Recent vulnerabilities
Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-64340 |
6.7 (3.1)
|
FastMCP has a Command Injection vulnerability - Gemini CLI |
jlowin |
fastmcp |
2026-04-03T15:16:13.930Z | 2026-04-03T16:12:58.401Z |
| CVE-2024-48077 |
7.5 (3.1)
|
NanoMQ v0.22.7 is vulnerable to Denial of Service… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-04-03T16:11:25.306Z |
| CVE-2026-25043 |
5.3 (3.1)
|
Budibase: Unauthenticated Password Reset Endpoint Lack… |
Budibase |
budibase |
2026-04-03T15:35:10.840Z | 2026-04-03T16:11:18.857Z |
| CVE-2026-34736 |
5.3 (3.1)
|
Open edX Platform: Account Activation Bypass via activ… |
openedx |
openedx-platform |
2026-04-02T18:29:01.740Z | 2026-04-03T16:08:43.532Z |
| CVE-2026-34452 |
5.8 (4.0)
|
Claude SDK for Python: Memory Tool Path Validation Rac… |
anthropics |
anthropic-sdk-python |
2026-03-31T21:32:37.537Z | 2026-04-03T16:08:25.309Z |
| CVE-2024-36856 |
7.5 (3.1)
|
RMQTT Broker 0.4.0 is vulnerable to Denial of Ser… |
n/a |
n/a |
2024-06-12T00:00:00.000Z | 2026-04-03T16:07:28.936Z |
| CVE-2026-34448 |
9.1 (3.1)
|
SiYuan: Stored XSS in Attribute View gallery/kanban co… |
siyuan-note |
siyuan |
2026-03-31T21:44:36.504Z | 2026-04-03T16:05:31.678Z |
| CVE-2026-35214 |
8.7 (3.1)
|
Budibase: Path traversal in plugin file upload enables… |
Budibase |
budibase |
2026-04-03T15:43:12.426Z | 2026-04-03T16:04:36.168Z |
| CVE-2024-50948 |
7.5 (3.1)
|
mochiMQTT v2.6.3 is vulnerable to Denial of Servi… |
n/a |
n/a |
2024-12-03T00:00:00.000Z | 2026-04-03T16:03:24.435Z |
| CVE-2026-34601 |
7.5 (3.1)
|
xmldom: XML injection via unsafe CDATA serialization a… |
xmldom |
xmldom |
2026-04-02T17:47:13.209Z | 2026-04-03T16:03:21.485Z |
| CVE-2026-31933 |
7.5 (3.1)
|
Suricata stream: quadratic complexity in stream inspection |
OISF |
suricata |
2026-04-02T14:03:35.917Z | 2026-04-03T16:01:09.310Z |
| CVE-2026-34715 |
5.3 (3.1)
|
ewe Has Improper Neutralization of CRLF Sequences in H… |
vshakitskiy |
ewe |
2026-04-02T17:57:00.501Z | 2026-04-03T16:00:41.121Z |
| CVE-2026-5472 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
ProjectsAndPrograms School Management System Profile P… |
ProjectsAndPrograms |
School Management System |
2026-04-03T16:00:17.480Z | 2026-04-03T16:00:17.480Z |
| CVE-2026-34742 |
7.6 (4.0)
|
Model Context Protocol Go SDK: DNS Rebinding Protectio… |
modelcontextprotocol |
go-sdk |
2026-04-02T18:32:34.781Z | 2026-04-03T15:59:37.091Z |
| CVE-2026-31937 |
7.5 (3.1)
|
Suricata dcerpc: quadratic complexity in dcerpc buffering |
OISF |
suricata |
2026-04-02T14:38:22.496Z | 2026-04-03T15:59:28.970Z |
| CVE-2026-34758 |
9.1 (3.1)
|
OneUptime: Missing Authentication on Notification Endpoints |
OneUptime |
oneuptime |
2026-04-02T18:49:29.826Z | 2026-04-03T15:58:23.101Z |
| CVE-2026-5420 |
2 (4.0)
2.5 (3.1)
2.5 (3.0)
|
Shinrays Games Goods Triple App cats.goods.sort.sortin… |
Shinrays Games |
Goods Triple App |
2026-04-02T19:00:17.487Z | 2026-04-03T15:56:29.692Z |
| CVE-2026-34523 |
5.3 (3.1)
|
SillyTavern: Path traversal allows file existence oracle |
SillyTavern |
SillyTavern |
2026-04-02T17:14:31.694Z | 2026-04-03T15:56:24.472Z |
| CVE-2026-34577 |
8.6 (3.1)
|
Postiz: Unauthenticated Full-Read SSRF via /public/str… |
gitroomhq |
postiz-app |
2026-04-02T17:24:33.725Z | 2026-04-03T15:52:56.345Z |
| CVE-2026-25118 |
6.3 (4.0)
|
immich-server: Insecure Transmission of Authentication… |
immich-app |
immich |
2026-04-03T15:51:07.171Z | 2026-04-03T15:51:07.171Z |
| CVE-2026-34590 |
5.4 (3.1)
|
Postiz: SSRF via Webhook Creation Endpoint Missing URL… |
gitroomhq |
postiz-app |
2026-04-02T17:26:58.902Z | 2026-04-03T15:49:51.856Z |
| CVE-2026-35218 |
8.7 (3.1)
|
Budibase: Stored XSS via unsanitized entity names rend… |
Budibase |
budibase |
2026-04-03T15:47:45.469Z | 2026-04-03T15:47:45.469Z |
| CVE-2026-34752 |
8.7 (4.0)
|
Haraka affected by DoS via `__proto__` email header |
haraka |
Haraka |
2026-04-02T18:42:38.367Z | 2026-04-03T15:47:34.494Z |
| CVE-2026-35053 |
9.2 (4.0)
|
OneUptime: Unauthenticated Workflow Execution via ManualAPI |
OneUptime |
oneuptime |
2026-04-02T18:55:49.130Z | 2026-04-03T15:46:38.420Z |
| CVE-2026-35216 |
9.1 (3.1)
|
Budibase: Unauthenticated Remote Code Execution via We… |
Budibase |
budibase |
2026-04-03T15:45:40.091Z | 2026-04-03T15:45:40.091Z |
| CVE-2026-5471 |
4.8 (4.0)
3.3 (3.1)
3.3 (3.0)
|
Investory Toy Planet Trouble App app.investory.toyfact… |
Investory |
Toy Planet Trouble App |
2026-04-03T15:45:10.403Z | 2026-04-03T15:45:10.403Z |
| CVE-2026-34761 |
5.8 (3.1)
|
Ella Core Panics Upon NGAP handover failure |
ellanetworks |
core |
2026-04-02T19:03:05.307Z | 2026-04-03T15:43:40.050Z |
| CVE-2026-23320 |
N/A
|
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | N/A | 2026-03-25T10:27:14.398Z | 2026-04-03T15:42:10.765Z |
| CVE-2026-31818 |
9.6 (3.1)
|
Budibase: Server-Side Request Forgery via REST Connect… |
Budibase |
budibase |
2026-04-03T15:41:13.955Z | 2026-04-03T15:41:13.955Z |
| CVE-2026-34833 |
8.7 (4.0)
|
Bulwark Webmail: Information Exposure: password return… |
bulwarkmail |
webmail |
2026-04-02T19:11:39.303Z | 2026-04-03T15:40:57.901Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-28527 |
2.1 (4.0)
3.5 (3.1)
|
BlueKitchen BTstack < 1.8.1 AVRCP Controller GET_PLAYE… |
BlueKitchen GmbH |
BTstack |
2026-03-30T14:07:21.480Z | 2026-04-01T18:08:46.863Z |
| CVE-2026-5175 |
5 (3.1)
|
Improper access control in the multi-factor authe… |
Devolutions |
Server |
2026-04-01T15:04:22.130Z | 2026-04-01T20:12:09.411Z |
| CVE-2026-4989 |
4.3 (3.1)
|
Improper input validation in the gateway health c… |
Devolutions |
Server |
2026-04-01T15:07:29.219Z | 2026-04-01T17:15:10.559Z |
| CVE-2026-4927 |
6.5 (3.1)
|
Exposure of sensitive information in the users MF… |
Devolutions |
Server |
2026-04-01T14:54:45.806Z | 2026-04-01T19:26:56.487Z |
| CVE-2026-4925 |
5 (3.1)
|
Improper access control in the users MFA feature … |
Devolutions |
Server |
2026-04-01T15:02:06.733Z | 2026-04-01T20:16:31.765Z |
| CVE-2026-4924 |
8.2 (3.1)
|
Improper authentication in the two-factor authen… |
Devolutions |
Server |
2026-04-01T14:50:51.684Z | 2026-04-01T20:19:57.967Z |
| CVE-2026-4829 |
5.4 (3.1)
|
Improper authentication in the external OAuth aut… |
Devolutions |
Server |
2026-04-01T14:44:05.292Z | 2026-04-01T19:25:17.305Z |
| CVE-2026-4828 |
8.2 (3.1)
|
Improper authentication in the OAuth login functi… |
Devolutions |
Server |
2026-04-01T14:48:53.684Z | 2026-04-01T20:23:02.072Z |
| CVE-2026-35099 |
7.4 (3.1)
|
Lakeside SysTrack Agent 11 before 11.5.0.15 has a… |
Lakeside Software |
SysTrack Agent |
2026-04-01T15:39:51.438Z | 2026-04-01T20:11:43.803Z |
| CVE-2026-34603 |
7.1 (3.1)
|
@tinacms/graphql's Media Endpoints Can Escape the Medi… |
tinacms |
tinacms |
2026-04-01T16:08:44.366Z | 2026-04-01T17:54:25.006Z |
| CVE-2026-34510 |
6.9 (4.0)
5.3 (3.1)
|
OpenClaw < 2026.3.22 - Remote File URL Acceptance in W… |
OpenClaw |
OpenClaw |
2026-04-01T15:29:35.712Z | 2026-04-01T17:54:31.837Z |
| CVE-2026-33990 |
6.8 (4.0)
|
Docker Model Runner OCI Registry Client Vulnerable to … |
docker |
model-runner |
2026-04-01T16:17:40.719Z | 2026-04-01T16:17:40.719Z |
| CVE-2026-33978 |
5.4 (3.1)
|
Notesnook: Stored XSS in mobile share editor via unesc… |
streetwriters |
notesnook |
2026-04-01T16:11:56.610Z | 2026-04-01T19:07:24.523Z |
| CVE-2026-33949 |
8.1 (3.1)
|
@tinacms/graphql has Path Traversal that leads to over… |
tinacms |
tinacms |
2026-04-01T15:54:12.351Z | 2026-04-01T15:54:12.351Z |
| CVE-2026-31027 |
9.8 (3.1)
|
TOTOlink A3600R v5.9c.4959 contains a buffer over… |
n/a |
n/a |
2026-04-01T00:00:00.000Z | 2026-04-01T18:23:53.528Z |
| CVE-2026-30643 |
9.8 (3.1)
|
An issue was discovered in DedeCMS 5.7.118 allowi… |
n/a |
n/a |
2026-04-01T00:00:00.000Z | 2026-04-01T18:14:10.109Z |
| CVE-2026-30573 |
7.5 (3.1)
|
A Business Logic vulnerability exists in SourceCo… |
n/a |
n/a |
2026-04-01T00:00:00.000Z | 2026-04-01T17:52:39.630Z |
| CVE-2026-30526 |
6.1 (3.1)
|
A Reflected Cross-Site Scripting (XSS) vulnerabil… |
n/a |
n/a |
2026-04-01T00:00:00.000Z | 2026-04-01T15:04:04.957Z |
| CVE-2026-30523 |
6.5 (3.1)
|
A Business Logic vulnerability exists in SourceCo… |
n/a |
n/a |
2026-04-01T00:00:00.000Z | 2026-04-01T17:56:53.409Z |
| CVE-2026-30292 |
8.4 (3.1)
|
An arbitrary file overwrite vulnerability in Docu… |
n/a |
n/a |
2026-04-01T00:00:00.000Z | 2026-04-01T18:02:16.429Z |
| CVE-2026-30291 |
8.4 (3.1)
|
An arbitrary file overwrite vulnerability in Ora … |
n/a |
n/a |
2026-04-01T00:00:00.000Z | 2026-04-01T19:00:35.065Z |
| CVE-2026-30273 |
7.3 (3.1)
|
pandas-ai v3.0.0 was discovered to contain a SQL … |
n/a |
n/a |
2026-04-01T00:00:00.000Z | 2026-04-01T18:19:20.151Z |
| CVE-2026-29598 |
5.4 (3.1)
|
Multiple stored cross-site scripting (XSS) vulner… |
n/a |
n/a |
2026-04-01T00:00:00.000Z | 2026-04-01T19:08:33.198Z |
| CVE-2026-2265 |
6.5 (3.1)
|
Replicator 1.0.5 is vulnerable to Remote Code Executio… |
Replicator |
Replicator |
2026-04-01T16:11:25.107Z | 2026-04-01T19:27:36.981Z |
| CVE-2026-20174 |
4.9 (3.1)
|
Cisco Nexus Dashboard Insights Arbitrary File Write Vu… |
Cisco |
Cisco Nexus Dashboard |
2026-04-01T16:29:22.721Z | 2026-04-01T18:09:37.371Z |
| CVE-2026-20160 |
9.8 (3.1)
|
Cisco Smart Software Manager On-Prem Arbitrary Command… |
Cisco |
Cisco Smart Software Manager On-Prem |
2026-04-01T16:29:22.741Z | 2026-04-02T03:56:10.746Z |
| CVE-2026-20155 |
8 (3.1)
|
Cisco Evolved Programmable Network Manager Improper Au… |
Cisco |
Cisco Evolved Programmable Network Manager (EPNM) |
2026-04-01T16:29:12.891Z | 2026-04-01T18:19:17.434Z |
| CVE-2026-20151 |
7.3 (3.1)
|
Cisco Smart Software Manager On-Prem Privilege Escalat… |
Cisco |
Cisco Smart Software Manager On-Prem |
2026-04-01T16:29:13.496Z | 2026-04-02T03:56:09.678Z |
| CVE-2026-20097 |
6.5 (3.1)
|
Cisco Integrated Management Controller Remote Code Exe… |
Cisco |
Cisco Unified Computing System (Standalone) |
2026-04-01T16:29:00.607Z | 2026-04-02T03:56:16.248Z |
| CVE-2026-20096 |
6.5 (3.1)
|
Cisco Integrated Management Controller Command Injecti… |
Cisco |
Cisco Enterprise NFV Infrastructure Software |
2026-04-01T16:29:03.545Z | 2026-04-02T03:56:17.375Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-34209 | mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the tempo/se… | 2026-03-31T15:16:18.030 | 2026-04-03T15:59:37.143 |
| fkie_cve-2026-28526 | BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRC… | 2026-03-30T14:16:34.750 | 2026-04-03T15:58:18.837 |
| fkie_cve-2026-30314 | Ridvay Code's command auto-approval module contains a critical OS command injection vulnerability t… | 2026-03-31T15:16:13.233 | 2026-04-03T15:57:23.747 |
| fkie_cve-2026-30311 | Ridvay Code's command auto-approval module contains a critical OS command injection vulnerability t… | 2026-03-31T15:16:12.987 | 2026-04-03T15:54:40.707 |
| fkie_cve-2026-34155 | RAUC controls the update process on embedded Linux systems. Prior to version 1.15.2, RAUC bundles u… | 2026-03-31T14:16:11.997 | 2026-04-03T15:53:01.463 |
| fkie_cve-2026-4799 | In Search Guard FLX up to version 4.0.1, it is possible to use specially crafted requests to redire… | 2026-03-31T15:16:21.137 | 2026-04-03T15:20:31.917 |
| fkie_cve-2026-34220 | MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patter… | 2026-03-31T16:16:32.127 | 2026-04-03T15:16:45.420 |
| fkie_cve-2026-5469 | A weakness has been identified in Casdoor 2.356.0. This vulnerability affects unknown code of the c… | 2026-04-03T15:16:06.420 | 2026-04-03T15:16:06.420 |
| fkie_cve-2026-30252 | Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen… | 2026-04-02T21:16:40.490 | 2026-04-03T15:16:05.493 |
| fkie_cve-2026-30251 | A reflected cross-site scripting (XSS) vulnerability in the login_newpwd.php endpoint of Interzen C… | 2026-04-02T21:16:40.357 | 2026-04-03T15:16:05.317 |
| fkie_cve-2026-26477 | An issue in Dokuwiki v.2025-05-14b 'Librarian' allows a remote attacker to cause a denial of servic… | 2026-04-03T15:16:05.093 | 2026-04-03T15:16:05.093 |
| fkie_cve-2025-59711 | An issue was discovered in Biztalk360 before 11.5. Because of mishandling of user-provided input in… | 2026-04-03T15:16:04.637 | 2026-04-03T15:16:04.637 |
| fkie_cve-2025-59710 | An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is… | 2026-04-03T15:16:04.500 | 2026-04-03T15:16:04.500 |
| fkie_cve-2025-59709 | An issue was discovered in Biztalk360 through 11.5. because of mishandling of user-provided input i… | 2026-04-03T15:16:03.817 | 2026-04-03T15:16:03.817 |
| fkie_cve-2026-34221 | MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patter… | 2026-03-31T16:16:32.293 | 2026-04-03T15:13:26.167 |
| fkie_cve-2026-34227 | Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to version 1… | 2026-03-31T16:16:32.440 | 2026-04-03T14:54:01.150 |
| fkie_cve-2026-34231 | Slippers is a UI component framework for Django. Prior to version 0.6.3, a Cross-Site Scripting (XS… | 2026-03-31T16:16:32.603 | 2026-04-03T14:51:03.493 |
| fkie_cve-2026-34243 | wenxian is a tool to generate BIBTEX files from given identifiers (DOI, PMID, arXiv ID, or paper ti… | 2026-03-31T16:16:33.253 | 2026-04-03T14:38:17.593 |
| fkie_cve-2019-25619 | FTP Shell Server 6.83 contains a buffer overflow vulnerability in the 'Account name to ban' field t… | 2026-03-22T14:16:30.873 | 2026-04-03T14:33:32.480 |
| fkie_cve-2025-31200 | A memory corruption issue was addressed with improved bounds checking. This issue is fixed in iOS 1… | 2025-04-16T19:15:54.540 | 2026-04-03T14:32:12.800 |
| fkie_cve-2025-31201 | This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPa… | 2025-04-16T19:15:54.673 | 2026-04-03T14:31:32.007 |
| fkie_cve-2025-31277 | The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6… | 2025-07-30T00:15:30.830 | 2026-04-03T14:30:40.733 |
| fkie_cve-2026-34237 | MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to vers… | 2026-03-31T16:16:32.923 | 2026-04-03T14:29:40.640 |
| fkie_cve-2025-43200 | This issue was addressed with improved checks. This issue is fixed in iOS 15.8.4 and iPadOS 15.8.4,… | 2025-06-16T22:16:41.120 | 2026-04-03T14:29:07.400 |
| fkie_cve-2025-43300 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iO… | 2025-08-21T01:15:36.243 | 2026-04-03T14:28:33.887 |
| fkie_cve-2025-43510 | A memory corruption issue was addressed with improved lock state checking. This issue is fixed in i… | 2025-12-12T21:15:55.843 | 2026-04-03T14:28:19.317 |
| fkie_cve-2025-43520 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 1… | 2025-12-12T21:15:56.830 | 2026-04-03T14:28:03.810 |
| fkie_cve-2026-34235 | PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.1… | 2026-03-31T16:16:32.767 | 2026-04-03T14:23:41.230 |
| fkie_cve-2025-43529 | A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari… | 2025-12-17T21:16:11.570 | 2026-04-03T14:17:40.310 |
| fkie_cve-2026-5468 | A security flaw has been discovered in Casdoor 2.356.0. This affects the function dangerouslySetInn… | 2026-04-03T14:16:33.837 | 2026-04-03T14:16:33.837 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-3c7f-5hgj-h279 |
5.4 (3.1)
5.1 (4.0)
|
n8n has XSS in Chat Trigger Node through Custom CSS | 2026-03-27T18:06:49Z | 2026-04-03T16:07:53Z |
| ghsa-3mwp-wvh9-7528 |
6.5 (3.1)
|
vLLM: Unauthenticated OOM Denial of Service via Unbounded `n` Parameter in OpenAI API Server | 2026-04-03T15:35:48Z | 2026-04-03T15:35:48Z |
| ghsa-x5cv-7h6w-46hm |
|
In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bu… | 2026-04-03T15:30:31Z | 2026-04-03T15:30:31Z |
| ghsa-x244-gjj6-jc73 |
|
In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix circular locking … | 2026-04-03T15:30:31Z | 2026-04-03T15:30:31Z |
| ghsa-w799-7525-rpr6 |
3.5 (3.1)
2.0 (4.0)
|
A security flaw has been discovered in Casdoor 2.356.0. This affects the function dangerouslySetInn… | 2026-04-03T15:30:31Z | 2026-04-03T15:30:31Z |
| ghsa-w39g-2rjc-rg77 |
7.3 (3.1)
|
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in P… | 2026-04-03T15:30:30Z | 2026-04-03T15:30:31Z |
| ghsa-vph7-r229-qxpf |
4.3 (3.1)
|
** UNSUPPORTED WHEN ASSIGNED ** Focalboard version 8.0 fails to validate file ownership when servin… | 2026-04-03T15:30:31Z | 2026-04-03T15:30:31Z |
| ghsa-rc42-xqq7-h58r |
|
In the Linux kernel, the following vulnerability has been resolved: btrfs: free pages on error in … | 2026-04-03T15:30:31Z | 2026-04-03T15:30:31Z |
| ghsa-q6cm-wqcq-7q3c |
|
An issue was discovered in Biztalk360 before 11.5. Because of mishandling of user-provided input in… | 2026-04-03T15:30:31Z | 2026-04-03T15:30:31Z |
| ghsa-p8c7-hjc4-gwf8 |
4.7 (3.1)
5.1 (4.0)
|
A weakness has been identified in Casdoor 2.356.0. This vulnerability affects unknown code of the c… | 2026-04-03T15:30:31Z | 2026-04-03T15:30:31Z |
| ghsa-p32q-v29x-wq9r |
8.1 (3.1)
|
** UNSUPPORTED WHEN ASSIGNED ** Focalboard version 8.0 fails to sanitize category IDs before incorp… | 2026-04-03T15:30:31Z | 2026-04-03T15:30:31Z |
| ghsa-mhv3-v49w-phxv |
|
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Validate comman… | 2026-04-03T15:30:31Z | 2026-04-03T15:30:31Z |
| ghsa-jcxx-x6vw-f3xq |
|
In the Linux kernel, the following vulnerability has been resolved: drm/xe/reg_sr: Fix leak on xa_… | 2026-04-03T15:30:30Z | 2026-04-03T15:30:31Z |
| ghsa-gwpq-c4hc-7qhj |
|
An issue in Dokuwiki v.2025-05-14b 'Librarian' allows a remote attacker to cause a denial of servic… | 2026-04-03T15:30:31Z | 2026-04-03T15:30:31Z |
| ghsa-8c23-q3xr-8rw3 |
|
An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is… | 2026-04-03T15:30:31Z | 2026-04-03T15:30:31Z |
| ghsa-7xqm-3mpj-9c5h |
|
An issue was discovered in Biztalk360 through 11.5. because of mishandling of user-provided input i… | 2026-04-03T15:30:31Z | 2026-04-03T15:30:31Z |
| ghsa-6ww2-mmfj-6f5p |
|
In the Linux kernel, the following vulnerability has been resolved: drm/logicvc: Fix device node r… | 2026-04-03T15:30:31Z | 2026-04-03T15:30:31Z |
| ghsa-6rph-vpvq-7wvw |
|
In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: Fix interrupt st… | 2026-04-03T15:30:31Z | 2026-04-03T15:30:31Z |
| ghsa-5rf8-f7c5-4xmw |
|
In the Linux kernel, the following vulnerability has been resolved: drm/xe/configfs: Free ctx_rest… | 2026-04-03T15:30:31Z | 2026-04-03T15:30:31Z |
| ghsa-23qp-f5g5-j76h |
|
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix ID register in… | 2026-04-03T15:30:31Z | 2026-04-03T15:30:31Z |
| ghsa-ch8g-69g3-3cc2 |
3.4 (3.1)
4.8 (4.0)
|
Pega Platform versions 8.1.0 through 25.1.0 are affected by a Stored Cross-site Scripting vulnerabi… | 2026-03-31T18:31:31Z | 2026-04-03T15:30:30Z |
| ghsa-c5mh-66wj-fpf7 |
6.1 (3.1)
|
XSS vulnerability in cveInterface.js allows for inject HTML to be passed to display, as cveInterfac… | 2026-04-02T21:32:53Z | 2026-04-03T15:30:30Z |
| ghsa-c5cp-jh44-3m86 |
6.1 (3.1)
|
Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen… | 2026-04-02T21:32:53Z | 2026-04-03T15:30:30Z |
| ghsa-5x28-243x-9mx6 |
6.1 (3.1)
|
A reflected cross-site scripting (XSS) vulnerability in the login_newpwd.php endpoint of Interzen C… | 2026-04-02T21:32:53Z | 2026-04-03T15:30:30Z |
| ghsa-37mp-2f5m-44h4 |
8.8 (3.1)
|
This issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS … | 2026-04-02T21:32:52Z | 2026-04-03T15:30:30Z |
| ghsa-3435-g6fx-jc4p |
7.5 (3.1)
|
The stored API keys in temporary browser client is not marked as protected allowing for JavScript c… | 2026-04-02T21:32:53Z | 2026-04-03T15:30:30Z |
| ghsa-rhhh-mwpc-m2qj |
7.8 (3.1)
|
In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fix potential bu… | 2026-02-14T18:30:16Z | 2026-04-03T15:30:29Z |
| ghsa-pmxm-x3p3-w327 |
7.0 (3.1)
|
In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: add bounds check… | 2026-02-14T18:30:16Z | 2026-04-03T15:30:29Z |
| ghsa-6rr8-q652-pwgf |
7.0 (3.1)
|
In the Linux kernel, the following vulnerability has been resolved: net: cpsw: Execute ndo_set_rx_… | 2026-02-14T18:30:15Z | 2026-04-03T15:30:29Z |
| ghsa-mj24-pqx2-6788 |
4.3 (3.1)
2.1 (4.0)
|
A vulnerability was identified in Casdoor 2.356.0. Affected by this issue is some unknown functiona… | 2026-04-03T12:31:10Z | 2026-04-03T12:31:10Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2026-3 |
