuse-su-2024:14265-1	java-21-openj9-21.0.4.0-1.1 on GA media	2024-08-13T00:00:00Z	2024-08-13T00:00:00Z
opensuse-su-2024:14264-1	java-1_8_0-openj9-1.8.0.422-1.1 on GA media	2024-08-13T00:00:00Z	2024-08-13T00:00:00Z
opensuse-su-2024:14263-1	java-17-openj9-17.0.12.0-1.1 on GA media	2024-08-13T00:00:00Z	2024-08-13T00:00:00Z
opensuse-su-2024:14262-1	java-11-openj9-11.0.24.0-1.1 on GA media	2024-08-13T00:00:00Z	2024-08-13T00:00:00Z
opensuse-su-2024:14261-1	curl-8.9.1-1.1 on GA media	2024-08-13T00:00:00Z	2024-08-13T00:00:00Z
opensuse-su-2024:14260-1	MozillaFirefox-129.0-1.1 on GA media	2024-08-13T00:00:00Z	2024-08-13T00:00:00Z
opensuse-su-2024:14259-1	libzzip-0-13-0.13.78-1.1 on GA media	2024-08-11T00:00:00Z	2024-08-11T00:00:00Z
opensuse-su-2024:14258-1	traefik2-2.11.8-1.1 on GA media	2024-08-10T00:00:00Z	2024-08-10T00:00:00Z
opensuse-su-2024:14257-1	traefik-3.1.2-1.1 on GA media	2024-08-10T00:00:00Z	2024-08-10T00:00:00Z
opensuse-su-2024:14256-1	python38-3.8.19-7.1 on GA media	2024-08-10T00:00:00Z	2024-08-10T00:00:00Z
opensuse-su-2024:14255-1	python311-3.11.9-6.1 on GA media	2024-08-10T00:00:00Z	2024-08-10T00:00:00Z
opensuse-su-2024:14254-1	python310-3.10.14-6.1 on GA media	2024-08-10T00:00:00Z	2024-08-10T00:00:00Z
opensuse-su-2024:14253-1	python39-3.9.19-6.1 on GA media	2024-08-09T00:00:00Z	2024-08-09T00:00:00Z
opensuse-su-2024:14252-1	ksh-93vu-10.1 on GA media	2024-08-09T00:00:00Z	2024-08-09T00:00:00Z
opensuse-su-2024:14251-1	ansible-core-2.16-2.16.9-1.1 on GA media	2024-08-09T00:00:00Z	2024-08-09T00:00:00Z
opensuse-su-2024:14250-1	MozillaThunderbird-115.14.0-1.1 on GA media	2024-08-09T00:00:00Z	2024-08-09T00:00:00Z

ID	Description	Published	Updated

ID	Description	Published	Updated
cnvd-2025-26797	Google Android权限提升漏洞	2025-09-08	2025-11-03
cnvd-2025-26796	Google Android缺少权限检漏洞	2025-09-08	2025-11-03
cnvd-2025-26795	Google Android拒绝服务漏洞	2025-09-08	2025-11-03
cnvd-2025-26794	Google Android逻辑错误漏洞	2025-09-08	2025-11-03
cnvd-2025-26793	Google Android协议实现不正确漏洞	2025-09-08	2025-11-03
cnvd-2025-26789	IBM Concert Software缓冲区溢出漏洞	2025-09-10	2025-11-03
cnvd-2025-26788	IBM Storage TS4500 Library跨站请求伪造漏洞	2025-09-29	2025-11-03
cnvd-2025-26786	Curfew e-Pass Management System edit-category-detail.php文件跨站脚本漏洞	2025-10-31	2025-11-03
cnvd-2025-26785	Curfew e-Pass Management System admin-profile.php文件跨站脚本漏洞	2025-10-31	2025-11-03
cnvd-2025-26784	IBM Concert Software服务端请求伪造漏洞	2025-10-31	2025-11-03
cnvd-2025-26783	IBM Concert Software日志输入中和不当漏洞	2025-10-31	2025-11-03
cnvd-2025-26736	ISC BIND 9存在未明漏洞（CNVD-2025-26736）	2025-10-29	2025-11-03
cnvd-2025-26735	ISC BIND 9拒绝服务漏洞	2025-10-29	2025-11-03
cnvd-2025-26734	ISC BIND 9存在未明漏洞	2025-10-29	2025-11-03
cnvd-2025-26728	Microsoft Office代码执行漏洞（CNVD-2025-26728）	2025-09-11	2025-11-03
cnvd-2025-26727	Microsoft OfficePlus欺骗漏洞	2025-09-11	2025-11-03
cnvd-2025-26726	Microsoft Office代码执行漏洞（CNVD-2025-26726）	2025-09-11	2025-11-03
cnvd-2025-26725	Microsoft Office Visio代码执行漏洞	2025-09-11	2025-11-03
cnvd-2025-26724	Microsoft Sharepoint远程代码执行漏洞（CNVD-2025-26724）	2025-09-11	2025-11-03
cnvd-2025-26723	Microsoft PowerPoint代码执行漏洞（CNVD-2025-26723）	2025-09-11	2025-11-03
cnvd-2025-26722	Microsoft Exchange Server权限提升漏洞（CNVD-2025-26722）	2025-10-17	2025-11-03
cnvd-2025-26721	Microsoft Word代码执行漏洞（CNVD-2025-26721）	2025-10-17	2025-11-03
cnvd-2025-26720	Microsoft Word代码执行漏洞（CNVD-2025-26720）	2025-10-17	2025-11-03
cnvd-2025-26719	Microsoft PowerPoint代码执行漏洞（CNVD-2025-26719）	2025-10-17	2025-11-03
cnvd-2025-26718	Microsoft Exchange Server欺骗漏洞（CNVD-2025-26718）	2025-10-17	2025-11-03
cnvd-2025-26717	Microsoft Exchange Server权限提升漏洞（CNVD-2025-26717）	2025-10-17	2025-11-03
cnvd-2025-27115	Tenda A15缓冲区溢出漏洞	2025-11-05	2025-11-02
cnvd-2025-27117	Tenda CH22 fromDhcpListClient函数缓冲区溢出漏洞	2025-10-31	2025-10-31
cnvd-2025-27116	Tenda CH22 formwebExcptypemanFilter函数缓冲区溢出漏洞	2025-10-31	2025-10-31
cnvd-2025-26831	Wazifa System logincontrol.php文件SQL注入漏洞	2024-11-07	2025-10-31