|
After an API token exposure from an exploited Trivy dependency, two new releases of `teln… | telnyx | 2026-03-27T14:53:14Z | |
| pysec-2026-2 |
|
After an API Token exposure from an exploited Trivy dependency, two new releases of `lite… | litellm | 2026-03-24T15:35:32Z | |
| pysec-2024-85 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2026-03-03T16:29:37.848846Z |
| pysec-2024-84 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2026-03-03T16:29:37.756762Z |
| pysec-2024-83 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2026-03-03T16:29:37.662671Z |
| pysec-2024-82 |
8.8 (3.1)
|
Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB… | mindsdb | 2024-09-12T13:15:00Z | 2026-03-03T16:29:37.563380Z |
| pysec-2023-278 |
5.3 (3.1)
|
MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1… | mindsdb | 2023-12-11T21:15:00Z | 2026-03-03T16:29:37.448520Z |
| pysec-2023-121 |
|
A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as a… | zstd | 2023-03-31T20:15:00+00:00 | 2026-02-25T19:20:58+00:00 |
| pysec-2026-1 |
|
A PyPI user account compromised by an attacker and was able to upload a malicious version… | dydx-v4-client | 2026-01-28T21:09:02+00:00 | |
| pysec-2025-52 |
|
gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. | mlflow | 2025-06-23T15:15:29Z | 2025-12-05T13:25:55.146081Z |
| pysec-2020-220 |
|
A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll… | ansible | 2020-10-05T14:15:00Z | 2025-10-31T04:43:53.616247Z |
| pysec-2025-72 |
|
The `num2words` project was compromised via a phishing attack and two new versions were u… | num2words | 2025-07-31T14:34:47+00:00 | |
| pysec-2025-71 |
|
Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas… | cadwyn | 2025-07-21T21:15:25+00:00 | 2025-07-23T15:24:03.825615+00:00 |
| pysec-2025-70 |
10.0 (3.1)
|
A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen… | langchain-community | 2025-06-23T21:15:25+00:00 | 2025-07-16T21:23:40.211079+00:00 |
| pysec-2024-259 |
9.8 (3.1)
|
In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by m… | torch | 2024-10-29T21:15:04+00:00 | 2025-07-16T03:09:57.748865+00:00 |
| pysec-2024-258 |
|
In scrapy/scrapy, an issue was identified where the Authorization header is not removed d… | scrapy | 2024-05-20T08:15:08+00:00 | 2025-07-15T17:37:50.051730+00:00 |
| pysec-2025-69 |
|
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem… | roundup | 2025-07-13T20:15:25+00:00 | 2025-07-13T21:23:01.161315+00:00 |
| pysec-2025-68 |
8.0 (3.1)
|
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6… | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.449399+00:00 |
| pysec-2025-67 |
9.8 (3.1)
|
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil… | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.385619+00:00 |
| pysec-2025-66 |
|
Improper privilege management in a REST interface allowed registered users to access unau… | streampipes | 2025-03-03T11:15:11+00:00 | 2025-07-08T15:23:46.628375+00:00 |
| pysec-2025-65 |
|
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0… | llama-index | 2025-07-07T13:15:28+00:00 | 2025-07-07T15:23:42.730681+00:00 |
| pysec-2025-61 |
|
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap … | pillow | 2025-07-01T19:15:27Z | 2025-07-07T14:12:46.226030Z |
| pysec-2025-64 |
9.8 (3.1)
|
A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0… | python-a2a | 2025-06-17T07:15:18+00:00 | 2025-07-02T21:23:13.806273+00:00 |
| pysec-2025-63 |
|
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe… | vllm | 2025-03-19T16:15:32+00:00 | 2025-07-01T23:22:49.176005+00:00 |
| pysec-2025-62 |
|
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal… | vllm | 2025-02-07T20:15:34+00:00 | 2025-07-01T23:22:49.083695+00:00 |
| pysec-2025-60 |
|
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Inform… | apache-iotdb | 2025-05-14T11:16:28+00:00 | 2025-07-01T21:22:47.232036+00:00 |
| pysec-2025-59 |
|
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attack… | apache-iotdb | 2025-05-14T11:15:47+00:00 | 2025-07-01T21:22:47.177405+00:00 |
| pysec-2024-257 |
7.5 (3.1)
|
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… | mobsf | 2024-03-22T23:15:07+00:00 | 2025-06-30T15:23:50.085549+00:00 |
| pysec-2025-58 |
8.8 (3.1)
|
vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py impl… | vllm | 2025-01-27T18:15:41+00:00 | 2025-06-27T21:22:36.583615+00:00 |
| pysec-2025-57 |
|
A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent… | zenml | 2025-03-20T10:15:48+00:00 | 2025-06-27T17:22:55.175431+00:00 |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33884 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.534455Z |
| gsd-2024-33901 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.525896Z |
| gsd-2024-33887 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.503613Z |
| gsd-2024-33895 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.493081Z |
| gsd-2024-33894 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.488420Z |
| gsd-2024-33902 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.486429Z |
| gsd-2024-33888 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.468423Z |
| gsd-2024-33885 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.441746Z |
| gsd-2024-33891 | Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via th… | 2024-04-29T05:02:07.412035Z |
| gsd-2024-33899 | RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the scr… | 2024-04-29T05:02:07.400574Z |
| gsd-2024-33889 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.392587Z |
| gsd-2024-33893 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.381761Z |
| gsd-2024-33892 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.378170Z |
| gsd-2024-33890 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.344384Z |
| gsd-2024-33896 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.313250Z |
| gsd-2024-33903 | In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pede… | 2024-04-29T05:02:07.295775Z |
| gsd-2024-33900 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.290639Z |
| gsd-2024-33898 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.287632Z |
| gsd-2024-33886 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.287167Z |
| gsd-2024-33897 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.283756Z |
| gsd-2024-33883 | The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certa… | 2024-04-29T05:02:07.271727Z |
| gsd-2024-4303 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.716348Z |
| gsd-2024-4300 | E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remo… | 2024-04-29T05:02:05.715239Z |
| gsd-2024-4297 | The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlo… | 2024-04-29T05:02:05.700888Z |
| gsd-2024-4301 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.678292Z |
| gsd-2024-4296 | The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock… | 2024-04-29T05:02:05.621428Z |
| gsd-2024-4299 | The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSheroc… | 2024-04-29T05:02:05.606402Z |
| gsd-2024-4302 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.603637Z |
| gsd-2024-4298 | The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, Audit… | 2024-04-29T05:02:05.598531Z |
| gsd-2024-33876 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.990196Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-2448 | Malicious code in supervisors (PyPI) | 2026-04-03T11:40:59Z | 2026-04-03T11:40:59Z |
| mal-2026-2446 | Malicious code in @corpweb-ui/wmkt-library (npm) | 2026-04-03T08:18:07Z | 2026-04-03T08:18:07Z |
| mal-2026-2447 | Malicious code in @toprank/partner (npm) | 2026-04-03T07:43:43Z | 2026-04-03T07:43:43Z |
| mal-2026-2433 | Malicious code in pycolorlib3 (PyPI) | 2026-04-02T20:38:16Z | 2026-04-02T20:38:16Z |
| mal-2026-2432 | Malicious code in nwin64tls (PyPI) | 2026-04-02T20:28:37Z | 2026-04-02T20:28:37Z |
| mal-2026-2431 | Malicious code in nwin32tls (PyPI) | 2026-04-02T20:26:19Z | 2026-04-02T20:26:19Z |
| mal-2026-2443 | Malicious code in exprrrress (npm) | 2026-04-02T18:21:44Z | 2026-04-02T18:21:44Z |
| mal-2026-2442 | Malicious code in expreeeess (npm) | 2026-04-02T18:11:34Z | 2026-04-02T18:11:34Z |
| mal-2026-2430 | Malicious code in k8s-node-health (PyPI) | 2026-04-02T15:10:22Z | 2026-04-02T15:52:55Z |
| mal-2026-2439 | Malicious code in expeewas (npm) | 2026-04-02T15:22:21Z | 2026-04-02T15:22:21Z |
| mal-2026-2445 | Malicious code in pro-express (npm) | 2026-04-02T15:21:37Z | 2026-04-02T15:21:37Z |
| mal-2026-2441 | Malicious code in expirs (npm) | 2026-04-02T15:13:53Z | 2026-04-02T15:13:53Z |
| mal-2026-2437 | Malicious code in exaprse (npm) | 2026-04-02T15:12:58Z | 2026-04-02T15:12:58Z |
| mal-2026-2444 | Malicious code in exszpe3szs (npm) | 2026-04-02T15:12:47Z | 2026-04-02T15:12:47Z |
| mal-2026-2435 | Malicious code in 4xperss (npm) | 2026-04-02T15:12:23Z | 2026-04-02T15:12:23Z |
| mal-2026-2438 | Malicious code in expeedsxs (npm) | 2026-04-02T15:12:22Z | 2026-04-02T15:12:22Z |
| mal-2026-2434 | Malicious code in 4exepreds (npm) | 2026-04-02T15:12:19Z | 2026-04-02T15:12:19Z |
| mal-2026-2436 | Malicious code in eixp4ressz (npm) | 2026-04-02T15:12:04Z | 2026-04-02T15:12:04Z |
| mal-2026-2440 | Malicious code in experedzss (npm) | 2026-04-02T15:11:56Z | 2026-04-02T15:11:56Z |
| mal-2026-2424 | Malicious code in bytefrontier-sdk (npm) | 2026-04-02T12:21:22Z | 2026-04-02T12:21:22Z |
| mal-2026-2428 | Malicious code in vv-ftend-api (npm) | 2026-04-02T12:21:07Z | 2026-04-02T12:21:07Z |
| mal-2026-2425 | Malicious code in bytefrontier-tracker (npm) | 2026-04-02T12:10:59Z | 2026-04-02T12:10:59Z |
| mal-2026-2426 | Malicious code in partner-tracker (npm) | 2026-04-02T12:10:54Z | 2026-04-02T12:10:54Z |
| mal-2026-2423 | Malicious code in bytefrontier-partner (npm) | 2026-04-02T12:10:52Z | 2026-04-02T12:10:52Z |
| mal-2026-2422 | Malicious code in bytefrontier-api (npm) | 2026-04-02T12:10:50Z | 2026-04-02T12:10:50Z |
| mal-2026-2427 | Malicious code in partner-tracker-api (npm) | 2026-04-02T12:10:47Z | 2026-04-02T12:10:47Z |
| mal-2026-2429 | Malicious code in vv-ftend-core (npm) | 2026-04-02T12:10:43Z | 2026-04-02T12:10:43Z |
| mal-2026-2421 | Malicious code in @mgcrae/pino-pretty-logger (npm) | 2026-04-02T11:28:24Z | 2026-04-02T11:28:24Z |
| mal-2026-2419 | Malicious code in express-session-js (npm) | 2026-04-02T09:56:44Z | 2026-04-02T09:56:44Z |
| mal-2026-2420 | Malicious code in @_wnpm/wnpm-cli (npm) | 2026-04-02T09:53:07Z | 2026-04-02T09:53:07Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| 7paa023732 | System 800xA affected by 3rd party component vulnerabilities | 2026-03-31T00:30:00.000Z | 2026-03-31T00:30:00.000Z |
| 4hzm000604 | ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (SQLite 3.2.4) | 2026-03-26T00:30:00.000Z | 2026-03-26T00:30:00.000Z |
| 4jno000329 | AWIN Gateways Vulnerabilities in Embedded Webserver | 2026-03-13T00:30:00.000Z | 2026-03-13T00:30:00.000Z |
| 3adr011536 | AC500 V3 Stack buffer overflow in Cryptographic Message Syntax | 2026-03-12T00:30:00.000Z | 2026-03-12T00:30:00.000Z |
| 3adr011525 | ABB Automation Builder Gateway for Windows with insecure defaults | 2026-02-24T00:30:00.000Z | 2026-02-24T00:30:00.000Z |
| 3adr011524 | AC500 V3 Multiple vulnerabilities | 2026-02-24T00:30:00.000Z | 2026-02-24T00:30:00.000Z |
| sa25p007 | B&R Automation Studio Update of SQLite version | 2026-02-18T00:30:00.000Z | 2026-02-18T00:30:00.000Z |
| sa26p001 | PVI Insertion of Sensitive Information into Logfile | 2026-01-29T00:30:00.000Z | 2026-01-29T00:30:00.000Z |
| sa24p003 | B&R PCs vulnerable to PixieFail attack | 2026-01-29T00:30:00.000Z | 2026-01-29T00:30:00.000Z |
| 7paa013309 | System 800xA SECURITY Advisory - ABB 800xA Base 6.0.x, 6.1.x CSLib communication DoS vulnerability | 2024-06-05T00:30:00.000Z | 2026-01-23T00:30:00.000Z |
| sa25p005 | B&R Automation Runtime Improper Handling of Flooding conditions on ANSL Server | 2026-01-19T00:30:00.000Z | 2026-01-19T00:30:00.000Z |
| sa25p004 | Automation Studio Insufficient Server Certificate Validation | 2026-01-19T00:30:00.000Z | 2026-01-19T00:30:00.000Z |
| 9akk108472a1331 | ABB Ability™ OPTIMAX® Authentication Bypass in Single-Sign On with Azure Active Directory | 2026-01-16T00:30:00.000Z | 2026-01-16T00:30:00.000Z |
| 2crt000009 | WebPro SNMP Card PowerValue Multiple Vulnerabilities | 2026-01-07T00:30:00.000Z | 2026-01-07T00:30:00.000Z |
| 9akk108471a8107 | Terra AC wallbox Heap Memory Corruption Vulnerability | 2025-09-16T00:30:00.000Z | 2025-11-28T08:00:00.000Z |
| 4hzm000603 | ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC) | 2025-11-27T00:30:00.000Z | 2025-11-28T00:30:00.000Z |
| 7paa022088 | Edgenius Management Portal Authentication Bypass | 2025-11-20T00:30:00.000Z | 2025-11-20T00:30:00.000Z |
| 2nga002813 | PCM600 SharpZip library vulnerability | 2025-11-03T00:30:00.000Z | 2025-11-03T00:30:00.000Z |
| 4tz00000006007 | ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations | 2025-10-20T00:30:00.000Z | 2025-10-23T00:30:00.000Z |
| 9akk108471a8948 | Terra AC wallbox Heap Memory Corruption Vulnerability | 2025-10-20T00:30:00.000Z | 2025-10-21T00:30:00.000Z |
| 3kxg200000r4801 | CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability | 2025-04-16T00:30:00.000Z | 2025-10-20T00:30:00.000Z |
| sa25p003 | B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM) | 2025-10-07T00:30:00.000Z | 2025-10-14T00:30:00.000Z |
| 4tz00000006008 | LVS MConfig Insecure memory handling | 2025-10-08T00:30:00.000Z | 2025-10-08T00:30:00.000Z |
| sa25p002 | B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) | 2025-10-07T00:30:00.000Z | 2025-10-07T00:30:00.000Z |
| 9akk108471a7808 | EIBPORT Reflected XSS | 2025-10-07T00:30:00.000Z | 2025-10-07T00:30:00.000Z |
| 9akk108471a7121 | FLXeon Controllers Multiple vulnerabilities | 2025-09-09T00:30:00.000Z | 2025-09-18T00:30:00.000Z |
| 9akk108471a4462 | ELSB/BLBA ASPECT advisory several CVEs | 2025-08-11T00:30:00.000Z | 2025-09-04T00:30:00.000Z |
| 9akk108471a3623 | RMC - 100 Vulnerabilities in web UI (REST Interface) | 2025-07-03T00:30:00.000Z | 2025-08-18T00:30:00.000Z |
| 2nga002743 | ABB AbilityTM zenon Remote Transport Vulnerability | 2025-08-12T00:30:00.000Z | 2025-08-12T00:30:00.000Z |
| 3adr011407 | ABB Automation Builder Vulnerabilities in user management and access control | 2025-04-30T00:00:00.000Z | 2025-07-25T00:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2026-0856 | OpenClaw: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-04-01T22:00:00.000+00:00 |
| wid-sec-w-2025-2310 | F5 BIG-IP und F5OS: Mehrere Schwachstellen | 2025-10-15T22:00:00.000+00:00 | 2026-03-31T22:00:00.000+00:00 |
| wid-sec-w-2026-0909 | Tinyproxy: Schwachstelle ermöglicht Denial of Service | 2026-03-29T22:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0904 | vim: Schwachstelle ermöglicht Codeausführung | 2026-03-29T22:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0892 | WatchGuard Firebox: Mehrere Schwachstellen | 2026-03-26T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0891 | Dovecot: Mehrere Schwachstellen | 2026-03-26T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0887 | Internet Systems Consortium Kea: Schwachstelle ermöglicht Denial of Service | 2026-03-26T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0880 | FreeRDP: Mehrere Schwachstellen | 2026-03-25T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0864 | OpenBao: Mehrere Schwachstellen | 2026-03-25T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0850 | Mozilla Firefox und Mozilla Thunderbird: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0843 | Node.js: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0825 | strongSwan: Schwachstelle ermöglicht Denial of Service | 2026-03-23T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0782 | WebKitGTK: Mehrere Schwachstellen | 2026-03-18T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0761 | Red Hat JBoss Enterprise Application Platform: Schwachstelle ermöglicht Denial of Service | 2026-03-17T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0756 | Red Hat Enterprise Linux: Schwachstelle ermöglicht Privilegieneskalation und Offenlegung von Informationen | 2026-03-16T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0744 | ImageMagick: Schwachstelle ermöglicht Denial of Service | 2026-03-16T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0688 | cPanel cPanel/WHM: Mehrere Schwachstellen | 2026-03-10T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0643 | ImageMagick: Mehrere Schwachstellen | 2026-03-09T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0614 | Linux Kernel: Mehrere Schwachstellen | 2026-03-04T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0525 | GStreamer: Mehrere Schwachstellen | 2026-02-25T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0514 | FreeRDP: Mehrere Schwachstellen | 2026-02-24T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0494 | Red Hat Enterprise Linux (389-ds-base): Schwachstelle ermöglicht Codeausführung und potenziell Denial of Service | 2026-02-23T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0484 | ImageMagick: Mehrere Schwachstellen | 2026-02-23T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0479 | Red Hat OpenShift Service Mesh (Kiali): Schwachstelle ermöglicht Denial of Service | 2026-02-23T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0462 | Linux Kernel: Mehrere Schwachstellen | 2026-02-18T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0421 | Linux Kernel: Mehrere Schwachstellen | 2026-02-15T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0405 | Grafana: Mehrere Schwachstellen | 2026-02-11T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0362 | Red Hat Enterprise Linux (Lodash): Schwachstelle ermöglicht Denial of Service | 2026-02-10T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0345 | Golang Go: Mehrere Schwachstellen | 2026-02-08T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0327 | Asterisk: Mehrere Schwachstellen | 2026-02-05T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| va-26-092-01 | Bentley Systems iTwin Platform exposed access token | 2026-04-02T17:11:43Z | 2026-04-02T17:11:43Z |
| va-26-092-02 | Zscaler Client Connector hard-coded proxy configuration domain | 2026-04-02T13:54:30Z | 2026-04-02T13:54:30Z |
| icsa-26-092-03 | Hitachi Energy Ellipse | 2026-02-24T00:00:00.000000Z | 2026-04-02T06:00:00.000000Z |
| icsa-26-092-02 | Yokogawa CENTUM VP | 2026-04-02T06:00:00.000000Z | 2026-04-02T06:00:00.000000Z |
| icsa-26-092-01 | Siemens SICAM 8 Products | 2026-03-26T00:00:00.000000Z | 2026-04-02T06:00:00.000000Z |
| icsa-25-037-02 | Schneider Electric EcoStruxure (Update D) | 2025-01-14T07:00:00.000000Z | 2026-04-02T06:00:00.000000Z |
| icsa-26-055-03 | Gardyn Home Kit (Update A) | 2026-02-24T06:00:00.000000Z | 2026-04-02T05:00:00.000000Z |
| va-26-084-01 | Nanoleaf Lines unauthenticated firmware file store | 2026-03-25T00:00:00Z | 2026-04-02T00:00:00Z |
| icsa-26-090-02 | PX4 Autopilot | 2026-03-31T06:00:00.000000Z | 2026-03-31T06:00:00.000000Z |
| icsa-26-090-01 | Anritsu Remote Spectrum Monitor | 2026-03-31T06:00:00.000000Z | 2026-03-31T06:00:00.000000Z |
| icsa-24-324-01 | Mitsubishi Electric MELSEC iQ-F Series (Update A) | 2024-11-19T00:00:00.000Z | 2026-03-31T00:00:00.000000Z |
| icsma-26-083-01 | Grassroots DICOM (GDCM) | 2026-03-24T06:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsma-25-364-01 | WHILL Model C2 Electric Wheelchairs and Model F Power Chairs (Update A) | 2025-12-30T07:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsa-26-083-03 | "Schneider Electric Plant iT/Brewmaxx" | 2026-01-13T08:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsa-26-083-02 | Schneider Electric EcoStruxure Foxboro DCS | 2026-03-10T07:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsa-26-083-01 | Pharos Controls Mosaic Show Controller | 2026-03-24T06:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsa-26-078-08 | Automated Logic WebCTRL Premium Server | 2026-03-19T06:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-05 | Mitsubishi Electric CNC Series | 2026-03-10T00:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-04 | Schneider Electric EcoStruxure PME and EPO | 2026-03-10T07:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-03 | Schneider Electric EcoStruxure Automation Expert | 2026-03-10T07:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-02 | Schneider Electric Modicon Controllers M241, M251, M258, and LMC058 | 2026-03-10T07:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-01 | Schneider Electric Modicon M241, M251, and M262 | 2026-03-10T07:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-07 | IGL-Technologies eParking.fi | 2026-03-19T05:00:00.000000Z | 2026-03-19T05:00:00.000000Z |
| icsa-26-078-06 | CTEK Chargeportal | 2026-03-19T05:00:00.000000Z | 2026-03-19T05:00:00.000000Z |
| icsa-26-076-04 | Siemens SICAM SIAPP SDK | 2026-03-10T00:00:00.000000Z | 2026-03-17T06:00:00.000000Z |
| icsa-26-076-03 | Schneider Electric EcoStruxure Data Center Expert | 2026-03-10T07:00:00.000000Z | 2026-03-17T06:00:00.000000Z |
| icsa-26-076-02 | Schneider Electric SCADAPack and RemoteConnect | 2026-02-10T08:00:00.000000Z | 2026-03-17T06:00:00.000000Z |
| icsa-26-076-01 | CODESYS in Festo Automation Suite | 2026-02-26T08:00:00.000000Z | 2026-03-17T06:00:00.000000Z |
| icsa-26-015-10 | Schneider Electric EcoStruxure Power Build Rapsody (Update A) | 2026-01-13T08:00:00.000000Z | 2026-03-17T06:00:00.000000Z |
| icsa-25-160-02 | Hitachi Energy Relion 670, 650, SAM600-IO Series (Update A) | 2023-06-27T00:00:00.000000Z | 2026-03-17T06:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-iosxe-mntc-dos-lzweqcyq | Cisco IOS XE Software Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-04-02T19:43:54+00:00 |
| cisco-sa-ssm-cli-execution-chucwunr | Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-ndi-afw-rjurc5dz | Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-nd-ssrf-naen4o7r | Cisco Nexus Dashboard and Nexus Dashboard Insights Server-Side Request Forgery Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-nd-cbid-5yqkoshu | Cisco Nexus Dashboard Configuration Backup REST API Unauthorized Access Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-epnm-improp-auth-muwfwuu3 | Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-cssm-priv-esc-xranouo8 | Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-cimc-cmd-inj-3hkn3bvt | Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-cimc-auth-bypass-agg2bxtn | Cisco Integrated Management Controller Authentication Bypass Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-xe-secureboot-bypass-b6uyxysz | Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-wlc-dos-hnx5kgom | Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family CAPWAP Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-vmanage-xss-zqkhp9w9 | Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-scp-dos-duadxtcg | Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-iox-xss-lpgkzwtj | Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-iox-crlf-nvgktkjz | Cisco IOx Application Hosting Environment Carriage Return Line Feed Injection Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-iosxe_infodis-6j847ueb | Cisco IOS XE Software Secure Channel for Meraki Information Disclosure Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-iosxe-tls-dos-tvgldezl | Cisco IOS XE Software TLS Memory Exhaustion Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-iosxe-lobby-privesc-kwxbqjy | Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-ios-http-dos-sbv8xrpl | Cisco IOS Software and IOS XE Software Release 3E HTTP Server Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-bootp-wubhnbxa | Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-asa-ftd-ios-dos-kpepqggk | Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-fmc-rce-nkhnuljh | Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability | 2026-03-04T16:00:00+00:00 | 2026-03-25T14:21:24+00:00 |
| cisco-sa-sdwan-authbp-qwcx8d4v | Cisco Catalyst SD-WAN Vulnerabilities | 2026-02-25T16:00:00+00:00 | 2026-03-18T01:06:38+00:00 |
| cisco-sa-xrncs-epni-int-dos-twmffusn | Cisco IOS XR Egress Packet Network Interface Aligner Interrupt Denial of Service Vulnerability | 2026-03-11T16:00:00+00:00 | 2026-03-11T16:00:00+00:00 |
| cisco-sa-isis-dos-kdmxpszk | Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability | 2026-03-11T16:00:00+00:00 | 2026-03-11T16:00:00+00:00 |
| cisco-sa-iosxr-privesc-bf8d5u4w | Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities | 2026-03-11T16:00:00+00:00 | 2026-03-11T16:00:00+00:00 |
| cisco-sa-cc-xss-mrnah5jh | Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities | 2026-03-11T16:00:00+00:00 | 2026-03-11T16:00:00+00:00 |
| cisco-sa-fmc-sql-inject-2enmtc8v | Cisco Secure Firewall Management Center Software SQL Injection Vulnerability | 2024-10-23T16:00:00+00:00 | 2026-03-04T16:11:01+00:00 |
| cisco-sa-asaftd-cmd-inj-zjv8wysm | Cisco Adaptive Security Appliance and Firepower Threat Defense Software Command Injection Vulnerability | 2024-04-24T16:00:00+00:00 | 2026-03-04T16:10:59+00:00 |
| cisco-sa-snort3-multi-dos-xfwkwswz | Multiple Cisco Products Snort 3 Denial of Service Vulnerabilities | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2026-4897 | Polkit: polkit: denial of service via unbounded input processing through standard input | 2026-03-02T00:00:00.000Z | 2026-04-03T01:39:27.000Z |
| msrc_cve-2026-2100 | P11-kit: p11-kit: null dereference via c_derivekey with specific null parameters | 2026-03-02T00:00:00.000Z | 2026-04-03T01:39:20.000Z |
| msrc_cve-2026-5107 | FRRouting FRR EVPN Type-2 Route bgp_evpn.c process_type2_route access control | 2026-03-02T00:00:00.000Z | 2026-04-03T01:39:08.000Z |
| msrc_cve-2026-23401 | KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE | 2026-04-02T00:00:00.000Z | 2026-04-03T01:39:03.000Z |
| msrc_cve-2025-66038 | OpenSC: `sc_compacttlv_find_tag` can return out-of-bounds pointers | 2026-03-02T00:00:00.000Z | 2026-04-03T01:38:58.000Z |
| msrc_cve-2025-49010 | OpenSC: Stack-buffer-overflow WRITE in GET RESPONSE | 2026-03-02T00:00:00.000Z | 2026-04-03T01:38:47.000Z |
| msrc_cve-2026-34073 | cryptography has incomplete DNS name constraint enforcement on peer names | 2026-03-02T00:00:00.000Z | 2026-04-03T01:01:25.000Z |
| msrc_cve-2026-32287 | Infinite loop in github.com/antchfx/xpath | 2026-03-02T00:00:00.000Z | 2026-04-02T14:39:36.000Z |
| msrc_cve-2026-29785 | NATS Server panic via malicious compression on leafnode port | 2026-03-02T00:00:00.000Z | 2026-04-02T14:39:26.000Z |
| msrc_cve-2026-33216 | NATS has MQTT plaintext password disclosure | 2026-03-02T00:00:00.000Z | 2026-04-02T14:39:18.000Z |
| msrc_cve-2026-2436 | Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake | 2026-03-02T00:00:00.000Z | 2026-04-02T14:39:00.000Z |
| msrc_cve-2026-4732 | Out-of-bounds Read Overflow in tildearrow/furnace | 2026-03-02T00:00:00.000Z | 2026-04-02T14:38:55.000Z |
| msrc_cve-2026-5119 | Libsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishment | 2026-03-02T00:00:00.000Z | 2026-04-02T14:38:47.000Z |
| msrc_cve-2026-5201 | Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image | 2026-03-02T00:00:00.000Z | 2026-04-02T14:38:36.000Z |
| msrc_cve-2026-33554 | CVE-2026-33554 | 2026-03-02T00:00:00.000Z | 2026-04-02T14:38:17.000Z |
| msrc_cve-2025-66037 | OpenSC: Out of Bounds vulnerability | 2026-03-02T00:00:00.000Z | 2026-04-02T14:37:54.000Z |
| msrc_cve-2025-66215 | OpenSC: Stack-buffer-overflow WRITE in card-oberthur | 2026-03-02T00:00:00.000Z | 2026-04-02T14:37:46.000Z |
| msrc_cve-2026-33107 | Azure Databricks Elevation of Privilege Vulnerability | 2026-04-02T07:00:00.000Z | 2026-04-02T07:00:00.000Z |
| msrc_cve-2026-33105 | Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | 2026-04-02T07:00:00.000Z | 2026-04-02T07:00:00.000Z |
| msrc_cve-2026-32213 | Azure AI Foundry Elevation of Privilege Vulnerability | 2026-04-02T07:00:00.000Z | 2026-04-02T07:00:00.000Z |
| msrc_cve-2026-32211 | Azure MCP Server Information Disclosure Vulnerability | 2026-04-02T07:00:00.000Z | 2026-04-02T07:00:00.000Z |
| msrc_cve-2026-32186 | Microsoft Bing Elevation of Privilege Vulnerability | 2026-04-02T07:00:00.000Z | 2026-04-02T07:00:00.000Z |
| msrc_cve-2026-32173 | Azure SRE Agent Information Disclosure Vulnerability | 2026-04-02T07:00:00.000Z | 2026-04-02T07:00:00.000Z |
| msrc_cve-2026-26135 | Azure Custom Locations Resource Provider (RP) Elevation of Privilege Vulnerability | 2026-04-02T07:00:00.000Z | 2026-04-02T07:00:00.000Z |
| msrc_cve-2026-34043 | Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects | 2026-03-02T00:00:00.000Z | 2026-04-02T01:40:32.000Z |
| msrc_cve-2026-33542 | Incus does not verify combined fingerprint when downloading images from simplestreams servers | 2026-03-02T00:00:00.000Z | 2026-04-02T01:40:07.000Z |
| msrc_cve-2026-33936 | python-ecdsa: Denial of Service via improper DER length validation in crafted private keys | 2026-03-02T00:00:00.000Z | 2026-04-02T01:39:58.000Z |
| msrc_cve-2026-33750 | brace-expansion: Zero-step sequence causes process hang and memory exhaustion | 2026-03-02T00:00:00.000Z | 2026-04-02T01:39:52.000Z |
| msrc_cve-2026-0964 | Libssh: improper sanitation of paths received from scp servers | 2026-03-02T00:00:00.000Z | 2026-04-02T01:39:41.000Z |
| msrc_cve-2026-0966 | Libssh: buffer underflow in ssh_get_hexa() on invalid input | 2026-03-02T00:00:00.000Z | 2026-04-02T01:39:33.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ncsc-2026-0106 | Kwetsbaarheden verholpen in Cisco Integrated Management Controller | 2026-04-03T10:34:46.145536Z | 2026-04-03T10:34:46.145536Z |
| ncsc-2026-0105 | Kwetsbaarheden verholpen in Cisco Nexus Dashboard en Nexus Dashboard Insights | 2026-04-03T08:20:48.187725Z | 2026-04-03T08:20:48.187725Z |
| ncsc-2026-0047 | Kwetsbaarheid verholpen in Fortinet FortiClient EMS | 2026-02-09T10:16:18.048622Z | 2026-03-30T11:36:22.656910Z |
| ncsc-2025-0319 | Kwetsbaarheden verholpen in F5 Networks BIG-IP, F5OS en NGINX App Protect WAF | 2025-10-15T15:21:14.871532Z | 2026-03-27T18:09:03.259108Z |
| ncsc-2026-0104 | Kwetsbaarheden verholpen in Cisco IOS XE Software | 2026-03-26T09:50:03.269095Z | 2026-03-26T09:50:03.269095Z |
| ncsc-2026-0103 | Kwetsbaarheden verholpen in GitLab | 2026-03-26T09:48:10.874427Z | 2026-03-26T09:48:10.874427Z |
| ncsc-2026-0102 | Kwetsbaarheden verholpen in Apple macOS | 2026-03-25T14:15:56.073353Z | 2026-03-25T14:15:56.073353Z |
| ncsc-2026-0101 | Kwetsbaarheden verholpen in Apple iOS en iPadOS | 2026-03-25T14:02:07.392994Z | 2026-03-25T14:02:07.392994Z |
| ncsc-2026-0100 | Kwetsbaarheden verholpen in Citrix Netscaler ADC en Netscaler Gateway | 2026-03-23T13:43:30.957806Z | 2026-03-23T13:43:30.957806Z |
| ncsc-2026-0099 | Kwetsbaarheid verholpen in Oracle Identity Manager en Oracle Web Services Manager | 2026-03-20T15:56:12.716324Z | 2026-03-20T15:56:12.716324Z |
| ncsc-2026-0010 | Kwetsbaarheden verholpen in Microsoft Office | 2026-01-13T19:18:45.984019Z | 2026-03-20T14:03:59.225773Z |
| ncsc-2026-0076 | Kwetsbaarheden verholpen in Cisco Secure Firewall Management Center | 2026-03-04T20:49:12.211658Z | 2026-03-19T11:48:18.917205Z |
| ncsc-2026-0098 | Kwetsbaarheden verholpen in Apple iOS en iPadOS | 2026-03-13T08:41:19.155490Z | 2026-03-13T08:41:19.155490Z |
| ncsc-2026-0097 | Kwetsbaarheden verholpen in Google Chrome | 2026-03-13T08:33:43.877125Z | 2026-03-13T08:33:43.877125Z |
| ncsc-2026-0096 | Kwetsbaarheden verholpen in Veeam Backup & Replication | 2026-03-12T14:54:08.200676Z | 2026-03-12T14:54:08.200676Z |
| ncsc-2026-0095 | Kwetsbaarheid verholpen in pac4j-jwt | 2026-03-12T14:45:51.156512Z | 2026-03-12T14:45:51.156512Z |
| ncsc-2026-0094 | Kwetsbaarheden verholpen in Cisco IOS XR | 2026-03-12T14:44:08.106602Z | 2026-03-12T14:44:08.106602Z |
| ncsc-2026-0093 | Kwetsbaarheden verholpen in GitLab | 2026-03-12T14:42:46.936248Z | 2026-03-12T14:42:46.936248Z |
| ncsc-2026-0092 | Kwetsbaarheden verholpen in Fortinet FortiWeb | 2026-03-12T07:46:15.529522Z | 2026-03-12T07:46:15.529522Z |
| ncsc-2026-0091 | Kwetsbaarheden verholpen in SAP-producten | 2026-03-12T07:24:16.575638Z | 2026-03-12T07:24:16.575638Z |
| ncsc-2026-0090 | Kwetsbaarheden verholpen in Adobe Experience Manager | 2026-03-12T07:12:51.952931Z | 2026-03-12T07:12:51.952931Z |
| ncsc-2026-0089 | Kwetsbaarheden verholpen in Adobe Acrobat Reader | 2026-03-12T07:03:24.148324Z | 2026-03-12T07:03:24.148324Z |
| ncsc-2026-0088 | Kwetsbaarheden verholpen in Adobe Illustrator | 2026-03-12T06:55:39.712240Z | 2026-03-12T06:55:39.712240Z |
| ncsc-2026-0087 | Kwetsbaarheden verholpen in Adobe Commerce | 2026-03-12T06:49:56.459199Z | 2026-03-12T06:49:56.459199Z |
| ncsc-2026-0086 | Kwetsbaarheden verholpen in Fortinet FortiManager en FortiAnalyzer | 2026-03-11T09:19:38.777277Z | 2026-03-11T09:19:38.777277Z |
| ncsc-2026-0085 | Kwetsbaarheden verholpen in Microsoft Developer tools | 2026-03-10T20:35:10.478398Z | 2026-03-10T20:35:10.478398Z |
| ncsc-2026-0084 | Kwetsbaarheden verholpen in Microsoft Office | 2026-03-10T20:20:08.157658Z | 2026-03-10T20:20:08.157658Z |
| ncsc-2026-0083 | Kwetsbaarheid verholpen in Microsoft Authenticator app | 2026-03-10T20:18:35.792755Z | 2026-03-10T20:18:35.792755Z |
| ncsc-2026-0082 | Kwetsbaarheden verholpen in Microsoft Azure | 2026-03-10T20:15:41.528951Z | 2026-03-10T20:15:41.528951Z |
| ncsc-2026-0081 | Kwetsbaarheden verholpen in Microsoft SQL Server | 2026-03-10T20:12:56.032261Z | 2026-03-10T20:12:56.032261Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| nn-2025:18-01 | Lack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0 | 2026-03-04T11:00:00.000Z | 2026-03-04T11:00:00.000Z |
| nn-2025:17-01 | HTML injection in Sensor Map in CMC before 25.6.0 | 2026-03-04T11:00:00.000Z | 2026-03-04T11:00:00.000Z |
| nn-2025:16-01 | HTML injection in Alerted Nodes Dashboard in Guardian/CMC before 25.6.0 | 2026-03-04T11:00:00.000Z | 2026-03-04T11:00:00.000Z |
| nn-2025:15-01 | Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:14-01 | HTML injection in Asset List in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:13-01 | Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:12-01 | HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:11-01 | Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 | 2025-11-25T11:00:00.000Z | 2025-11-26T11:00:00.000Z |
| nn-2025:9-01 | Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:8-01 | Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:7-01 | Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:6-01 | Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:5-01 | Incorrect authorization for CLI in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:4-01 | Client-side path traversal in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:10-01 | Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:3-01 | Incorrect authorization for traces request/download in CMC before 25.1.0 | 2025-08-26T11:00:00.000Z | 2025-08-26T11:00:00.000Z |
| nn-2025:2-01 | Privilege escalation in Guardian/CMC before 24.6.0 | 2025-06-10T11:00:00.000Z | 2025-06-10T11:00:00.000Z |
| nn-2025:1-01 | Authenticated RCE in update functionality in Guardian/CMC before 24.6.0 | 2025-06-10T11:00:00.000Z | 2025-06-10T11:00:00.000Z |
| nn-2024:2-01 | Incorrect authorization for Reports configuration in Guardian/CMC before 24.2.0 | 2024-09-11T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2024:1-01 | DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:9-01 | Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:8-01 | Session Fixation in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:7-01 | DoS via SAML configuration in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:6-01 | Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:4-01 | Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:3-01 | Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:2-01 | Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:17-01 | Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:15-01 | Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0 | 2024-05-15T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:12-01 | Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 | 2024-01-15T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2026:10481-1 | python314-3.14.3-4.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10480-1 | python313-3.13.12-3.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10479-1 | python312-3.12.13-4.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10478-1 | python311-3.11.15-4.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10477-1 | python310-3.10.20-3.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10476-1 | python311-Pygments-2.20.0-2.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10475-1 | opensc-0.27.1-1.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10474-1 | ignition-2.26.0-3.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10473-1 | dnsdist-2.0.3-1.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10472-1 | conftest-0.67.1-2.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10464-1 | python311-pypdf-6.9.2-1.1 on GA media | 2026-03-30T00:00:00Z | 2026-03-30T00:00:00Z |
| opensuse-su-2026:10463-1 | netty-4.1.132-1.1 on GA media | 2026-03-30T00:00:00Z | 2026-03-30T00:00:00Z |
| opensuse-su-2026:10462-1 | heroic-games-launcher-2.20.1-4.1 on GA media | 2026-03-30T00:00:00Z | 2026-03-30T00:00:00Z |
| opensuse-su-2026:10457-1 | xen-4.21.1_02-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10456-1 | tailscale-1.96.4-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10455-1 | python311-requests-2.33.0-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10454-1 | python311-cryptography-46.0.6-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10453-1 | libpolkit-agent-1-0-127-3.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10452-1 | libjavamapscript-8.6.1-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10451-1 | libpng16-16-1.6.56-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10450-1 | incus-6.23-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10449-1 | gsl-2.8-5.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10448-1 | bind-9.20.21-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10447-1 | MozillaThunderbird-140.9.0-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10446-1 | ImageMagick-7.1.2.18-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10441-1 | strongswan-6.0.5-1.1 on GA media | 2026-03-26T00:00:00Z | 2026-03-26T00:00:00Z |
| opensuse-su-2026:10440-1 | jupyter-nbclassic-1.3.3-1.1 on GA media | 2026-03-26T00:00:00Z | 2026-03-26T00:00:00Z |
| opensuse-su-2026:10439-1 | plexus-utils-4.0.2-2.1 on GA media | 2026-03-26T00:00:00Z | 2026-03-26T00:00:00Z |
| opensuse-su-2026:10438-1 | openbao-2.5.2-1.1 on GA media | 2026-03-26T00:00:00Z | 2026-03-26T00:00:00Z |
| opensuse-su-2026:10437-1 | libnghttp2-14-1.68.1-1.1 on GA media | 2026-03-26T00:00:00Z | 2026-03-26T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| oxdc-adv-2026-0001 | OX Dovecot Security Advisory OXDC-ADV-2026-0001 | 2026-03-27T00:00:00+00:00 | 2026-03-27T00:00:00+00:00 |
| oxdc-adv-2025-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 | 2025-10-31T00:00:00+00:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0003 | OX App Suite Security Advisory OXAS-ADV-2025-0003 | 2025-09-24T00:00:00+02:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0002 | OX App Suite Security Advisory OXAS-ADV-2025-0002 | 2025-08-12T00:00:00+02:00 | 2025-10-31T00:00:00+00:00 |
| oxas-adv-2025-0001 | OX App Suite Security Advisory OXAS-ADV-2025-0001 | 2025-01-27T00:00:00+01:00 | 2025-04-07T00:00:00+00:00 |
| oxdc-adv-2024-0003 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| oxdc-adv-2024-0002 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| oxas-adv-2024-0005 | OX App Suite Security Advisory OXAS-ADV-2024-0005 | 2024-07-08T00:00:00+02:00 | 2024-09-09T00:00:00+00:00 |
| oxdc-adv-2024-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001 | 2024-09-02T00:00:00+02:00 | 2024-09-06T00:00:00+00:00 |
| oxas-adv-2024-0004 | OX App Suite Security Advisory OXAS-ADV-2024-0004 | 2024-06-13T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| oxas-adv-2024-0003 | OX App Suite Security Advisory OXAS-ADV-2024-0003 | 2024-04-24T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| oxas-adv-2024-0002 | OX App Suite Security Advisory OXAS-ADV-2024-0002 | 2024-03-06T00:00:00+01:00 | 2024-05-06T00:00:00+00:00 |
| oxas-adv-2024-0001 | OX App Suite Security Advisory OXAS-ADV-2024-0001 | 2024-02-08T00:00:00+01:00 | 2024-04-25T00:00:00+00:00 |
| oxas-adv-2023-0007 | OX App Suite Security Advisory OXAS-ADV-2023-0007 | 2023-12-11T00:00:00+01:00 | 2024-02-16T00:00:00+00:00 |
| oxas-adv-2023-0006 | OX App Suite Security Advisory OXAS-ADV-2023-0006 | 2023-09-25T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0005 | OX App Suite Security Advisory OXAS-ADV-2023-0005 | 2023-09-19T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0004 | OX App Suite Security Advisory OXAS-ADV-2023-0004 | 2023-08-01T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0003 | OX App Suite Security Advisory OXAS-ADV-2023-0003 | 2023-05-02T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0002 | OX App Suite Security Advisory OXAS-ADV-2023-0002 | 2023-03-20T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0001 | OX App Suite Security Advisory OXAS-ADV-2023-0001 | 2023-02-06T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2022-0002 | OX App Suite Security Advisory OXAS-ADV-2022-0002 | 2022-11-02T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2022-0001 | OX App Suite Security Advisory OXAS-ADV-2022-0001 | 2022-08-10T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2026:6429 | Red Hat Security Advisory: Multicluster Global Hub 1.4.5 security update | 2026-04-02T07:56:10+00:00 | 2026-04-03T08:06:02+00:00 |
| rhsa-2026:6497 | Red Hat Security Advisory: Red Hat Quay 3.16.3 | 2026-04-02T15:17:12+00:00 | 2026-04-03T08:06:00+00:00 |
| rhsa-2026:6428 | Red Hat Security Advisory: Network Observability 1.11.1 for OpenShift | 2026-04-02T07:50:38+00:00 | 2026-04-03T08:06:00+00:00 |
| rhsa-2026:6278 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update | 2026-03-31T16:23:06+00:00 | 2026-04-03T08:05:59+00:00 |
| rhsa-2026:6277 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update | 2026-03-31T16:12:45+00:00 | 2026-04-03T08:05:58+00:00 |
| rhsa-2026:6226 | Red Hat Security Advisory: Multicluster Global Hub 1.6.2 security update | 2026-03-31T02:53:32+00:00 | 2026-04-03T08:05:57+00:00 |
| rhsa-2026:6192 | Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.27.0 Release. | 2026-03-30T15:41:48+00:00 | 2026-04-03T08:05:57+00:00 |
| rhsa-2026:6191 | Red Hat Security Advisory: container-tools:rhel8 security update | 2026-03-30T16:08:31+00:00 | 2026-04-03T08:05:56+00:00 |
| rhsa-2026:5971 | Red Hat Security Advisory: Satellite 6.16.7 Async Update | 2026-03-26T20:30:38+00:00 | 2026-04-03T08:05:55+00:00 |
| rhsa-2026:5970 | Red Hat Security Advisory: Satellite 6.17.7 Async Update | 2026-03-26T20:28:38+00:00 | 2026-04-03T08:05:55+00:00 |
| rhsa-2026:5968 | Red Hat Security Advisory: Satellite 6.18.4 Async Update | 2026-03-26T19:47:53+00:00 | 2026-04-03T08:05:55+00:00 |
| rhsa-2026:5952 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.2.3 | 2026-03-26T15:03:15+00:00 | 2026-04-03T08:05:53+00:00 |
| rhsa-2026:5950 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.1.6 | 2026-03-26T14:51:43+00:00 | 2026-04-03T08:05:53+00:00 |
| rhsa-2026:5948 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.0.9 | 2026-03-26T14:31:40+00:00 | 2026-04-03T08:05:53+00:00 |
| rhsa-2026:5907 | Red Hat Security Advisory: OpenShift Container Platform 4.17.52 bug fix and security update | 2026-04-01T03:47:45+00:00 | 2026-04-03T08:05:51+00:00 |
| rhsa-2026:5878 | Red Hat Security Advisory: OpenShift Container Platform 4.19.27 bug fix and security update | 2026-04-01T09:48:10+00:00 | 2026-04-03T08:05:51+00:00 |
| rhsa-2026:5876 | Red Hat Security Advisory: OpenShift Container Platform 4.19.27 packages and security update | 2026-04-01T10:19:18+00:00 | 2026-04-03T08:05:51+00:00 |
| rhsa-2026:5866 | Red Hat Security Advisory: OpenShift Container Platform 4.17.52 packages and security update | 2026-04-01T09:29:07+00:00 | 2026-04-03T08:05:51+00:00 |
| rhsa-2026:5851 | Red Hat Security Advisory: DevWorkspace Operator 0.40.0 release. | 2026-03-25T23:56:41+00:00 | 2026-04-03T08:05:49+00:00 |
| rhsa-2026:5665 | Red Hat Security Advisory: Red Hat Quay 3.10.19 | 2026-03-24T18:02:58+00:00 | 2026-04-03T08:05:49+00:00 |
| rhsa-2026:5645 | Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.17.1 | 2026-03-24T15:38:55+00:00 | 2026-04-03T08:05:49+00:00 |
| rhsa-2026:5636 | Red Hat Security Advisory: multicluster engine for Kubernetes v2.7.9 security update | 2026-03-24T14:23:47+00:00 | 2026-04-03T08:05:49+00:00 |
| rhsa-2026:5633 | Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes v2.12.8 security update | 2026-03-24T14:07:27+00:00 | 2026-04-03T08:05:48+00:00 |
| rhsa-2026:5549 | Red Hat Security Advisory: Red Hat OpenShift Builds 1.6.4 | 2026-03-24T07:31:25+00:00 | 2026-04-03T08:05:48+00:00 |
| rhsa-2026:5452 | Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release | 2026-03-23T16:13:04+00:00 | 2026-04-03T08:05:47+00:00 |
| rhsa-2026:5394 | Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 director Operator container images | 2026-03-23T13:04:11+00:00 | 2026-04-03T08:05:47+00:00 |
| rhsa-2026:5234 | Red Hat Security Advisory: skopeo security update | 2026-03-23T02:36:02+00:00 | 2026-04-03T08:05:47+00:00 |
| rhsa-2026:5110 | Red Hat Security Advisory: Multicluster Global Hub 1.5.4 security update | 2026-03-19T10:27:09+00:00 | 2026-04-03T08:05:47+00:00 |
| rhsa-2026:5168 | Red Hat Security Advisory: Red Hat Quay 3.9.19 | 2026-03-19T19:18:06+00:00 | 2026-04-03T08:05:46+00:00 |
| rhsa-2026:5146 | Red Hat Security Advisory: yggdrasil security update | 2026-03-19T16:04:46+00:00 | 2026-04-03T08:05:46+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| sevd-2026-069-02 | Improper Neutralization vulnerability in Multiple Products | 2026-03-10T07:00:00.000Z | 2026-03-31T07:00:00.000Z |
| sevd-2026-069-01 | Improper Resource Shutdown or Release vulnerability in Multiple Products | 2026-03-10T07:00:00.000Z | 2026-03-31T07:00:00.000Z |
| sevd-2026-069-03 | Deserialization of Untrusted Data vulnerability on EcoStruxure™ Foxboro DCS | 2026-03-10T07:00:00.000Z | 2026-03-13T07:00:00.000Z |
| sevd-2026-069-06 | Deserialization of Untrusted Data vulnerability on Multiple Products | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2026-069-05 | Use of Hard-coded Credentials vulnerability in EcoStruxure™ IT Data Center Expert | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2026-069-04 | Improper Control of Generation of Code ('Code Injection') vulnerability on EcoStruxure™ Automation Expert | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2026-013-04 | Multiple Vulnerabilities on EcoStruxure Power Build Rapsody | 2026-01-13T08:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2026-013-01 | Multiple Third-Party Vulnerabilities on ProLeiT Plant iT/Brewmaxx | 2026-01-13T08:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2025-014-07 | FlexNet Publisher Vulnerability | 2025-01-14T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2026-041-02 | Multiple Vulnerabilities on EcoStruxure™ Building Operation Workstation and EcoStruxure™ Building Operation Webstation | 2026-02-10T08:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2026-041-01 | Improper Check for Unusual or Exceptional Conditions on Multiple Products | 2026-02-10T08:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2025-343-01 | EcoStruxure™ Foxboro DCS | 2025-12-09T08:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2025-189-03 | EcoStruxure™ Power Operation | 2025-07-08T04:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2025-042-02 | Improper Input Validation Vulnerability in Uni-Telway Driver | 2025-02-11T05:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2026-013-03 | Multiple Vulnerabilities on Zigbee Products | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2026-013-02 | Incorrect Default Permissions Vulnerability on EcoStruxure™ Process Expert | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2025-014-06 | RemoteConnect and SCADAPack™ x70 Utilities | 2025-01-14T00:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2024-317-03 | Modicon Controllers M340 / Momentum / MC80 | 2024-11-12T05:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2025-343-02 | EcoStruxure™ Foxboro DCS Advisor | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| sevd-2025-252-01 | Multiple Altivar Process Drives and Communication Modules | 2025-09-09T04:00:00.000Z | 2025-12-09T08:00:00.000Z |
| sevd-2023-192-04 | CODESYS Runtime Vulnerabilities | 2023-07-11T07:15:18.000Z | 2025-12-09T08:00:00.000Z |
| sevd-2021-159-04 | ISaGRAF Vulnerabilities in IEC 61131-3 Programming and Engineering Tools | 2021-06-08T04:36:25.000Z | 2025-11-15T00:00:00.000Z |
| sevd-2022-284-03 | ISaGRAF Workbench for SAGE RTU | 2022-10-10T22:13:16.000Z | 2025-11-14T06:30:00.000Z |
| sevd-2025-315-02 | EcoStruxure™ Machine SCADA Expert & Pro-face BLUE Open Studio | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| sevd-2025-315-01 | PowerChute™ Serial Shutdown | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| sevd-2025-224-02 | EcoStruxure™ Power Monitoring Expert Software & EcoStruxure™ Power Operation (EPO) and EcoStruxure™ Power SCADA Operation (PSO) | 2025-08-12T04:00:00.000Z | 2025-11-11T08:00:00.000Z |
| sevd-2025-224-01 | Saitel DR & Saitel DP Remote Terminal Unit | 2025-08-12T04:00:00.000Z | 2025-11-11T08:00:00.000Z |
| sevd-2025-287-01 | EcoStruxure™ OPC UA Server Expert and EcoStruxure™ Modicon Communication Server | 2025-10-14T07:00:00.000Z | 2025-10-14T07:00:00.000Z |
| sevd-2025-133-01 | Modicon Controllers M241/M251/M258/LMC058 | 2025-05-13T04:00:00.000Z | 2025-10-14T07:00:00.000Z |
| sevd-2024-345-03 | Modicon M241 / M251 / M258 / LMC058 | 2024-12-10T05:00:00.000Z | 2025-10-14T07:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| sca-2026-0006 | Vulnerabilities affecting SICK Lector85x and SICK Lector83x | 2026-03-06T14:00:00.000Z | 2026-03-06T14:00:00.000Z |
| sca-2026-0005 | Vulnerabilities affecting SICK LMS1000 and SICK MRS1000 | 2026-02-27T14:00:00.000Z | 2026-02-27T14:00:00.000Z |
| sca-2026-0004 | Eclipse Cyclone DDS Vulnerabilities have no impact on SICK picoScan150 & SICK picoScan120 products | 2026-02-13T14:00:00.000Z | 2026-02-13T14:00:00.000Z |
| sca-2026-0003 | Vulnerability affecting SICK nanoScan3 and microScan3 | 2026-01-26T14:00:00.000Z | 2026-01-26T14:00:00.000Z |
| sca-2026-0002 | Vulnerabilities affecting SICK Incoming Goods Suite | 2026-01-15T14:00:00.000Z | 2026-01-22T19:00:00.000Z |
| sca-2026-0001 | Vulnerabilities affecting SICK TDC-X401GL | 2026-01-15T14:00:00.000Z | 2026-01-15T14:00:00.000Z |
| sca-2025-0013 | Vulnerabilities affecting SICK TLOC100-100 | 2025-10-27T14:00:00.000Z | 2025-11-11T14:00:00.000Z |
| sca-2025-0014 | CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC | 2025-11-03T11:00:00.000Z | 2025-11-03T14:00:00.000Z |
| sca-2025-0012 | Sudo vulnerability affects SICK SID products | 2025-10-27T11:00:00.000Z | 2025-10-27T14:00:00.000Z |
| sca-2025-0011 | Vulnerabilities affecting Endress+Hauser SSG-E210GC | 2025-10-02T13:00:00.000Z | 2025-10-02T13:00:00.000Z |
| sca-2025-0010 | Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products | 2025-10-02T13:00:00.000Z | 2025-10-02T13:00:00.000Z |
| sca-2025-0009 | Vulnerabilities affecting SICK TDC-E210GC | 2025-08-01T13:00:00.000Z | 2025-08-01T13:00:00.000Z |
| sca-2025-0008 | Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 | 2025-07-03T13:00:00.000Z | 2025-07-03T13:00:00.000Z |
| sca-2025-0007 | Multiple vulnerabilities in SICK Field Analytics and SICK Media Server | 2025-06-12T13:00:00.000Z | 2025-06-12T13:00:00.000Z |
| sca-2025-0003 | FreeRTOS Vulnerabilities have no impact on SICK Products | 2025-02-28T00:00:00.000Z | 2025-05-20T11:00:00.000Z |
| sca-2025-0006 | Vulnerability affecting picoScan and multiScan | 2025-04-28T13:00:00.000Z | 2025-04-28T13:00:00.000Z |
| sca-2025-0005 | Vulnerabilities in SICK Flexi Compact | 2025-04-28T10:00:00.000Z | 2025-04-28T10:00:00.000Z |
| sca-2025-0004 | Critical vulnerabilities in SICK DL100-2xxxxxxx | 2025-03-14T11:00:00.000Z | 2025-03-14T11:00:00.000Z |
| sca-2025-0001 | Multiple vulnerabilities in SICK MEAC300 | 2025-02-14T14:00:00.000Z | 2025-02-21T14:00:00.000Z |
| sca-2025-0002 | Vulnerability in SICK Lector8xx and SICK InspectorP8xx | 2025-02-14T10:19:00.000Z | 2025-02-14T10:19:00.000Z |
| sca-2024-0007 | Vulnerability in SICK OLM | 2024-12-31T00:00:00.000Z | 2024-12-31T00:00:00.000Z |
| sca-2024-0006 | Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx | 2024-12-06T00:00:00.000Z | 2024-12-06T00:00:00.000Z |
| sca-2024-0005 | Vulnerability in SICK Incoming Goods Suite | 2024-11-19T00:00:00.000Z | 2024-11-19T00:00:00.000Z |
| sca-2024-0004 | Third party vulnerabilities in SICK CDE-100 | 2024-11-07T12:00:00.000Z | 2024-11-07T12:00:00.000Z |
| sca-2024-0003 | Critical vulnerability in multiple SICK products | 2024-10-17T13:00:00.000Z | 2024-10-17T13:00:00.000Z |
| sca-2024-0002 | Vulnerability in SICK MSC800 | 2024-09-11T23:00:00.000Z | 2024-09-11T23:00:00.000Z |
| sca-2024-0001 | Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics | 2024-01-29T00:00:00.000Z | 2024-01-29T00:00:00.000Z |
| sca-2023-0011 | Vulnerability in multiple SICK Flexi Soft Gateways | 2023-10-23T11:00:00.000Z | 2023-10-23T11:00:00.000Z |
| sca-2023-0010 | Vulnerabilities in SICK Application Processing Unit | 2023-10-09T11:00:00.000Z | 2023-10-09T11:00:00.000Z |
| sca-2023-0008 | Vulnerability in SICK SIM1012 | 2023-09-29T13:00:00.000Z | 2023-09-29T13:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-246443 | SSA-246443: Multiple Vulnerabilities in SICAM 8 Products | 2026-03-26T00:00:00.000Z | 2026-03-26T00:00:00.000Z |
| ssa-452276 | SSA-452276: Eval Injection Vulnerability in SIMATIC S7-1500 | 2026-03-10T00:00:00.000Z | 2026-03-19T00:00:00.000Z |
| ssa-975644 | SSA-975644: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices | 2026-03-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-903736 | SSA-903736: Multiple vulnerabilities in SICAM SIAPP SDK before V2.1.7 | 2026-03-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-868571 | SSA-868571: Missing Server Certificate Validation in IAM Client | 2025-12-09T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-770770 | SSA-770770: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices | 2025-02-11T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-710408 | SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit | 2025-12-09T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-535115 | SSA-535115: Data Validation Vulnerability in NX Before V2512 | 2026-02-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-513708 | SSA-513708: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices | 2025-06-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-485750 | SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800 | 2026-03-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-430425 | SSA-430425: Multiple Vulnerabilities in SINEC Security Monitor before V4.9.0 | 2024-10-08T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-282044 | SSA-282044: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery | 2025-08-12T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-212953 | SSA-212953: Multiple Vulnerabilities in COMOS | 2025-12-09T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-201595 | SSA-201595: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager | 2025-08-14T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-126399 | SSA-126399: Improper Access Control Vulnerability in Heliox EV Chargers | 2026-03-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-082556 | SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5 | 2025-06-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-027652 | SSA-027652: Privilege Escalation Vulnerability in SINAMICS Drives | 2025-09-09T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-613116 | SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1 | 2025-08-12T00:00:00Z | 2026-02-24T00:00:00Z |
| ssa-355557 | SSA-355557: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.2 | 2025-08-12T00:00:00Z | 2026-02-24T00:00:00Z |
| ssa-089022 | SSA-089022: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.3 | 2026-01-28T00:00:00Z | 2026-02-24T00:00:00Z |
| ssa-965753 | SSA-965753: Multiple File Parsing Vulnerabilities in Simcenter Femap and Nastran Before V2512 | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-864900 | SSA-864900: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices | 2025-05-13T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-783261 | SSA-783261: Denial of Service Vulnerability in Automation License Manager (ALM) Before V5.2 | 2012-12-12T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-674753 | SSA-674753: Denial-of-Service Vulnerability in ET 200 Devices | 2026-01-13T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-625934 | SSA-625934: Improper Access Control Vulnerability in the Webhooks Implementation of Siveillance Video Management Servers | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-599451 | SSA-599451: Multiple Vulnerabilities in SiPass integrated | 2025-10-14T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-507364 | SSA-507364: Heap Based Buffer Overflow Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-445819 | SSA-445819: Out of Bounds Read in PS/IGES Parasolid Translator Component in Solid Edge | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-311973 | SSA-311973: Multiple Local Privilege Escalation Vulnerabilities in SINEC NMS and User Management Component (UMC) | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-265688 | SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 | 2024-04-09T00:00:00Z | 2026-02-10T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2026:1179-1 | Security update for libsoup2 | 2026-04-02T15:08:33Z | 2026-04-02T15:08:33Z |
| suse-su-2026:1177-1 | Security update for tar | 2026-04-02T15:00:45Z | 2026-04-02T15:00:45Z |
| suse-su-2026:1174-1 | Security update for LibVNCServer | 2026-04-02T12:43:24Z | 2026-04-02T12:43:24Z |
| suse-su-2026:1173-1 | Security update for LibVNCServer | 2026-04-02T12:43:10Z | 2026-04-02T12:43:10Z |
| suse-su-2026:1171-1 | Security update for python-tornado | 2026-04-02T08:56:19Z | 2026-04-02T08:56:19Z |
| suse-su-2026:1170-1 | Security update for perl-Crypt-URandom | 2026-04-02T08:42:05Z | 2026-04-02T08:42:05Z |
| suse-su-2026:1169-1 | Security update for wireshark | 2026-04-02T08:29:30Z | 2026-04-02T08:29:30Z |
| suse-su-2026:1166-1 | Security update for expat | 2026-04-02T01:08:26Z | 2026-04-02T01:08:26Z |
| suse-su-2026:1165-1 | Security update for freerdp | 2026-04-01T13:40:57Z | 2026-04-01T13:40:57Z |
| suse-su-2026:1164-1 | Security update for freerdp2 | 2026-04-01T13:40:49Z | 2026-04-01T13:40:49Z |
| suse-su-2026:1163-1 | Security update for MozillaThunderbird | 2026-04-01T08:49:11Z | 2026-04-01T08:49:11Z |
| suse-su-2026:1162-1 | Security update for python-tornado | 2026-03-31T22:02:18Z | 2026-03-31T22:02:18Z |
| suse-su-2026:1160-1 | Security update for freerdp | 2026-03-31T15:03:59Z | 2026-03-31T15:03:59Z |
| suse-su-2026:1159-1 | Security update for expat | 2026-03-31T15:03:48Z | 2026-03-31T15:03:48Z |
| suse-su-2026:1158-1 | Security update for python-pyasn1 | 2026-03-31T11:55:53Z | 2026-03-31T11:55:53Z |
| suse-su-2026:1154-1 | Security update for libjxl | 2026-03-31T09:04:47Z | 2026-03-31T09:04:47Z |
| suse-su-2026:0227-2 | Security update for net-snmp | 2026-03-31T08:48:04Z | 2026-03-31T08:48:04Z |
| suse-su-2026:1153-1 | Security update for perl-XML-Parser | 2026-03-31T08:40:07Z | 2026-03-31T08:40:07Z |
| suse-su-2026:1152-1 | Security update for perl-XML-Parser | 2026-03-31T08:28:50Z | 2026-03-31T08:28:50Z |
| suse-su-2026:1150-1 | Security update for webkit2gtk3 | 2026-03-30T17:34:50Z | 2026-03-30T17:34:50Z |
| suse-su-2026:1149-1 | Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools | 2026-03-30T13:44:05Z | 2026-03-30T13:44:05Z |
| suse-su-2026:1148-1 | Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools | 2026-03-30T11:21:20Z | 2026-03-30T11:21:20Z |
| suse-su-2026:1146-1 | Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools | 2026-03-30T09:17:48Z | 2026-03-30T09:17:48Z |
| suse-su-2026:1142-1 | Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools | 2026-03-30T09:16:26Z | 2026-03-30T09:16:26Z |
| suse-su-2026:1141-1 | Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools | 2026-03-30T09:16:08Z | 2026-03-30T09:16:08Z |
| suse-su-2026:1140-1 | Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools | 2026-03-30T09:15:49Z | 2026-03-30T09:15:49Z |
| suse-su-2026:1139-1 | Security update for webkit2gtk3 | 2026-03-30T09:13:58Z | 2026-03-30T09:13:58Z |
| suse-su-2026:1137-1 | Security update for expat | 2026-03-28T02:34:02Z | 2026-03-28T02:34:02Z |
| suse-su-2026:1136-1 | Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 15 SP7) | 2026-03-27T18:04:04Z | 2026-03-27T18:04:04Z |
| suse-su-2026:1132-1 | Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 15 SP7) | 2026-03-27T16:04:11Z | 2026-03-27T16:04:11Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2026:6390 | Moderate: rsync security update | 2026-04-01T00:00:00Z | 2026-04-02T09:23:33Z |
| alsa-2026:6383 | Important: grafana-pcp security update | 2026-04-01T00:00:00Z | 2026-04-02T09:15:46Z |
| alsa-2026:6382 | Important: grafana security update | 2026-04-01T00:00:00Z | 2026-04-02T09:12:36Z |
| alsa-2026:6340 | Important: freerdp security update | 2026-04-01T00:00:00Z | 2026-04-02T09:09:13Z |
| alsa-2026:6153 | Moderate: kernel security update | 2026-03-30T00:00:00Z | 2026-04-02T08:46:53Z |
| alsa-2026:6188 | Important: thunderbird security update | 2026-03-30T00:00:00Z | 2026-04-02T08:18:50Z |
| alsa-2026:6342 | Important: thunderbird security update | 2026-04-01T00:00:00Z | 2026-04-01T11:59:47Z |
| alsa-2026:6301 | Important: squid security update | 2026-03-31T00:00:00Z | 2026-04-01T09:27:45Z |
| alsa-2026:6256 | Important: python3.12 security update | 2026-03-31T00:00:00Z | 2026-04-01T09:23:35Z |
| alsa-2026:6266 | Moderate: libxslt security update | 2026-03-31T00:00:00Z | 2026-04-01T09:19:08Z |
| alsa-2026:6286 | Important: python3.11 security update | 2026-03-31T00:00:00Z | 2026-04-01T09:15:24Z |
| alsa-2026:6285 | Important: python3.12 security update | 2026-03-31T00:00:00Z | 2026-04-01T09:07:09Z |
| alsa-2026:6283 | Important: python3.12 security update | 2026-03-31T00:00:00Z | 2026-04-01T08:56:58Z |
| alsa-2026:6281 | Important: python3.11 security update | 2026-03-31T00:00:00Z | 2026-04-01T08:52:26Z |
| alsa-2026:6004 | Important: freerdp security update | 2026-03-30T00:00:00Z | 2026-03-31T08:19:51Z |
| alsa-2026:5930 | Important: firefox security update | 2026-03-26T00:00:00Z | 2026-03-30T11:00:48Z |
| alsa-2026:6037 | Moderate: kernel security update | 2026-03-30T00:00:00Z | 2026-03-30T10:55:07Z |
| alsa-2026:6036 | Moderate: kernel-rt security update | 2026-03-30T00:00:00Z | 2026-03-30T10:51:16Z |
| alsa-2026:5932 | Important: firefox security update | 2026-03-26T00:00:00Z | 2026-03-30T10:46:04Z |
| alsa-2026:5931 | Important: firefox security update | 2026-03-26T00:00:00Z | 2026-03-30T10:43:43Z |
| alsa-2026:5913 | Moderate: ncurses security update | 2026-03-26T00:00:00Z | 2026-03-27T10:30:59Z |
| alsa-2026:5939 | Important: freerdp security update | 2026-03-26T00:00:00Z | 2026-03-27T10:28:32Z |
| alsa-2026:5941 | Important: golang security update | 2026-03-26T00:00:00Z | 2026-03-27T10:26:32Z |
| alsa-2026:5942 | Important: golang security update | 2026-03-26T00:00:00Z | 2026-03-27T10:17:44Z |
| alsa-2026:5599 | Moderate: nginx security update | 2026-03-24T00:00:00Z | 2026-03-26T13:22:57Z |
| alsa-2026:5581 | Moderate: nginx:1.24 security update | 2026-03-24T00:00:00Z | 2026-03-26T13:17:49Z |
| alsa-2026:5578 | Moderate: virt:rhel and virt-devel:rhel security update | 2026-03-24T00:00:00Z | 2026-03-26T13:09:57Z |
| alsa-2026:5640 | Moderate: mysql:8.4 security update | 2026-03-24T00:00:00Z | 2026-03-26T11:56:07Z |
| alsa-2026:5513 | Moderate: 389-ds:1.4 security update | 2026-03-24T00:00:00Z | 2026-03-26T11:22:25Z |
| alsa-2026:5580 | Moderate: mysql:8.0 security update | 2026-03-24T00:00:00Z | 2026-03-26T11:12:21Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| hsec-2026-0004 | Hackage package metadata stored XSS vulnerability | 2026-03-28T16:05:12Z | 2026-03-28T16:05:12Z |
| hsec-2026-0002 | Hackage CSRF vulnerability | 2026-03-28T16:04:58Z | 2026-03-28T16:04:58Z |
| hsec-2024-0004 | Hackage package and doc upload stored XSS vulnerability | 2026-01-16T11:18:20Z | 2026-01-16T11:18:20Z |
| hsec-2025-0007 | cmark-gfm: resource exhaustion due to quadratic complexity in parser | 2025-12-27T08:58:56Z | 2025-12-27T08:58:56Z |
| hsec-2025-0006 | Private key leak via inherited file descriptor | 2025-11-17T02:22:38Z | 2025-11-17T02:22:38Z |
| hsec-2025-0005 | cabal-install dependency confusion | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0004 | Broken Path Sanitization in spacecookie Library | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0003 | Use after free in multithreaded lzma (.xz) decoder | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0002 | Double Public Key Signing Function Oracle Attack on Ed25519 | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0001 | Subword division operations may produce incorrect results | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0009 | Public key confusion in third-party blocks | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0008 | Sign extension error in the PPC64le FFI | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0007 | Sign extension error in the AArch64 NCG | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0006 | fromIntegral: conversion error | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0003 | process: command injection via argument list on Windows | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0002 | out-of-bounds write when there are many bzip2 selectors | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0001 | Reflected XSS vulnerability in keter | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0015 | cabal-install uses expired key policies | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0014 | Arbitrary file write is possible when using PDF output or --extract-media with untrusted input | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0013 | git-annex plaintext storage of embedded credentials on encrypted remotes | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0012 | git-annex checksum exposure to encrypted special remotes | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0011 | git-annex GPG decryption attack via compromised remote | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0010 | git-annex private data exfiltration to compromised remote | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0009 | git-annex command injection via malicious SSH hostname | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0008 | Stored XSS in hledger-web | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0007 | readFloat: memory exhaustion with large exponent | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0006 | x509-validation does not enforce pathLenConstraint | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0005 | tls-extra: certificate validation does not check Basic Constraints | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0004 | xml-conduit unbounded entity expansion | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0003 | code injection in xmonad-contrib | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| osec-2026-01 | Buffer Over-Read in OCaml Marshal Deserialization | 2026-02-17T13:30:00Z | 2026-02-27T09:30:00Z |
| osec-2026-02 | ARP unbounded memory usage | 2026-02-18T10:30:00Z | 2026-02-18T10:30:00Z |
| osec-2022-01 | Infinite loop in console output on xen | 2022-12-07T00:00:00Z | 2026-02-18T09:30:00Z |
| osec-2025-01 | Albatross console out of memory | 2025-08-15T00:18:22Z | 2026-01-13T12:00:00Z |
| osec-2019-02 | Grant unshare vulnerability in mirage-xen | 2019-04-26T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2019-01 | Memory disclosure in mirage-net-xen | 2019-03-21T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2016-02 | Memory disclosure in mirage-net-xen | 2016-05-03T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2023-01 | Time of check time of use issue in opam's cache | 2023-05-25T12:00:00Z | 2026-01-09T12:00:00Z |
| osec-2016-01 | Buffer overflow and information leak in OCaml < 4.03.0 | 2016-04-29T00:18:22Z | 2026-01-01T12:00:00Z |
| osec-2018-01 | An integer overflow in the `bigarray` serialization module leads to arbitrary code execution | 2018-04-06T18:29:00Z | 2025-12-16T12:00:00Z |
| osec-2017-01 | Local privilege escalation issue with ocaml binaries | 2017-06-23T15:19:47Z | 2025-12-16T12:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2024-269 | Security exception in java.base/java.util.stream.AbstractPipeline.evaluate | 2024-04-18T00:04:02.456948Z | 2026-04-03T14:25:18.589112Z |
| osv-2023-307 | Heap-buffer-overflow in bit_read_BB | 2023-04-13T14:02:09.774988Z | 2026-04-03T14:23:49.907844Z |
| osv-2022-714 | Heap-buffer-overflow in dynapi_set_helper | 2022-08-15T00:00:47.794062Z | 2026-04-03T14:22:42.363788Z |
| osv-2022-653 | Heap-double-free in dwg_free_common_entity_data | 2022-07-30T00:01:52.491112Z | 2026-04-03T14:22:27.383539Z |
| osv-2022-400 | Heap-double-free in dwg_free_XRECORD_private | 2022-05-08T00:00:40.782520Z | 2026-04-03T14:19:57.376767Z |
| osv-2022-379 | Segv on unknown address in bit_write_TV | 2022-04-27T00:00:44.539231Z | 2026-04-03T14:19:55.840640Z |
| osv-2022-372 | Heap-buffer-overflow in dwg_encode_VERTEX_2D | 2022-04-26T00:00:09.352798Z | 2026-04-03T14:19:47.425304Z |
| osv-2022-1259 | Heap-buffer-overflow in dwg_decode_INSERT_private | 2022-12-13T13:00:46.870838Z | 2026-04-03T14:18:57.289239Z |
| osv-2022-1198 | Heap-buffer-overflow in dwg_json_LTYPE | 2022-11-23T13:02:06.623044Z | 2026-04-03T14:18:53.973603Z |
| osv-2022-1176 | Heap-double-free in dwg_free | 2022-11-18T13:00:26.857477Z | 2026-04-03T14:18:49.246998Z |
| osv-2021-1086 | Heap-buffer-overflow in dwg_convert_SAB_to_SAT1 | 2021-08-02T00:00:31.888461Z | 2026-04-03T14:18:36.016382Z |
| osv-2021-1343 | Heap-buffer-overflow in get_next_owned_entity | 2021-09-21T00:01:33.177403Z | 2026-04-03T14:18:23.928824Z |
| osv-2024-451 | Use-of-uninitialized-value in XpackDynamicTable::_make_space | 2024-05-08T00:14:48.544622Z | 2026-04-03T14:17:40.819969Z |
| osv-2022-388 | Segv on unknown address in dwg_ref_get_object | 2022-05-01T00:01:54.904711Z | 2026-04-03T14:13:28.160208Z |
| osv-2023-390 | Heap-buffer-overflow in sdhci_write | 2023-05-12T14:00:08.854823Z | 2026-04-02T14:44:40.412675Z |
| osv-2022-581 | Heap-buffer-overflow in megasas_map_sgl | 2022-07-14T00:00:45.644503Z | 2026-04-02T14:37:15.893698Z |
| osv-2021-820 | UNKNOWN READ in virtio_gpu_disable_scanout | 2021-06-02T00:00:31.619765Z | 2026-04-02T14:36:39.985977Z |
| osv-2022-679 | Heap-buffer-overflow in udiv | 2022-08-07T00:01:59.645310Z | 2026-04-02T14:16:23.664099Z |
| osv-2022-652 | Use-of-uninitialized-value in udiv | 2022-07-29T00:02:04.321859Z | 2026-04-02T14:15:47.876263Z |
| osv-2022-599 | Use-of-uninitialized-value in mrb_bint_as_int | 2022-07-20T00:00:11.865502Z | 2026-04-02T14:15:08.602041Z |
| osv-2026-504 | Heap-use-after-free in ObjectStream::getObject | 2026-04-02T00:16:28.228723Z | 2026-04-02T00:16:28.229037Z |
| osv-2022-834 | Heap-use-after-free in mk_event_timeout_destroy | 2022-09-04T00:00:31.605787Z | 2026-04-01T14:27:59.352404Z |
| osv-2022-937 | Use-after-poison in rx_ip | 2022-09-23T00:02:21.434097Z | 2026-04-01T14:27:42.367988Z |
| osv-2022-1277 | Heap-use-after-free in mk_event_timeout_destroy | 2023-06-26T14:01:01.876870Z | 2026-04-01T14:23:09.019013Z |
| osv-2022-1201 | Stack-buffer-overflow in msc_zero_object | 2022-11-24T13:00:10.344351Z | 2026-03-31T14:04:55.969741Z |
| osv-2022-1188 | Stack-buffer-overflow in authentic_get_tagged_data | 2022-11-20T13:01:57.719130Z | 2026-03-31T14:04:55.181202Z |
| osv-2023-395 | Stack-buffer-overflow in sc_path_print | 2023-05-14T14:00:57.078498Z | 2026-03-31T14:04:53.759303Z |
| osv-2024-696 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2024-07-31T00:03:10.056663Z | 2026-03-30T14:18:48.684167Z |
| osv-2024-400 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2024-05-02T00:03:16.309384Z | 2026-03-30T14:18:22.305458Z |
| osv-2024-641 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2024-07-14T00:06:37.034414Z | 2026-03-30T14:18:20.625772Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2023-0125 | Logs AWS credentials when TRACE-level logging is enabled | 2023-04-19T12:00:00Z | 2026-04-02T14:44:59Z |
| rustsec-2026-0080 | Multiple soundness issues in `scaly` safe APIs | 2026-01-19T12:00:00Z | 2026-04-02T12:03:57Z |
| rustsec-2026-0079 | `DynFuture` drop can construct a dangling reference | 2026-01-21T12:00:00Z | 2026-04-02T12:03:57Z |
| rustsec-2026-0078 | Symbol confusion after hasher panic in `intaglio` interners | 2026-03-30T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2025-0160 | `custom-req-on-workers` was removed from crates.io for malicious code | 2025-01-30T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2025-0159 | `sophosfirewall-python` was removed from crates.io for malicious code | 2025-02-15T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2025-0158 | `jfrog_quotes` was removed from crates.io for malicious code | 2025-01-30T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2025-0157 | `statsrelay-protobuf` was removed from crates.io for malicious code | 2025-08-26T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2025-0156 | `tree-sitter-pkl` was removed from crates.io for malicious code | 2025-03-10T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2026-0077 | Incorrect Check of Signer Response Norm During Verification | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| rustsec-2026-0076 | Panic in Signature Hint Decoding During Verification | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| rustsec-2026-0075 | All-Zero Key Generation on Catastrophic RNG Failure | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| rustsec-2026-0074 | Incorrect Output of Incremental Portable SHAKE API | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| rustsec-2026-0073 | Panic in Standalone MAC Operations | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| rustsec-2025-0155 | `rands` was removed from crates.io for malicious code | 2025-02-10T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0124 | `bit-flags` was removed from crates.io for malicious code | 2023-12-22T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0123 | `hann-rs-service` was removed from crates.io for malicious code | 2023-11-18T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0122 | `winx-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0121 | `libusb1-main` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0120 | `windows-service-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0119 | `openvpn-plugin-rs` was removed from crates.io for malicious code | 2023-11-18T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0118 | `win_run_rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0117 | `tauri-winrt-notifications` was removed from crates.io for malicious code | 2023-11-20T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0116 | `registry-win` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0115 | `acceptxmr-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0114 | `tiny-server` was removed from crates.io for malicious code | 2023-11-06T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0113 | `win-base64-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0112 | `monero-rpc-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0111 | `monero-api` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0110 | `postgresderive` was removed from crates.io for malicious code | 2023-08-18T12:00:00Z | 2026-03-26T06:26:31Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-mariadb-2026-32710 | Heap-based Buffer Overflow in MariaDB | 2026-03-25T08:46:04.911Z | 2026-04-01T09:11:42.692Z |
| bit-grafana-2026-33375 | Grafana MSSQL Data Source Plugin: Restriction Bypass Leading to OOM DoS | 2026-04-01T08:41:17.463Z | 2026-04-01T09:11:42.692Z |
| bit-grafana-2026-28375 | Grafana Testdata datasource can issue unbounded memory allocations | 2026-04-01T08:41:15.363Z | 2026-04-01T09:11:42.692Z |
| bit-grafana-2026-27880 | OpenFeature evaluation API reads input data with no bounds | 2026-04-01T08:41:13.459Z | 2026-04-01T09:11:42.692Z |
| bit-grafana-2026-27879 | Query resampling can cause unbounded memory allocations | 2026-04-01T08:41:11.477Z | 2026-04-01T09:11:42.692Z |
| bit-grafana-2026-27877 | Public dashboards discloses all direct mode datasources | 2026-04-01T08:41:09.536Z | 2026-04-01T09:11:42.692Z |
| bit-grafana-2026-27876 | RCE on Grafana via sqlExpressions | 2026-04-01T08:41:07.673Z | 2026-04-01T09:11:42.692Z |
| bit-gitlab-2025-13611 | Insertion of Sensitive Information into Log File in GitLab | 2025-12-02T12:03:48.649Z | 2026-04-01T09:11:42.692Z |
| bit-appsmith-2026-34411 | Appsmith < 1.98 Unauthenticated Instance Configuration Disclosure via Management APIs | 2026-04-01T08:35:37.595Z | 2026-04-01T09:11:42.692Z |
| bit-discourse-2026-29072 | Discourse missing permission check for policy creation in discourse-policy | 2026-03-27T07:10:21.008Z | 2026-03-31T21:15:21.591Z |
| bit-discourse-2026-28282 | Discourse vulnerable to group membership addition permission bypass via discourse-policy plugin | 2026-03-27T07:10:17.839Z | 2026-03-31T21:15:21.591Z |
| bit-discourse-2026-27936 | Discourse discloses restricted post-action counts to non-privileged users | 2026-03-27T07:10:06.332Z | 2026-03-31T21:15:21.591Z |
| bit-discourse-2026-27935 | Discourse leaks private topic metadata to non-authorized users | 2026-03-27T07:10:03.445Z | 2026-03-31T21:15:21.591Z |
| bit-jenkins-2026-33002 | 2026-03-20T09:15:13.235Z | 2026-03-31T18:23:47.490Z | |
| bit-mastodon-2026-33869 | Mastodon has a denial of service for quote authorization | 2026-03-31T08:45:37.827Z | 2026-03-31T09:14:23.567Z |
| bit-mastodon-2026-33868 | Mastodon has a GET-Based Open Redirect via '/web/%2F<domain>' | 2026-03-31T08:45:35.531Z | 2026-03-31T09:14:23.567Z |
| bit-gitlab-2026-3857 | Cross-Site Request Forgery (CSRF) in GitLab | 2026-03-27T12:15:15.885Z | 2026-03-31T09:14:23.567Z |
| bit-gitlab-2026-2370 | Improper Handling of Parameters in GitLab | 2026-03-31T09:12:36.844Z | 2026-03-31T09:14:23.567Z |
| bit-prestashop-2026-33674 | PrestaShop: Improper Use of Validation Framework | 2026-03-30T11:49:50.984Z | 2026-03-30T12:13:12.971Z |
| bit-prestashop-2026-33673 | PrestaShop has multiple stored XSS vulnerabilities via unprotected Template variables | 2026-03-30T11:49:49.224Z | 2026-03-30T12:13:12.971Z |
| bit-nats-2026-33249 | NATS: Message tracing can be redirected to arbitrary subject | 2026-03-30T11:45:25.356Z | 2026-03-30T12:13:12.971Z |
| bit-nats-2026-33248 | NATS has mTLS verify_and_map authentication bypass via incorrect Subject DN matching | 2026-03-27T17:45:26.680Z | 2026-03-27T18:14:10.313Z |
| bit-nats-2026-33247 | NATS credentials are exposed in monitoring port via command-line argv | 2026-03-27T17:45:24.871Z | 2026-03-27T18:14:10.313Z |
| bit-nats-2026-33246 | NATS: Leafnode connections allow spoofing of Nats-Request-Info identity headers | 2026-03-27T17:45:23.082Z | 2026-03-27T18:14:10.313Z |
| bit-nats-2026-33223 | NATS Server: Incomplete Stripping of Nats-Request-Info Header Allows Identity Spoofing | 2026-03-27T17:45:21.527Z | 2026-03-27T18:14:10.313Z |
| bit-nats-2026-33222 | NATS JetStream has an authorization bypass through its Management API | 2026-03-27T17:45:19.827Z | 2026-03-27T18:14:10.313Z |
| bit-nats-2026-33219 | NATS is vulnerable to pre-auth DoS through WebSockets client service | 2026-03-27T17:45:18.190Z | 2026-03-27T18:14:10.313Z |
| bit-nats-2026-33218 | NATS has pre-auth server panic via leafnode handling | 2026-03-27T17:45:16.655Z | 2026-03-27T18:14:10.313Z |
| bit-nats-2026-33217 | NATS allows MQTT clients to bypass ACL checks | 2026-03-27T17:45:15.042Z | 2026-03-27T18:14:10.313Z |
| bit-nats-2026-33216 | NATS has MQTT plaintext password disclosure | 2026-03-27T17:45:13.444Z | 2026-03-27T18:14:10.313Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-eb74978 | Security fixes for CVE-2020-8912, CVE-2025-61732, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 3.0.2-r0, 3.0.2-r1 | 2026-04-01T09:05:49.917651Z | 2026-03-31T15:18:53Z |
| cleanstart-2026-bk28579 | Security fixes for CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 3.0.2-r0, 3.0.2-r1 | 2026-04-01T09:05:31.827204Z | 2026-03-31T15:16:59Z |
| cleanstart-2026-is43446 | Security fixes for ghsa-25qh-j22f-pwp8, ghsa-389x-839f-4rhx, ghsa-3p8m-j85q-pgmj, ghsa-4g8c-wm8x-jfhw, ghsa-5jpm-x58v-624v, ghsa-72hv-8253-57qq, ghsa-84h7-rjj3-6jx4, ghsa-fghv-69vj-qj49, ghsa-jq43-27x9-3v86, ghsa-pwqr-wmgm-9rr8, ghsa-qqpg-mvqg-649v, ghsa-w9fj-cfpg-grvv, ghsa-xq3w-v528-46rv applied in versions: 0.1.109-r0, 0.1.109-r1, 0.1.111-r2 | 2026-04-01T09:05:58.458627Z | 2026-03-31T07:55:31Z |
| cleanstart-2026-ch77232 | Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 18.7.1-r0 | 2026-04-01T09:06:04.906254Z | 2026-03-31T07:29:33Z |
| cleanstart-2026-is74202 | Security fixes for CVE-2017-14919, CVE-2017-15896, CVE-2018-0734, CVE-2018-0735, CVE-2018-1000168, CVE-2018-12121, CVE-2018-12122, CVE-2018-7160, CVE-2018-7161, CVE-2019-15604, CVE-2019-15605, CVE-2019-15606, CVE-2019-5737, CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518, CVE-2020-11080, CVE-2020-7774, CVE-2020-8172, CVE-2020-8174, CVE-2020-8201, CVE-2020-8252, CVE-2020-8265, CVE-2020-8277, CVE-2020-8287, CVE-2021-21148, CVE-2021-22930, CVE-2021-22931, CVE-2021-22959, CVE-2021-22960, CVE-2021-3672, CVE-2021-43803, CVE-2021-44531, CVE-2021-44532, CVE-2022-32212, CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-35255, CVE-2022-35256, CVE-2022-3602, CVE-2022-43548, CVE-2023-23918, CVE-2023-23919, CVE-2023-23920, CVE-2023-23936, CVE-2023-24807, CVE-2023-39333, CVE-2023-44487, CVE-2024-22018, CVE-2024-22020, CVE-2024-27982, CVE-2024-27983, CVE-2024-36138, CVE-2024-37372 applied in versions: 10.14.0-r0, 10.15.3-r0, 10.16.3-r0, 12.15.0-r0, 12.18.0-r0, 12.18.4-r0, 14.15.1-r0, 14.15.4-r0, 14.15.5-r0, 14.16.0-r0, 14.16.1-r0, 14.17.4-r0, 14.17.5-r0, 14.17.6-r0, 14.18.1-r0, 16.13.2-r0, 16.17.1-r0, 18.12.1-r0, 18.14.1-r0, 18.17.1-r0, 18.18.2-r0, 20.12.1-r0, 20.15.1-r0, 6.11.1-r0, 6.11.5-r0, 8.11.0-r0, 8.11.3-r0, 8.11.4-r0, 8.9.3-r0 | 2026-04-01T09:09:55.185988Z | 2026-03-31T04:38:08Z |
| cleanstart-2026-ls30652 | Security fixes for CVE-2025-0913, CVE-2025-15558, CVE-2025-4673, CVE-2025-47907, CVE-2025-47914, CVE-2025-58181, CVE-2025-62156, CVE-2025-62157, CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-33186, ghsa-37cx-329c-33x3, ghsa-c2hv-4pfj-mm2r, ghsa-cfpf-hrx2-8rv6, ghsa-fw7p-63qq-7hpr, ghsa-p436-gjf2-799p, ghsa-p77j-4mvh-x3m3, ghsa-p84v-gxvw-73pf applied in versions: 3.7.0-r0, 3.7.11-r0, 3.7.3-r0, 3.7.4-r0, 3.7.6-r0, 3.7.9-r0, 3.7.9-r1, 3.7.9-r2, 4.0.2-r0 | 2026-04-01T09:07:01.631355Z | 2026-03-30T12:04:05Z |
| cleanstart-2026-hk71313 | Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw applied in versions: 0.12.0-r0, 0.12.0-r1, 0.12.0-r2 | 2026-04-01T09:06:39.410428Z | 2026-03-30T06:53:15Z |
| cleanstart-2026-li04631 | Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 1.79.0-r0, 1.79.0-r2, 1.79.0-r3 | 2026-04-01T09:08:44.082129Z | 2026-03-28T10:16:19Z |
| cleanstart-2026-bk44511 | Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 1.78.0-r0, 1.78.0-r2, 1.78.0-r3 | 2026-04-01T09:08:47.105116Z | 2026-03-28T10:16:01Z |
| cleanstart-2026-ld15132 | Security fixes for CVE-2020-8912, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27141, CVE-2026-27142, CVE-2026-33186, ghsa-6g7g-w4f8-9c9x, ghsa-cfpf-hrx2-8rv6, ghsa-fw7p-63qq-7hpr, ghsa-p77j-4mvh-x3m3 applied in versions: 0.142.0-r0, 0.144.0-r0, 0.144.0-r1, 0.144.0-r2, 0.144.0-r3 | 2026-04-01T09:09:25.500286Z | 2026-03-28T10:14:28Z |
| cleanstart-2026-jk84667 | Security fixes for CVE-2025-0913, CVE-2025-4673, CVE-2025-47907, CVE-2025-47911, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-58190, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 2.7.0-r7, 2.7.0-r8 | 2026-04-01T09:10:09.429544Z | 2026-03-28T10:13:46Z |
| cleanstart-2026-cb01846 | Security fixes for CVE-2025-0913, CVE-2025-4673, CVE-2025-47907, CVE-2025-47911, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-58190, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 2.6.1-r0, 2.6.1-r1, 2.6.1-r7 | 2026-04-01T09:10:27.866703Z | 2026-03-28T10:13:21Z |
| cleanstart-2026-dg06447 | Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 2.12.2-r0, 2.12.2-r1 | 2026-04-01T09:10:38.729051Z | 2026-03-28T10:04:36Z |
| cleanstart-2026-gq31133 | Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-527x-5wrf-22m2, ghsa-9h8m-3fm2-qjrq, ghsa-c9v3-4pv7-87pr, ghsa-h75p-j8xm-m278, ghsa-p77j-4mvh-x3m3 applied in versions: 1.26.7-r0, 1.26.7-r1, 1.26.7-r2 | 2026-04-01T09:10:41.066012Z | 2026-03-28T10:03:10Z |
| cleanstart-2026-mj07404 | Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-527x-5wrf-22m2, ghsa-9h8m-3fm2-qjrq, ghsa-c9v3-4pv7-87pr, ghsa-h75p-j8xm-m278, ghsa-p77j-4mvh-x3m3 applied in versions: 1.26.7-r0, 1.26.7-r1, 1.26.7-r2 | 2026-04-01T09:10:45.280620Z | 2026-03-28T10:02:34Z |
| cleanstart-2026-kj02127 | Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 1.8.6-r0, 1.8.6-r1 | 2026-04-01T09:11:01.446923Z | 2026-03-28T10:00:21Z |
| cleanstart-2026-cg86499 | Security fixes for CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 3.6.5-r0 | 2026-04-01T09:11:07.076579Z | 2026-03-28T09:58:50Z |
| cleanstart-2026-gz72045 | Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 3.51.2-r0 | 2026-04-01T09:11:42.310345Z | 2026-03-28T09:54:58Z |
| cleanstart-2026-oj21550 | Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68119, CVE-2026-24051, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 1.34.2-r0, 1.35.0-r0, 1.35.3-r0 | 2026-04-01T09:12:23.484446Z | 2026-03-28T09:40:45Z |
| cleanstart-2026-cf63743 | Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2026-24051, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 1.34.2-r0, 1.34.6-r0 | 2026-04-01T09:12:16.516536Z | 2026-03-28T09:39:54Z |
| cleanstart-2026-jf28061 | Security fixes for CVE-2026-24051, CVE-2026-26958, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-fw7p-63qq-7hpr, ghsa-p77j-4mvh-x3m3 applied in versions: 2.19.0-r0, 2.19.0-r1 | 2026-04-01T09:12:22.444974Z | 2026-03-27T12:52:14Z |
| cleanstart-2026-ac65885 | Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25518, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.18.0-r0, 1.18.0-r1, 1.18.0-r2, 1.18.0-r3 | 2026-04-01T09:13:17.231184Z | 2026-03-27T06:25:28Z |
| cleanstart-2026-kz45320 | Security fixes for CVE-2017-14919, CVE-2017-15896, CVE-2018-0734, CVE-2018-0735, CVE-2018-1000168, CVE-2018-12121, CVE-2018-12122, CVE-2018-7160, CVE-2018-7161, CVE-2019-15604, CVE-2019-15605, CVE-2019-15606, CVE-2019-5737, CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518, CVE-2020-11080, CVE-2020-7774, CVE-2020-8172, CVE-2020-8174, CVE-2020-8201, CVE-2020-8252, CVE-2020-8265, CVE-2020-8277, CVE-2020-8287, CVE-2021-21148, CVE-2021-22930, CVE-2021-22931, CVE-2021-22959, CVE-2021-22960, CVE-2021-3672, CVE-2021-43803, CVE-2021-44531, CVE-2021-44532, CVE-2022-32212, CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-35255, CVE-2022-35256, CVE-2022-3602, CVE-2022-43548, CVE-2023-23918, CVE-2023-23919, CVE-2023-23920, CVE-2023-23936, CVE-2023-24807, CVE-2023-39333, CVE-2023-44487, CVE-2024-22018, CVE-2024-22020, CVE-2024-27982, CVE-2024-27983, CVE-2024-36138, CVE-2024-37372 applied in versions: 10.14.0-r0, 10.15.3-r0, 10.16.3-r0, 12.15.0-r0, 12.18.0-r0, 12.18.4-r0, 14.15.1-r0, 14.15.4-r0, 14.15.5-r0, 14.16.0-r0, 14.16.1-r0, 14.17.4-r0, 14.17.5-r0, 14.17.6-r0, 14.18.1-r0, 16.13.2-r0, 16.17.1-r0, 18.12.1-r0, 18.14.1-r0, 18.17.1-r0, 18.18.2-r0, 20.12.1-r0, 20.15.1-r0, 6.11.1-r0, 6.11.5-r0, 8.11.0-r0, 8.11.3-r0, 8.11.4-r0, 8.9.3-r0 | 2026-04-01T09:16:45.727713Z | 2026-03-26T18:22:34Z |
| cleanstart-2026-bd71263 | Security fixes for CVE-2017-14919, CVE-2017-15896, CVE-2018-0734, CVE-2018-0735, CVE-2018-1000168, CVE-2018-12121, CVE-2018-12122, CVE-2018-7160, CVE-2018-7161, CVE-2019-15604, CVE-2019-15605, CVE-2019-15606, CVE-2019-5737, CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518, CVE-2020-11080, CVE-2020-7774, CVE-2020-8172, CVE-2020-8174, CVE-2020-8201, CVE-2020-8252, CVE-2020-8265, CVE-2020-8277, CVE-2020-8287, CVE-2021-21148, CVE-2021-22930, CVE-2021-22931, CVE-2021-22959, CVE-2021-22960, CVE-2021-3672, CVE-2021-43803, CVE-2021-44531, CVE-2021-44532, CVE-2022-32212, CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-35255, CVE-2022-35256, CVE-2022-3602, CVE-2022-43548, CVE-2023-23918, CVE-2023-23919, CVE-2023-23920, CVE-2023-23936, CVE-2023-24807, CVE-2023-39333, CVE-2023-44487, CVE-2024-22018, CVE-2024-22020, CVE-2024-27982, CVE-2024-27983, CVE-2024-36138, CVE-2024-37372 applied in versions: 10.14.0-r0, 10.15.3-r0, 10.16.3-r0, 12.15.0-r0, 12.18.0-r0, 12.18.4-r0, 14.15.1-r0, 14.15.4-r0, 14.15.5-r0, 14.16.0-r0, 14.16.1-r0, 14.17.4-r0, 14.17.5-r0, 14.17.6-r0, 14.18.1-r0, 16.13.2-r0, 16.17.1-r0, 18.12.1-r0, 18.14.1-r0, 18.17.1-r0, 18.18.2-r0, 20.12.1-r0, 20.15.1-r0, 6.11.1-r0, 6.11.5-r0, 8.11.0-r0, 8.11.3-r0, 8.11.4-r0, 8.9.3-r0 | 2026-04-01T09:17:26.065920Z | 2026-03-26T17:04:08Z |
| cleanstart-2026-jr35772 | Security fixes for CVE-2017-14919, CVE-2017-15896, CVE-2018-0734, CVE-2018-0735, CVE-2018-1000168, CVE-2018-12121, CVE-2018-12122, CVE-2018-7160, CVE-2018-7161, CVE-2019-15604, CVE-2019-15605, CVE-2019-15606, CVE-2019-5737, CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518, CVE-2020-11080, CVE-2020-7774, CVE-2020-8172, CVE-2020-8174, CVE-2020-8201, CVE-2020-8252, CVE-2020-8265, CVE-2020-8277, CVE-2020-8287, CVE-2021-21148, CVE-2021-22930, CVE-2021-22931, CVE-2021-22959, CVE-2021-22960, CVE-2021-3672, CVE-2021-43803, CVE-2021-44531, CVE-2021-44532, CVE-2022-32212, CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-35255, CVE-2022-35256, CVE-2022-3602, CVE-2022-43548, CVE-2023-23918, CVE-2023-23919, CVE-2023-23920, CVE-2023-23936, CVE-2023-24807, CVE-2023-39333, CVE-2023-44487, CVE-2024-22018, CVE-2024-22020, CVE-2024-27982, CVE-2024-27983, CVE-2024-36138, CVE-2024-37372 applied in versions: 10.14.0-r0, 10.15.3-r0, 10.16.3-r0, 12.15.0-r0, 12.18.0-r0, 12.18.4-r0, 14.15.1-r0, 14.15.4-r0, 14.15.5-r0, 14.16.0-r0, 14.16.1-r0, 14.17.4-r0, 14.17.5-r0, 14.17.6-r0, 14.18.1-r0, 16.13.2-r0, 16.17.1-r0, 18.12.1-r0, 18.14.1-r0, 18.17.1-r0, 18.18.2-r0, 20.12.1-r0, 20.15.1-r0, 6.11.1-r0, 6.11.5-r0, 8.11.0-r0, 8.11.3-r0, 8.11.4-r0, 8.9.3-r0 | 2026-04-01T09:17:37.864227Z | 2026-03-26T15:01:29Z |
| cleanstart-2026-ow78143 | Security fixes for CVE-2025-68156, CVE-2026-24051, CVE-2026-26958, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-cfpf-hrx2-8rv6, ghsa-fw7p-63qq-7hpr, ghsa-p77j-4mvh-x3m3 applied in versions: 2.18.3-r0, 2.18.3-r1 | 2026-04-01T09:14:00.541150Z | 2026-03-26T14:38:42Z |
| cleanstart-2026-eq25508 | Security fixes for CVE-2025-11082, CVE-2025-11083 applied in versions: 2.46.0-r0 | 2026-04-01T09:16:21.124779Z | 2026-03-26T13:10:59Z |
| cleanstart-2026-em10970 | Security fixes for CVE-2017-9233, CVE-2019-15903, CVE-2021-45960, CVE-2021-46143, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23852, CVE-2022-23990, CVE-2022-25235, CVE-2022-25236, CVE-2022-25313, CVE-2022-25314, CVE-2022-25315, CVE-2022-40674, CVE-2022-43680, CVE-2023-52425, CVE-2023-52426, CVE-2024-28757, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2026-24515, CVE-2026-25210, CVE-2026-32767 applied in versions: 2.2.0-r1, 2.2.7-r0, 2.2.7-r1, 2.4.3-r0, 2.4.4-r0, 2.4.5-r0, 2.4.9-r0, 2.5.0-r0, 2.6.0-r0, 2.6.2-r0, 2.6.3-r0, 2.6.4-r0, 2.7.2-r0, 2.7.5-r0 | 2026-04-01T09:16:01.861201Z | 2026-03-26T13:10:59Z |
| cleanstart-2026-ma32024 | Security fixes for CVE-2025-55190, CVE-2025-55191, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-59537, CVE-2025-59538, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2026-1229, CVE-2026-24051, CVE-2026-25934, CVE-2026-33186, ghsa-2v5j-vhc3-9cwm, ghsa-2vgg-9h3w-qbr4, ghsa-2xsj-vh29-9cwm, ghsa-37cx-329c-33x3, ghsa-3wgm-2mw2-vh5m, ghsa-4x4m-3c2p-qppc, ghsa-6v2p-p543-phr9, ghsa-92cp-5422-2m47, ghsa-93mq-9ffx-83m2, ghsa-f6x5-jh6r-wrfv, ghsa-hj2p-8wj8-pfq4, ghsa-j5w8-q4qc-rx2x, ghsa-mh63-6h87-95cp, ghsa-mw99-9chc-xw7r applied in versions: 2.13.9-r0, 2.14.20-r0, 3.0.16-r0, 3.0.19-r0, 3.1.4-r0, 3.1.8.-r0, 3.1.9-r4, 3.2.7-r0, 3.3.2-r1, 3.3.3-r0, 3.3.4-r0 | 2026-04-01T09:19:21.169476Z | 2026-03-26T07:01:17Z |
| cleanstart-2026-gi40937 | Security fixes for CVE-2023-5870, CVE-2024-7348, CVE-2025-8713, CVE-2025-8714, CVE-2025-8715 applied in versions: 16.1-r0, 16.2-r0, 16.4-r0, 17.6-r0 | 2026-04-01T09:18:12.444694Z | 2026-03-26T07:01:17Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2026-031 | 2026-04-01T16:38:14.000Z | 2026-04-02T14:13:13.000Z | |
| drupal-contrib-2026-029 | 2026-03-11T16:35:02.000Z | 2026-03-26T19:50:52.000Z | |
| drupal-contrib-2026-028 | 2026-03-11T16:33:14.000Z | 2026-03-26T19:43:59.000Z | |
| drupal-contrib-2026-030 | 2026-03-18T16:10:00.000Z | 2026-03-18T16:10:00.000Z | |
| drupal-contrib-2026-015 | 2026-02-25T18:47:57.000Z | 2026-03-17T13:20:54.000Z | |
| drupal-contrib-2026-024 | 2026-03-04T17:59:51.000Z | 2026-03-05T14:03:05.000Z | |
| drupal-contrib-2026-027 | 2026-03-04T18:02:59.000Z | 2026-03-04T18:02:59.000Z | |
| drupal-contrib-2026-026 | 2026-03-04T18:02:14.000Z | 2026-03-04T18:02:14.000Z | |
| drupal-contrib-2026-025 | 2026-03-04T18:00:41.000Z | 2026-03-04T18:00:41.000Z | |
| drupal-contrib-2026-023 | 2026-03-04T17:58:55.000Z | 2026-03-04T17:58:55.000Z | |
| drupal-contrib-2026-022 | 2026-03-04T17:57:58.000Z | 2026-03-04T17:57:58.000Z | |
| drupal-contrib-2026-021 | 2026-03-04T17:56:18.000Z | 2026-03-04T17:56:18.000Z | |
| drupal-contrib-2026-020 | 2026-03-04T17:54:27.000Z | 2026-03-04T17:54:27.000Z | |
| drupal-contrib-2026-016 | 2026-02-25T18:49:59.000Z | 2026-02-25T19:30:03.000Z | |
| drupal-contrib-2026-019 | 2026-02-25T18:51:43.000Z | 2026-02-25T18:51:43.000Z | |
| drupal-contrib-2026-018 | 2026-02-25T18:51:26.000Z | 2026-02-25T18:51:26.000Z | |
| drupal-contrib-2026-017 | 2026-02-25T18:51:01.000Z | 2026-02-25T18:51:01.000Z | |
| drupal-contrib-2026-014 | 2026-02-25T18:46:10.000Z | 2026-02-25T18:46:10.000Z | |
| drupal-contrib-2026-013 | 2026-02-25T18:45:13.000Z | 2026-02-25T18:45:13.000Z | |
| drupal-contrib-2026-012 | 2026-02-25T18:44:38.000Z | 2026-02-25T18:44:38.000Z | |
| drupal-contrib-2026-011 | 2026-02-25T18:43:32.000Z | 2026-02-25T18:43:32.000Z | |
| drupal-contrib-2026-010 | 2026-02-11T16:54:18.000Z | 2026-02-25T17:17:46.000Z | |
| drupal-contrib-2026-009 | 2026-02-11T16:53:32.000Z | 2026-02-12T15:37:20.000Z | |
| drupal-contrib-2026-008 | 2026-02-04T17:23:40.000Z | 2026-02-04T17:23:40.000Z | |
| drupal-contrib-2026-007 | 2026-01-28T17:29:32.000Z | 2026-01-28T17:29:32.000Z | |
| drupal-contrib-2026-006 | 2026-01-28T17:28:31.000Z | 2026-01-28T17:28:31.000Z | |
| drupal-contrib-2026-005 | 2026-01-14T17:57:31.000Z | 2026-01-14T18:33:02.000Z | |
| drupal-contrib-2026-004 | 2026-01-14T17:56:28.000Z | 2026-01-14T17:56:28.000Z | |
| drupal-contrib-2026-003 | 2026-01-14T17:55:41.000Z | 2026-01-14T17:55:41.000Z | |
| drupal-contrib-2026-002 | 2026-01-14T17:54:33.000Z | 2026-01-14T17:54:33.000Z |
| ID | Description | Updated |
|---|---|---|
| ts-2026-001 | TS-2026-001 | 2026-01-15T00:00 |
| ts-2025-008 | TS-2025-008 | 2025-11-19T00:00 |
| ts-2025-007 | TS-2025-007 | 2025-11-07T00:00 |
| ts-2025-006 | TS-2025-006 | 2025-10-28T00:00 |
| ts-2025-005 | TS-2025-005 | 2025-08-07T00:00 |
| ts-2025-004 | TS-2025-004 | 2025-05-27T00:00 |
| ts-2025-003 | TS-2025-003 | 2025-05-21T00:00 |
| ts-2025-002 | TS-2025-002 | 2025-05-15T00:00 |
| ts-2025-001 | TS-2025-001 | 2025-03-07T00:00 |
| ts-2024-013 | TS-2024-013 | 2024-12-04T00:00 |
| ts-2024-012 | TS-2024-012 | 2024-10-02T00:00 |
| ts-2024-011 | TS-2024-011 | 2024-07-22T00:00 |
| ts-2024-010 | TS-2024-010 | 2024-07-19T00:00 |
| ts-2024-009 | TS-2024-009 | 2024-06-27T00:00 |
| ts-2024-008 | TS-2024-008 | 2024-06-14T00:00 |
| ts-2024-007 | TS-2024-007 | 2024-06-12T00:00 |
| ts-2024-006 | TS-2024-006 | 2024-05-22T00:00 |
| ts-2024-005 | TS-2024-005 | 2024-05-08T00:00 |
| ts-2024-004 | TS-2024-004 | 2024-05-06T00:00 |
| ts-2024-003 | TS-2024-003 | 2024-04-23T00:00 |
| ts-2024-002 | TS-2024-002 | 2024-01-30T00:00 |
| ts-2024-001 | TS-2024-001 | 2024-01-08T00:00 |
| ts-2023-009 | TS-2023-009 | 2023-12-22T00:00 |
| ts-2023-008 | TS-2023-008 | 2023-11-01T00:00 |
| ts-2023-007 | TS-2023-007 | 2023-10-26T00:00 |
| ts-2023-006 | TS-2023-006 | 2023-08-22T00:00 |
| ts-2023-005 | TS-2023-005 | 2023-04-28T00:00 |
| ts-2023-004 | TS-2023-004 | 2023-04-04T00:00 |
| ts-2023-003 | TS-2023-003 | 2023-03-22T00:00 |
| ts-2023-002 | TS-2023-002 | 2023-01-24T00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-ale-004 | Vulnérabilité dans F5 BIG-IP Access Policy Manager | 2026-03-31T00:00:00.000000 | 2026-03-31T00:00:00.000000 |
| certfr-2026-ale-002 | [MàJ] Vulnérabilité dans Cisco Catalyst SD-WAN | 2026-02-25T00:00:00.000000 | 2026-03-26T00:00:00.000000 |
| certfr-2026-ale-003 | Note d’alerte – Ciblage des messageries instantanées | 2026-03-20T00:00:00.000000 | 2026-03-20T00:00:00.000000 |
| certfr-2025-ale-014 | [MàJ] Vulnérabilité dans React Server Components | 2025-12-05T00:00:00.000000 | 2026-02-12T00:00:00.000000 |
| certfr-2026-ale-001 | [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile | 2026-01-30T00:00:00.000000 | 2026-02-03T00:00:00.000000 |
| certfr-2025-ale-013 | [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD | 2025-09-25T00:00:00.000000 | 2025-10-06T00:00:00.000000 |
| certfr-2025-ale-012 | Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway | 2025-08-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| certfr-2025-ale-010 | [MàJ] Multiples vulnérabilités dans Microsoft SharePoint | 2025-07-21T00:00:00.000000 | 2025-08-26T00:00:00.000000 |
| certfr-2025-ale-011 | Incidents de sécurité dans les pare-feux SonicWall | 2025-08-05T00:00:00.000000 | 2025-08-18T00:00:00.000000 |
| certfr-2025-ale-009 | Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway | 2025-07-01T00:00:00.000000 | 2025-07-17T00:00:00.000000 |
| certfr-2025-ale-004 | Activités de post-exploitation dans Fortinet FortiGate | 2025-04-11T00:00:00.000000 | 2025-08-07T00:00:00.000000 |
| certfr-2025-ale-008 | [MàJ] Vulnérabilité dans Roundcube | 2025-06-05T00:00:00.000000 | 2025-07-21T00:00:00.000000 |
| certfr-2025-ale-007 | Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) | 2025-05-14T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-006 | Vulnérabilité dans les produits Fortinet | 2025-05-13T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-005 | Vulnérabilité dans SAP NetWeaver | 2025-04-28T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-003 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-04-04T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| certfr-2025-ale-002 | [MàJ] Vulnérabilité dans les produits Fortinet | 2025-05-07T00:00:00.000000 | 2025-01-14T00:00:00.000000 |
| certfr-2025-ale-001 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-01-09T00:00:00.000000 | 2025-04-01T00:00:00.000000 |
| certfr-2024-ale-014 | [MàJ] Multiples vulnérabilités dans Fortinet FortiManager | 2024-10-30T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| certfr-2024-ale-013 | Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) | 2025-03-31T00:00:00.000000 | 2024-10-25T00:00:00.000000 |
| certfr-2024-ale-015 | [MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks | 2024-11-15T00:00:00.000000 | 2024-11-18T00:00:00.000000 |
| certfr-2024-ale-012 | [MàJ] Vulnérabilités affectant OpenPrinting CUPS | 2024-09-27T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| certfr-2024-ale-011 | Vulnérabilité dans SonicWall | 2024-09-10T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| certfr-2024-ale-010 | Multiples vulnérabilités dans Roundcube | 2024-08-09T00:00:00.000000 | 2024-10-07T00:00:00.000000 |
| certfr-2024-ale-009 | Vulnérabilité dans OpenSSH | 2024-07-01T00:00:00.000000 | 2024-07-03T00:00:00.000000 |
| certfr-2024-ale-008 | [MàJ] Vulnérabilité dans les produits Check Point | 2024-05-30T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-007 | Multiples vulnérabilités dans les produits Cisco | 2024-04-25T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-006 | [MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect | 2024-04-12T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-004 | [MàJ] Vulnérabilité dans Fortinet FortiOS | 2024-02-09T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-005 | [MàJ] Vulnérabilité dans Microsoft Outlook | 2024-02-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0398 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-04-03T00:00:00.000000 | 2026-04-03T00:00:00.000000 |
| certfr-2026-avi-0397 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-04-03T00:00:00.000000 | 2026-04-03T00:00:00.000000 |
| certfr-2026-avi-0396 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-04-03T00:00:00.000000 | 2026-04-03T00:00:00.000000 |
| certfr-2026-avi-0395 | Multiples vulnérabilités dans les produits IBM | 2026-04-03T00:00:00.000000 | 2026-04-03T00:00:00.000000 |
| certfr-2026-avi-0394 | Multiples vulnérabilités dans VMware Tanzu | 2026-04-03T00:00:00.000000 | 2026-04-03T00:00:00.000000 |
| certfr-2026-avi-0393 | Vulnérabilité dans Synology Mail Station | 2026-04-03T00:00:00.000000 | 2026-04-03T00:00:00.000000 |
| certfr-2026-avi-0392 | Multiples vulnérabilités dans Microsoft Edge | 2026-04-03T00:00:00.000000 | 2026-04-03T00:00:00.000000 |
| certfr-2026-avi-0391 | Multiples vulnérabilités dans OpenSSH | 2026-04-02T00:00:00.000000 | 2026-04-02T00:00:00.000000 |
| certfr-2026-avi-0390 | Multiples vulnérabilités dans Belden NetModule Router Software | 2026-04-02T00:00:00.000000 | 2026-04-02T00:00:00.000000 |
| certfr-2026-avi-0389 | Vulnérabilité dans Microsoft Azure Linux | 2026-04-02T00:00:00.000000 | 2026-04-02T00:00:00.000000 |
| certfr-2026-avi-0388 | Multiples vulnérabilités dans les produits Cisco | 2026-04-02T00:00:00.000000 | 2026-04-02T00:00:00.000000 |
| certfr-2026-avi-0387 | Multiples vulnérabilités dans les produits Netgate | 2026-04-02T00:00:00.000000 | 2026-04-02T00:00:00.000000 |
| certfr-2026-avi-0386 | Multiples vulnérabilités dans les produits Microsoft | 2026-04-01T00:00:00.000000 | 2026-04-01T00:00:00.000000 |
| certfr-2026-avi-0385 | Multiples vulnérabilités dans Google Chrome | 2026-04-01T00:00:00.000000 | 2026-04-01T00:00:00.000000 |
| certfr-2026-avi-0384 | Multiples vulnérabilités dans Joomla! | 2026-04-01T00:00:00.000000 | 2026-04-01T00:00:00.000000 |
| certfr-2026-avi-0383 | Multiples vulnérabilités dans Sonicwall Email Security | 2026-04-01T00:00:00.000000 | 2026-04-01T00:00:00.000000 |
| certfr-2026-avi-0382 | Multiples vulnérabilités dans les produits FoxIT | 2026-03-31T00:00:00.000000 | 2026-03-31T00:00:00.000000 |
| certfr-2026-avi-0381 | Multiples vulnérabilités dans les produits Microsoft | 2026-03-31T00:00:00.000000 | 2026-03-31T00:00:00.000000 |
| certfr-2026-avi-0380 | Multiples vulnérabilités dans Microsoft Edge | 2026-03-31T00:00:00.000000 | 2026-03-31T00:00:00.000000 |
| certfr-2026-avi-0379 | Vulnérabilité dans Elastic OpenTelemetry Java | 2026-03-31T00:00:00.000000 | 2026-03-31T00:00:00.000000 |
| certfr-2026-avi-0378 | Vulnérabilité dans Symantec Data Loss Prevention (DLP) | 2026-03-31T00:00:00.000000 | 2026-03-31T00:00:00.000000 |
| certfr-2026-avi-0377 | Multiples vulnérabilités dans Papercut | 2026-03-31T00:00:00.000000 | 2026-03-31T00:00:00.000000 |
| certfr-2026-avi-0376 | Multiples vulnérabilités dans les produits Microsoft | 2026-03-30T00:00:00.000000 | 2026-03-30T00:00:00.000000 |
| certfr-2026-avi-0375 | Multiples vulnérabilités dans Microsoft Edge | 2026-03-30T00:00:00.000000 | 2026-03-30T00:00:00.000000 |
| certfr-2026-avi-0374 | Vulnérabilité dans Docker Desktop | 2026-03-30T00:00:00.000000 | 2026-03-30T00:00:00.000000 |
| certfr-2026-avi-0373 | Vulnérabilité dans Roundcube | 2026-03-30T00:00:00.000000 | 2026-03-30T00:00:00.000000 |
| certfr-2026-avi-0372 | Multiples vulnérabilités dans les produits IBM | 2026-03-27T00:00:00.000000 | 2026-03-27T00:00:00.000000 |
| certfr-2026-avi-0371 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-03-27T00:00:00.000000 | 2026-03-27T00:00:00.000000 |
| certfr-2026-avi-0370 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-03-27T00:00:00.000000 | 2026-03-27T00:00:00.000000 |
| certfr-2026-avi-0369 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-03-27T00:00:00.000000 | 2026-03-27T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2026-009720 | Multiple vulnerabilities in FUJI Electric V-SFT (April 2026) | 2026-04-02T14:58+09:00 | 2026-04-03T15:50+09:00 |
| jvndb-2026-000049 | Multiple vulnerabilities in NEC Aterm series (NV26-001) | 2026-04-03T15:09+09:00 | 2026-04-03T15:09+09:00 |
| jvndb-2026-009412 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009411 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009410 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009409 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009408 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009406 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009147 | Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2026-03-27T18:18+09:00 | 2026-03-27T18:18+09:00 |
| jvndb-2026-009148 | Open Redirect Vulnerability in Hitachi Ops Center Administrator | 2026-03-27T18:17+09:00 | 2026-03-27T18:17+09:00 |
| jvndb-2026-000047 | Multiple vulnerabilities in baserCMS | 2026-03-27T18:00+09:00 | 2026-03-27T18:00+09:00 |
| jvndb-2026-000045 | WordPress Plugin "OpenStreetMap" vulnerable to cross-site scripting | 2026-03-27T17:34+09:00 | 2026-03-27T17:34+09:00 |
| jvndb-2026-000046 | Multiple vulnerabilities in BUFFALO Wi-Fi routers | 2026-03-27T17:18+09:00 | 2026-03-27T17:18+09:00 |
| jvndb-2026-000044 | Multiple vulnerabilities in the installer of RATOC RAID Monitoring Manager for Windows | 2026-03-26T17:41+09:00 | 2026-03-26T17:41+09:00 |
| jvndb-2026-000042 | Digital Photo Frame GH-WDF10A vulnerable to improper access restriction | 2026-03-26T17:41+09:00 | 2026-03-26T17:41+09:00 |
| jvndb-2026-000043 | SHARP routers missing authentication for some web APIs | 2026-03-25T18:41+09:00 | 2026-03-25T18:41+09:00 |
| jvndb-2026-000040 | Installer of OM Workspace (Windows Edition) may insecurely load Dynamic Link Libraries | 2026-03-25T18:13+09:00 | 2026-03-25T18:13+09:00 |
| jvndb-2026-000041 | SANYO DENKI SANUPS SOFTWARE registers Windows services with unquoted file paths | 2026-03-25T17:58+09:00 | 2026-03-25T17:58+09:00 |
| jvndb-2026-007973 | Multiple vulnerabilities in Xerox FreeFlow Core (XRX26-005) | 2026-03-23T14:54+09:00 | 2026-03-23T14:54+09:00 |
| jvndb-2026-007524 | Vulnerability in Hitachi Command Suite | 2026-03-17T16:42+09:00 | 2026-03-17T16:42+09:00 |
| jvndb-2026-000038 | Installer for IBM Trusteer Rapport may insecurely load Dynamic Link Libraries | 2026-03-17T14:57+09:00 | 2026-03-17T14:57+09:00 |
| jvndb-2026-000039 | Missing authorization in the OpenAI thread/message API endpoints of GROWI | 2026-03-16T17:18+09:00 | 2026-03-16T17:18+09:00 |
| jvndb-2026-000037 | OpenLiteSpeed and LSWS Enterprise vulnerable to OS command injection | 2026-03-16T17:18+09:00 | 2026-03-16T17:18+09:00 |
| jvndb-2026-006887 | Multiple vulnerabilities in Micro Research MR-GM5L-S1 and MR-GM5A-L1 | 2026-03-12T17:22+09:00 | 2026-03-12T17:22+09:00 |
| jvndb-2026-000036 | Improper file access permission settings in multiple Digital Arts products | 2026-03-09T14:57+09:00 | 2026-03-09T16:23+09:00 |
| jvndb-2026-000035 | Installer for Qsee Client may insecurely load Dynamic Link Libraries | 2026-03-09T14:57+09:00 | 2026-03-09T14:57+09:00 |
| jvndb-2026-006102 | Security issues in ESC/POS | 2026-03-06T10:31+09:00 | 2026-03-06T10:31+09:00 |
| jvndb-2026-000034 | django-allauth vulnerable to open redirect | 2026-03-05T12:36+09:00 | 2026-03-05T12:36+09:00 |
| jvndb-2026-000033 | EC-CUBE vulnerable to multi-factor authentication bypass | 2026-03-05T12:36+09:00 | 2026-03-05T12:36+09:00 |
| jvndb-2026-000032 | Multiple vulnerabilities in Dell UPS Multi-UPS Management Console (MUMC) | 2026-03-04T12:20+09:00 | 2026-03-04T12:20+09:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-15252 | ZTE ZXMP M721私钥泄露漏洞 | 2025-10-31 | 2026-03-27 |
| cnvd-2026-15170 | Adobe Commerce授权问题漏洞(CNVD-2026-15170) | 2026-03-17 | 2026-03-27 |
| cnvd-2026-15169 | Adobe Commerce授权问题漏洞(CNVD-2026-15169) | 2026-03-17 | 2026-03-27 |
| cnvd-2026-15168 | Adobe Commerce授权问题漏洞(CNVD-2026-15168) | 2026-03-17 | 2026-03-27 |
| cnvd-2026-15159 | Apache Airflow信息泄露漏洞(CNVD-2026-15159) | 2026-03-19 | 2026-03-27 |
| cnvd-2026-15158 | Apache Airflow信息泄露漏洞(CNVD-2026-15158) | 2026-03-19 | 2026-03-27 |
| cnvd-2026-15157 | Apache Airflow安全绕过漏洞(CNVD-2026-15157) | 2026-03-19 | 2026-03-27 |
| cnvd-2026-15156 | Apache Airflow信息泄露漏洞(CNVD-2026-15156) | 2026-03-19 | 2026-03-27 |
| cnvd-2026-15154 | HCL AION安全绕过漏洞 | 2026-03-19 | 2026-03-27 |
| cnvd-2026-15153 | HCL AION存在未明漏洞(CNVD-2026-15153) | 2026-03-19 | 2026-03-27 |
| cnvd-2026-15152 | OpenClaw拒绝服务漏洞(CNVD-2026-15152) | 2026-03-26 | 2026-03-27 |
| cnvd-2026-15151 | HCL AION存在未明漏洞(CNVD-2026-15151) | 2026-03-19 | 2026-03-27 |
| cnvd-2026-15150 | HCL AION存在未明漏洞(CNVD-2026-15150) | 2026-03-19 | 2026-03-27 |
| cnvd-2026-15149 | HCL AION存在未明漏洞(CNVD-2026-15149) | 2026-03-19 | 2026-03-27 |
| cnvd-2026-15148 | HCL AION存在未明漏洞(CNVD-2026-15148) | 2026-03-19 | 2026-03-27 |
| cnvd-2026-15147 | HCL AION存在未明漏洞(CNVD-2026-15147) | 2026-03-19 | 2026-03-27 |
| cnvd-2026-15146 | HCL AION SQL注入漏洞(CNVD-2026-15146) | 2026-03-19 | 2026-03-27 |
| cnvd-2026-15145 | HCL AION信息泄露漏洞(CNVD-2026-15145) | 2026-03-19 | 2026-03-27 |
| cnvd-2026-15251 | ZTE MF258K Pro配置缺陷漏洞 | 2026-01-19 | 2026-03-26 |
| cnvd-2026-15061 | OpenClaw操作系统命令注入漏洞 | 2026-03-24 | 2026-03-26 |
| cnvd-2026-15060 | OpenClaw操作系统命令注入漏洞(CNVD-2026-15060) | 2026-03-24 | 2026-03-26 |
| cnvd-2026-15059 | OpenClaw操作系统命令注入漏洞(CNVD-2026-15059) | 2026-03-24 | 2026-03-26 |
| cnvd-2026-15058 | OpenClaw命令注入漏洞(CNVD-2026-15058) | 2026-03-26 | 2026-03-26 |
| cnvd-2026-15057 | OpenClaw加密问题漏洞(CNVD-2026-15057) | 2026-03-26 | 2026-03-26 |
| cnvd-2026-14995 | Apple macOS Tahoe信息泄露漏洞(CNVD-2026-14995) | 2026-03-02 | 2026-03-26 |
| cnvd-2026-14994 | Apple macOS Tahoe信息泄露漏洞(CNVD-2026-14994) | 2026-03-02 | 2026-03-26 |
| cnvd-2026-14975 | Apple macOS越界读取漏洞(CNVD-2026-14975) | 2026-03-02 | 2026-03-26 |
| cnvd-2026-14974 | Apple macOS信息泄露漏洞(CNVD-2026-14974) | 2026-03-02 | 2026-03-26 |
| cnvd-2026-14973 | Apple macOS Tahoe权限提升漏洞 | 2026-03-02 | 2026-03-26 |
| cnvd-2026-14972 | Chamilo import.php文件操作系统命令注入漏洞 | 2026-03-09 | 2026-03-26 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2026-01844 | Уязвимость сервиса безопасности Advanced DNS Security (ADNS) операционной системы PAN-OS,… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01843 | Уязвимость функции loadRLE() загрузчика TGA-изображений (PluginTARGA.cpp) графической биб… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01842 | Уязвимость функции ws_user_gerList() сценария pwg.users.php системы управления контентом … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01841 | Уязвимость компонента Updater облачной платформы управления контейнерами Arcane, позволяю… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01840 | Уязвимость ИИ-агента OpenClaw (ранее - ClawdBot или MoltBot), связанная с отсутствием про… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01839 | Уязвимость функции blocked_path() пакета Python для создания приложений для моделей машин… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01838 | Уязвимость драйверов графических процессоров NVIDIA NVS, Quadro, NVIDIA RTX, GeForce, свя… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01837 | Уязвимость микропрограммного обеспечения графических процессоров Imagination, позволяющая… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01836 | Уязвимость микропрограммного обеспечения графических процессоров Imagination, позволяющая… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01835 | Уязвимость драйвера ESXi base микропрограммного обеспечения сетевых контроллеров Intel 80… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01834 | Уязвимость микропрограммного обеспечения контроллеров Intel Ethernet серии E810, связанна… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01833 | Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01832 | Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01831 | Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01830 | Уязвимость компонента File input браузера Google Chrome, позволяющая нарушителю осуществи… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01829 | Уязвимость компонента PictureInPicture браузера Google Chrome, позволяющая нарушителю ока… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01828 | Уязвимость компонента Animation браузера Google Chrome, позволяющая нарушителю оказать во… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01827 | Уязвимость функции конфиденциальности Fenced Frames браузера Google Chrome, позволяющая н… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01826 | Уязвимость компонента WebGPU браузера Google Chrome, позволяющая нарушителю вызвать отказ… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01825 | Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связ… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01824 | Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связ… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01823 | Уязвимость функции межсетевых экранов SSL-VPN операционных систем Fortinet FortiOS, позво… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01822 | Уязвимость операционных систем Fortinet FortiOS, связанная с недостаточной проверкой исто… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01821 | Уязвимость функции межсетевых экранов SSL-VPN операционных систем Fortinet FortiOS, позво… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01820 | Уязвимость интерфейса командной строки операционных систем Fortinet FortiOS, позволяющая … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01819 | Уязвимость графического пользовательского интерфейса операционных систем Fortinet FortiOS… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01818 | Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01817 | Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01816 | Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01815 | Уязвимость программного обеспечения Microsoft ACI Confidential Containers, связанная с не… | 16.02.2026 | 16.02.2026 |
| ID | Description | Updated |
|---|---|---|
| var-202603-1017 | A vulnerability was determined in Tenda FH451 1.0.0.9. Affected is the function sub_3C434… | 2026-03-09T23:54:57.504000Z |
| var-202603-0913 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affecte… | 2026-03-09T23:53:52.758000Z |
| var-201507-0645 | D-Link is an internationally renowned provider of network equipment and solutions, includ… | 2026-03-09T23:53:36.828000Z |
| var-202509-3918 | An issue was discovered in DIR-823 firmware 20250416. There is an RCE vulnerability in th… | 2026-03-09T23:52:25.566000Z |
| var-202603-0527 | Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform… | 2026-03-09T23:51:31.837000Z |
| var-202603-0907 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affecte… | 2026-03-09T23:51:31.712000Z |
| var-202603-0928 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affecte… | 2026-03-09T23:51:31.700000Z |
| var-201112-0097 | Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 a… | 2026-03-09T23:50:50.963000Z |
| var-202603-0854 | The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 a… | 2026-03-09T23:50:02.265000Z |
| var-202603-0956 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affecte… | 2026-03-09T23:49:39.350000Z |
| var-201103-0371 | SAP Crystal Reports Server is a complete reporting solution for creating, managing, and d… | 2026-03-09T23:49:06.528000Z |
| var-201807-0341 | ABB Panel Builder 800 all versions has an improper input validation vulnerability which m… | 2026-03-09T23:49:00.002000Z |
| var-202601-4617 | FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, do… | 2026-03-09T23:47:50.003000Z |
| var-202602-4602 | A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manag… | 2026-03-09T23:47:49.683000Z |
| var-202603-0595 | The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 a… | 2026-03-09T23:47:49.548000Z |
| var-201112-0173 | The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, … | 2026-03-09T23:47:43.188000Z |
| var-201809-0087 | WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vul… | 2026-03-09T23:47:39.073000Z |
| var-202603-0936 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affecte… | 2026-03-09T23:47:24.755000Z |
| var-202602-4478 | A vulnerability in Cisco Catalyst SD-WAN Manager could allow an authenticated, local atta… | 2026-03-09T23:46:19.733000Z |
| var-200607-0396 | Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) b… | 2026-03-09T23:46:10.855000Z |
| var-202603-0912 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affecte… | 2026-03-09T23:44:44.895000Z |
| var-201109-0089 | Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used… | 2026-03-09T23:43:52.032000Z |
| var-201112-0297 | Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Ne… | 2026-03-09T23:42:40.522000Z |
| var-202602-4354 | A vulnerability in Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote a… | 2026-03-09T23:41:43.191000Z |
| var-202603-0926 | This vulnerability allows network-adjacent attackers to bypass authentication on affected… | 2026-03-09T23:41:42.948000Z |
| var-201805-1147 | WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffe… | 2026-03-09T23:40:47.052000Z |
| var-202005-0008 | Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buf… | 2026-03-09T23:40:44.003000Z |
| var-202601-4765 | FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, ex… | 2026-03-09T23:40:28.326000Z |
| var-202602-3835 | A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could all… | 2026-03-09T23:40:28.093000Z |
| var-202602-3961 | A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated,… | 2026-03-09T23:40:28.074000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-028 | Draeger: ICMHelper is vulnerable to a privilege escalation | 2025-08-05T10:00:00.000Z | 2026-01-06T11:00:00.000Z |
| vde-2019-012 | TECSON/GOK: Improper Authentication and Access Control on multiple devices | 2019-06-04T13:21:00.000Z | 2025-05-14T13:00:14.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-104 | Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx, FL SWITCH TSN 23xx and FL SWITCH 59xx Firmware | 2026-03-18T08:00:00.000Z | 2026-03-18T08:00:00.000Z |
| vde-2025-109 | Phoenix Contact: Unbounded growth of the session cache in TCP encapsulation service in FL MGUARD 2xxx and 4xxx firmware | 2026-02-10T08:00:00.000Z | 2026-02-23T14:00:00.000Z |
| vde-2025-073 | Phoenix Contact: Security Advisory for TC ROUTER and CLOUD CLIENT Industrial mobile network routers | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| vde-2025-071 | Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx Firmware | 2025-12-09T08:00:00.000Z | 2026-01-12T08:00:00.000Z |
| vde-2025-074 | Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers | 2025-10-14T10:00:00.000Z | 2025-10-15T10:00:00.000Z |
| vde-2025-072 | Phoenix Contact: Security Advisory for QUINT4-UPS EIP | 2025-10-14T06:00:00.000Z | 2025-10-14T06:00:00.000Z |
| vde-2018-003 | PHOENIX CONTACT: addressing Meltdown and Spectre vulnerabilities | 2018-03-23T09:43:00.000Z | 2025-10-01T08:00:00.000Z |
| vde-2025-077 | Phoenix Contact: Two vulnerabilities in the jq JSON processor utilized by FL MGUARD 110x devices | 2025-09-09T10:00:00.000Z | 2025-09-09T10:00:00.000Z |
| vde-2025-064 | Phoenix Contact: Products utilizing WIBU-SYSTEMS CodeMeter Runtime Windows Installer have a privilege escalation | 2025-09-09T07:00:00.000Z | 2025-09-09T07:00:00.000Z |
| vde-2024-039 | Phoenix Contact: Multiple Vulnerabilities in mGuard devices | 2024-09-10T10:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2024-022 | Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers | 2024-08-13T10:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2025-063 | Phoenix Contact: Device and Update Management Windows Installer Privilege Escalation | 2025-08-12T10:00:00.000Z | 2025-08-12T10:00:00.000Z |
| vde-2025-019 | Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers | 2025-07-08T10:00:00.000Z | 2025-07-22T08:00:00.000Z |
| vde-2019-015 | PHOENIX CONTACT: Security Advisory for multiple Industrial Controllers | 2019-08-07T00:00:00.000Z | 2025-07-11T07:00:00.000Z |
| vde-2025-054 | Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware | 2025-07-08T10:00:00.000Z | 2025-07-08T10:00:00.000Z |
| vde-2025-053 | Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware | 2025-07-08T10:00:00.000Z | 2025-07-08T10:00:00.000Z |
| vde-2025-014 | Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers | 2025-07-08T10:00:00.000Z | 2025-07-08T10:00:00.000Z |
| vde-2023-057 | Phoenix Contact: Classic line industrial controllers prone to inadequate integrity check of PLC | 2023-12-12T07:00:00.000Z | 2025-06-05T13:28:12.000Z |
| vde-2023-001 | PHOENIX CONTACT: Multiple Vulnerabilities in PLCnext Firmware | 2023-02-14T07:50:00.000Z | 2025-06-05T13:28:12.000Z |
| vde-2020-002 | PHOENIX CONTACT: Advisory for multiple FL Switch GHS utilising VxWorks | 2020-02-25T09:07:00.000Z | 2025-06-05T13:28:12.000Z |
| vde-2024-073 | Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware | 2024-12-09T11:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-071 | Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware | 2024-12-09T11:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-058 | Phoenix Contact: PLCnext Control prone to download of code without integrity check | 2023-12-12T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-056 | Phoenix Contact: PLCnext prone to Incorrect Permission Assignment for Critical Resource | 2023-12-12T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-054 | Phoenix Contact: ProConOS prone to Download of Code Without Integrity Check | 2023-12-12T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-051 | Phoenix Contact: MULTIPROG Engineering tool and ProConOS eCLR SDK prone to CWE-732 | 2023-12-12T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-018 | Phoenix Contact: Multiple vulnerabilities in WP 6xxx Web panels | 2023-08-08T06:41:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-017 | Phoenix Contact: Multiple vulnerabilities in TC ROUTER, TC CLOUD CLIENT and CLOUD CLIENT devices | 2023-08-08T04:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-016 | Phoenix Contact: PLCnext Engineer Vulnerabilities in LibGit2Sharp/LibGit2 | 2023-08-08T06:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-051 | PHOENIX CONTACT: Denial-of-Service vulnerability in mGuard product family | 2022-11-15T09:27:00.000Z | 2025-05-22T13:03:10.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-085 | Welotec: Path Traversal in SmartEMS Upload Handling | 2025-09-10T07:00:00.000Z | 2025-09-22T08:00:00.000Z |
| vde-2025-076 | Welotec: Hard-coded JWT secret in egOS WebGUI | 2025-08-26T07:00:00.000Z | 2025-08-26T07:00:00.000Z |
| vde-2024-009 | Welotec: Two vulnerabilities in TK500v1 router series | 2024-04-09T08:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2024-043 | Welotec: Multiple products are vulnerable to regreSSHion | 2024-08-22T06:00:00.000Z | 2024-08-22T06:00:00.000Z |
| vde-2024-023 | Welotec: Clickjacking Vulnerability in WebUI | 2024-04-23T08:00:00.000Z | 2024-04-23T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| advisory2026-03_vde-2026-018 | CODESYS Control V3 - Externally-controlled format string in Auditlog | 2026-03-24T08:00:00.000Z | 2026-03-24T08:00:00.000Z |
| advisory2026-02_vde-2026-011 | CODESYS Control V3 - Untrusted boot application | 2026-03-24T08:00:00.000Z | 2026-03-24T08:00:00.000Z |
| advisory2026-01_vde-2026-012 | CODESYS Installer - Possible Privilege Escalation | 2026-03-10T10:00:00.000Z | 2026-03-10T10:00:00.000Z |
| advisory2025-10_vde-2025-100 | CODESYS Control - Invalid type usage in visualization | 2025-12-01T10:00:00.000Z | 2026-02-12T11:00:00.000Z |
| advisory2025-09_vde-2025-099 | CODESYS Control - Linux/QNX SysSocket flaw | 2025-12-01T11:00:00.000Z | 2026-02-12T11:00:00.000Z |
| advisory2025-11_vde-2025-101 | CODESYS Development System - Deserialization of Untrusted Data | 2025-12-01T10:00:00.000Z | 2025-12-01T10:00:00.000Z |
| advisory2025-08_vde-2025-070 | CODESYS Control V3 - NULL pointer dereference | 2025-08-04T08:00:00.000Z | 2025-10-14T08:00:00.000Z |
| advisory2025-07_vde-2025-051 | CODESYS Control V3 - Exposed PKI folder | 2025-08-04T10:00:00.000Z | 2025-09-01T10:00:00.000Z |
| advisory2025-06_vde-2025-049 | CODESYS Control V3 - Insecure default permissions | 2025-08-04T10:00:00.000Z | 2025-08-04T10:00:00.000Z |
| advisory2025-04_vde-2025-022 | CODESYS Control V3 - OPC UA Server Authentication bypass | 2025-03-18T11:00:00.000Z | 2025-06-05T13:31:01.000Z |
| advisory2025-03_vde-2025-015 | CODESYS Control V3 removable media path traversal | 2025-03-18T11:00:00.000Z | 2025-06-05T13:31:01.000Z |
| advisory2025-02_vde-2025-013 | CODESYS (Edge) Gateway for Windows insecure default | 2025-03-18T11:00:00.000Z | 2025-06-05T13:31:01.000Z |
| advisory2025-01_vde-2025-001 | CODESYS Key physical side-channel vulnerability | 2025-01-21T11:00:00.000Z | 2025-06-05T13:31:01.000Z |
| vde-2024-024 | CODESYS: Development System V2.3 affected by two vulnerabilities through corrupted project files | 2024-05-06T08:00:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2024-027 | CODESYS: Vulnerability in multiple products through exposure of resource to wrong sphere | 2024-06-04T06:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-026 | CODESYS: Vulnerability can cause a DoS on CODESYS OPC UA products | 2024-06-04T08:00:00.000Z | 2025-05-14T13:00:14.000Z |
| advisory2025-05_vde-2025-027 | CODESYS Visualization user management bypass in WebVisu | 2025-04-23T10:00:00.000Z | 2025-04-23T10:00:00.000Z |
| advisory2024-05_vde-2024-057 | CODESYS: CODESYS web server vulnerable to DoS | 2024-09-25T21:59:00.000Z | 2025-04-03T10:00:00.000Z |
| vde-2024-046 | OSCAT: Out-of-bounds read in OSCAT Basic library | 2024-09-10T14:00:00.000Z | 2024-09-10T14:00:00.000Z |
| vde-2023-066 | CODESYS: OS Command Injection Vulnerability in multiple CODESYS Control products | 2023-12-05T14:25:00.000Z | 2023-12-05T14:25:00.000Z |
| vde-2023-035 | CODESYS: Multiple products affected by WIBU Codemeter vulnerability | 2023-12-05T07:00:00.000Z | 2023-12-05T07:00:00.000Z |
| vde-2023-025 | CODESYS: Control runtime system memory and integrity check vulnerabilities | 2023-08-03T11:18:00.000Z | 2023-08-03T11:18:00.000Z |
| vde-2023-023 | CODESYS: Missing Brute-Force protection in CODESYS Development System | 2023-08-03T11:08:00.000Z | 2023-08-03T11:08:00.000Z |
| vde-2023-022 | CODESYS: Missing integrity check in CODESYS Development System | 2023-08-03T10:52:00.000Z | 2023-08-03T10:52:00.000Z |
| vde-2023-021 | CODESYS: Vulnerability in CODESYS Development System allows execution of binaries | 2023-08-03T10:48:00.000Z | 2023-08-03T10:48:00.000Z |
| vde-2023-019 | CODESYS: Multiple Vulnerabilities in CmpApp CmpAppBP and CmpAppForce | 2023-08-03T10:42:00.000Z | 2023-08-03T10:42:00.000Z |
| vde-2023-024 | CODESYS: Vulnerability in CODESYS Development System and CODESYS Scripting | 2023-07-28T07:45:00.000Z | 2023-07-28T07:45:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-067 | Wiesemann & Theis: Motherbox 3 allows unauthenticated read-only DB access | 2025-08-10T10:00:00.000Z | 2025-08-25T10:00:00.000Z |
| vde-2022-057 | Wiesemann & Theis multiple products prone to web interface vulnerability | 2022-12-13T07:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-018 | Wiesemann & Theis: Multiple products prone to unquoted search path | 2024-02-28T07:00:00.000Z | 2025-05-14T12:36:39.000Z |
| vde-2025-024 | Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated jQuery version | 2025-05-13T10:00:00.000Z | 2025-05-13T10:00:00.000Z |
| vde-2025-032 | Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting | 2025-05-06T10:00:00.000Z | 2025-05-06T10:00:00.000Z |
| vde-2025-031 | Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated TLS protocol versions | 2025-04-28T10:00:00.000Z | 2025-04-28T10:00:00.000Z |
| vde-2022-043 | Wiesemann & Theis: Multiple Vulnerabilities in the Com-Server Family | 2022-11-07T11:43:00.000Z | 2022-11-07T12:14:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2026-030 | MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2026-04-02T11:00:00.000Z | 2026-04-02T11:00:00.000Z |
| vde-2026-024 | MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2026-03-23T12:00:00.000Z | 2026-03-23T12:00:00.000Z |
| vde-2024-068 | MB connect line: Multiple Vulnerabilities in MB connect line Products | 2024-10-15T08:00:00.000Z | 2026-03-06T08:00:00.000Z |
| vde-2024-056 | MB connect line: Multiple Vulnerabilities in mbNET.mini Product | 2024-10-15T08:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2024-010 | Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2025-03-18T11:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2025-065 | MB connect line: Sandbox escape in mbNET's LUA interpreter | 2025-07-31T10:00:00.000Z | 2025-07-31T10:00:00.000Z |
| vde-2025-058 | MB connect line: Multiple vulnerabilities in mbNET.mini | 2025-07-21T10:00:00.000Z | 2025-07-21T10:00:00.000Z |
| vde-2025-035 | Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2025-06-24T10:00:00.000Z | 2025-06-24T10:00:00.000Z |
| vde-2025-034 | Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2025-06-24T10:00:00.000Z | 2025-06-24T10:00:00.000Z |
| vde-2021-030 | MB connect line: two vulnerabilities in mymbCONNECT24, mbCONNECT24 (Update A) | 2022-09-07T10:48:00.000Z | 2025-06-06T07:00:00.000Z |
| vde-2023-002 | MB Connect Line: Multiple vulnerabilities in mbConnect24 and mymbConnect24 | 2023-05-15T14:06:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-037 | MB connect line: Remote user enumeration in mbCONNECT24/mymbCONNECT24 | 2021-10-27T10:15:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-031 | MB connect line: Apache Guacamole related vulnerabilities in mbCONNECT24 | 2021-07-22T11:33:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-017 | MB connect line: Privilege escalation in mbDIALUP | 2021-07-22T11:35:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-012 | MB connect line: multiple products partially affected by DNSpooq | 2021-04-26T08:04:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-035 | MB connect line: Multiple Vulnerabilities in mymbCONNECT24 and mbCONNECT24 <= v2.6.1 | 2020-09-18T12:30:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2024-030 | MB connect line: mbNET.mini vulnerable to OS command injection | 2024-07-03T09:00:00.000Z | 2024-07-03T09:00:00.000Z |
| vde-2023-041 | MB connect line: Vulnerability allows access to non-critical information in mbCONNECT24 and mymbCONNECT24 | 2023-10-16T08:38:00.000Z | 2023-10-16T08:38:00.000Z |
| vde-2024-042 | MB connect line: Multiple products are vulnerable to regreSSHion | 2023-08-17T12:00:00.000Z | 2023-08-17T12:00:00.000Z |
| vde-2023-012 | MB connect line: Cross-site Scripting vulnerability in mbNET/mbNET.rokey | 2023-08-17T12:00:00.000Z | 2023-08-17T12:00:00.000Z |
| vde-2022-011 | MB connect line: Unauthenticated user enumeration in mbCONNECT24 and mymbCONNECT24 | 2022-09-07T12:50:00.000Z | 2022-09-07T12:50:00.000Z |
| vde-2021-003 | MB connect line: Multiple vulnerabilites in mymbCONNECT24 and mbCONNECT24 (Update A) | 2022-09-07T10:46:00.000Z | 2022-09-07T10:46:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2026-025 | Helmholz: Multiple Vulnerabilities in myREX24V2 / myREX24V2.virtual | 2026-03-23T12:00:00.000Z | 2026-03-23T12:00:00.000Z |
| vde-2024-069 | Helmholz: Multiple Vulnerabilities in Helmholz products | 2024-10-15T08:00:00.000Z | 2026-03-06T08:00:00.000Z |
| vde-2024-066 | Helmholz: Multiple Vulnerabilities in Helmholz REX100 Product | 2024-10-15T08:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2025-069 | Helmholz: Sandbox escape in REX200/250 LUA interpreter | 2025-07-31T10:00:00.000Z | 2025-07-31T10:00:00.000Z |
| vde-2025-059 | Helmholz: Multiple vulnerabilities in REX 100 | 2025-07-21T10:00:00.000Z | 2025-07-21T10:00:00.000Z |
| vde-2025-038 | Vulnerabilities in myREX24/myREX24.virtual | 2025-06-24T10:00:00.000Z | 2025-06-24T10:00:00.000Z |
| vde-2025-037 | Vulnerabilities in myREX24/myREX24.virtual | 2025-06-24T10:00:00.000Z | 2025-06-24T10:00:00.000Z |
| vde-2021-057 | Helmholz: Privilege Escalation in shDialup (Update A) | 2021-03-28T13:03:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2024-031 | Helmholz: Vulnerabilities in myREX24 V2/myREX24.virtual | 2025-03-18T11:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2022-017 | Helmholz: Unauthenticated user enumeration in myREX24 and myREX24.virtual | 2022-09-07T12:54:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-058 | Helmholz: Remote user enumeration in myREX24/myREX24-virtual | 2021-12-08T13:04:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-044 | Helmholz: Multiple products are vulnerable to regreSSHion | 2024-07-31T08:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2024-032 | Helmholz: REX 100 vulnerable to OS command injection | 2024-07-03T09:00:00.000Z | 2024-07-03T13:33:00.000Z |
| vde-2023-043 | Helmholz: Vulnerability allows access to non-critical information in myREX24 and myREX24.virtual | 2023-10-16T08:38:00.000Z | 2023-10-16T08:38:00.000Z |
| vde-2023-029 | Helmholz: Cross-site Scripting vulnerability in REX 200/REX 250 | 2023-08-17T12:00:00.000Z | 2023-08-17T12:00:00.000Z |
| vde-2023-008 | Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual | 2023-05-15T12:06:00.000Z | 2023-05-15T12:06:00.000Z |
| vde-2022-039 | Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual | 2022-09-07T10:56:00.000Z | 2022-09-07T10:56:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fsa-202601 | Several CODESYS vulnerabilities in Festo Automation Suite | 2026-02-26T08:00:00.000Z | 2026-02-26T08:00:00.000Z |
| fsa-202302 | Festo: Several vulnerabilities in FactoryViews | 2023-07-10T10:00:00.000Z | 2026-02-02T08:00:00.000Z |
| fsa-202402 | Several Vulnerabilities in MES PC (Windows 10) | 2024-02-27T12:00:00.000Z | 2025-12-08T07:00:00.000Z |
| fsa-202405 | Festo: Siemens S7-1500/ET200SP CPU used in Festo Didactic products contains a memory protection bypass vulnerability | 2024-09-09T07:00:00.000Z | 2025-11-05T08:00:00.000Z |
| fsa-202401 | Festo: Multiple products contain CoDe16 vulnerability | 2024-01-30T07:00:00.000Z | 2025-11-04T11:00:00.000Z |
| fsa-202202 | Festo: Controller CECC-S,LK,D family <= 2.3.8.1 - multiple vulnerabilities in CODESYS V3 runtime system | 2022-07-18T10:00:00.000Z | 2025-11-03T11:00:00.000Z |
| fsa-202209 | Festo: Incomplete documentation of remote accessible functions and protocols in Festo products | 2022-11-29T11:49:00.000Z | 2025-11-03T10:00:00.000Z |
| fsa-202208 | Festo: Multiple Festo products contain an unsafe default Codesys configuration | 2022-11-29T11:41:00.000Z | 2025-10-28T11:00:00.000Z |
| fsa-202206 | Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in multiple products | 2022-12-13T11:50:00.000Z | 2025-10-01T10:50:00.000Z |
| fsa-202304 | Festo: MSE6-C2M/D2M/E2M Incomplete User Documentation of Remote Accessible Functions | 2023-09-05T10:00:00.000Z | 2025-10-01T10:00:00.000Z |
| fsa-202301 | Festo: Cross-Site-Scripting (XSS) vulnerability in LX-Appliance | 2023-08-29T10:00:00.000Z | 2025-10-01T10:00:00.000Z |
| fsa-202303 | Festo: Vulnerable Siemens TIA-Portal in multiple Festo Didactic products | 2023-10-17T06:00:00.000Z | 2025-10-01T06:00:00.000Z |
| fsa-202101 | Festo: Multiple vulnerabilities in Ethernet/IP Stack of SBRD-Q/SBOC-Q/SBOI-Q | 2021-09-22T11:13:00.000Z | 2025-08-26T10:00:00.000Z |
| fsa-202207 | Festo: CPX-CEC-C1 and CPX-CMXX, Missing Authentication for Critical Webpage Function | 2022-09-20T10:00:00.000Z | 2025-07-28T10:00:00.000Z |
| fsa-202203 | Festo: Controller CECC-S,LK,D family firmware 2.4.2.0 - multiple vulnerabilities in CODESYS V3 runtime system | 2022-07-18T10:00:00.000Z | 2025-07-10T10:00:00.000Z |
| fsa-202201 | Festo: CECC-X-M1 - command injection vulnerabilities | 2022-07-06T07:00:00.000Z | 2025-06-23T08:00:00.000Z |
| fsa-202305 | Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in several products | 2023-11-28T07:00:00.000Z | 2025-05-13T10:00:00.000Z |
| fsa-202406 | Several Codesys Gateway v2 vulnerabilities in Codesys provided by Festo | 2024-12-03T11:00:00.000Z | 2024-12-03T14:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-011 | PEPPERL+FUCHS: Profinet Gateway LB8122A.1.EL – Device is affected by XSS vulnerability and information disclosure | 2025-05-26T10:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2024-038 | Pepperl+Fuchs: Anonymous FTP server and Telnet access allows information disclosure and manipulation | 2024-07-10T06:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2025-002 | PEPPERL+FUCHS: HMI – devices are affected by Windows RCE | 2025-02-25T11:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-017 | Pepperl+Fuchs: ICE2- * and ICE3- * are affected by multiple vulnerabilities | 2024-04-10T06:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-021 | Pepperl+Fuchs: RSM-EX devices - Multiple Bluetooth vulnerabilities | 2022-05-16T14:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-041 | Pepperl+Fuchs: Multiple DTM and VisuNet Software affected by log4net vulnerability | 2021-10-26T13:35:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-053 | Pepperl+Fuchs: Comtrol RocketLinx ICRL-M - Multiple Vulnerabilities | 2021-03-08T13:44:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-017 | Pepperl+Fuchs, PACTware: Two password vulnerabilities found | 2020-05-29T10:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-033 | PEPPERL+FUCHS: Device Master ICDM-RX/* – Vulnerability may allow unauthenticated remote attacker information disclosure and denial of service | 2024-08-13T12:00:00.000Z | 2025-05-14T14:34:17.000Z |
| vde-2020-014 | Pepperl+Fuchs: Kr00k vulnerabilities in Broadcom Wi-Fi chipsets | 2020-03-31T13:30:00.000Z | 2025-05-14T14:34:17.000Z |
| vde-2021-006 | Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service | 2021-11-16T14:53:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2020-050 | Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service | 2021-02-15T13:33:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2021-028 | Pepperl+Fuchs: Multiple VDM100-Distance Ethernet-IP sensors with multiple vulnerabilities | 2021-08-16T12:01:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-027 | Pepperl+Fuchs: WirelessHART-Gateway - Vulnerability may allow remote attackers to cause a Denial