ID	Description	Published	Updated
certfr-2024-avi-0532	Vulnérabilité dans Cisco NX-OS	2024-07-02T00:00:00.000000	2024-07-02T00:00:00.000000
certfr-2024-avi-0531	Multiples vulnérabilités dans OpenSSH	2024-07-01T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-avi-0530	Multiples vulnérabilités dans les produits NetApp	2024-07-01T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-avi-0529	Multiples vulnérabilités dans les produits IBM	2024-06-28T00:00:00.000000	2024-06-28T00:00:00.000000
certfr-2024-avi-0528	Multiples vulnérabilités dans le noyau Linux de Red Hat	2024-06-28T00:00:00.000000	2024-06-28T00:00:00.000000
certfr-2024-avi-0527	Multiples vulnérabilités dans le noyau Linux de Debian LTS	2024-06-28T00:00:00.000000	2024-06-28T00:00:00.000000
certfr-2024-avi-0526	Multiples vulnérabilités dans le noyau Linux de SUSE	2024-06-28T00:00:00.000000	2024-06-28T00:00:00.000000
certfr-2024-avi-0525	Multiples vulnérabilités dans les produits Juniper Networks	2024-06-28T00:00:00.000000	2024-06-28T00:00:00.000000
certfr-2024-avi-0524	Multiples vulnérabilités dans les produits VMware	2024-06-28T00:00:00.000000	2024-06-28T00:00:00.000000
certfr-2024-avi-0523	Multiples vulnérabilités dans Microsoft Edge	2024-06-28T00:00:00.000000	2024-06-28T00:00:00.000000
certfr-2024-avi-0522	Vulnérabilité dans OpenSSL	2024-06-27T00:00:00.000000	2024-06-27T00:00:00.000000
certfr-2024-avi-0521	Multiples vulnérabilités dans GitLab	2024-06-27T00:00:00.000000	2024-06-27T00:00:00.000000
certfr-2024-avi-0520	Multiples vulnérabilités dans les produits Progress	2024-06-26T00:00:00.000000	2024-06-26T00:00:00.000000
certfr-2024-avi-0519	Multiples vulnérabilités dans les produits VMware	2024-06-26T00:00:00.000000	2024-06-26T00:00:00.000000
certfr-2024-avi-0518	Vulnérabilité dans LibreOffice	2024-06-25T00:00:00.000000	2024-06-25T00:00:00.000000
certfr-2024-avi-0517	Vulnérabilité dans Citrix Secure Access client	2024-06-25T00:00:00.000000	2024-06-25T00:00:00.000000
certfr-2024-avi-0516	Multiples vulnérabilités dans WordPress	2024-06-25T00:00:00.000000	2024-06-25T00:00:00.000000
certfr-2024-avi-0515	Multiples vulnérabilités dans Google Chrome	2024-06-25T00:00:00.000000	2024-06-25T00:00:00.000000
certfr-2024-avi-0493	Multiples vulnérabilités dans les produits Mozilla	2024-06-14T00:00:00.000000	2024-06-24T00:00:00.000000
certfr-2024-avi-0514	Multiples vulnérabilités dans les produits IBM	2024-06-21T00:00:00.000000	2024-06-21T00:00:00.000000
certfr-2024-avi-0513	Multiples vulnérabilités dans le noyau Linux de SUSE	2024-06-21T00:00:00.000000	2024-06-21T00:00:00.000000
certfr-2024-avi-0512	Multiples vulnérabilités dans les produits Moxa	2024-06-21T00:00:00.000000	2024-06-21T00:00:00.000000
certfr-2024-avi-0511	Vulnérabilité dans les produits ESET	2024-06-21T00:00:00.000000	2024-06-21T00:00:00.000000
certfr-2024-avi-0510	Multiples vulnérabilités dans Microsoft Edge	2024-06-21T00:00:00.000000	2024-06-21T00:00:00.000000
certfr-2024-avi-0494	Vulnérabilité dans FreeRADIUS	2024-06-14T00:00:00.000000	2024-06-21T00:00:00.000000
certfr-2024-avi-0509	Multiples vulnérabilités dans SonicWall SonicOS	2024-06-20T00:00:00.000000	2024-06-20T00:00:00.000000
certfr-2024-avi-0508	Multiples vulnérabilités dans les produits Moxa	2024-06-20T00:00:00.000000	2024-06-20T00:00:00.000000
certfr-2024-avi-0507	Vulnérabilité dans Spring Cloud Function	2024-06-20T00:00:00.000000	2024-06-20T00:00:00.000000
certfr-2024-avi-0506	Multiples vulnérabilités dans Juniper Secure Analytics	2024-06-19T00:00:00.000000	2024-06-19T00:00:00.000000
certfr-2024-avi-0505	Multiples vulnérabilités dans Moodle	2024-06-19T00:00:00.000000	2024-06-19T00:00:00.000000

ID	Description	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated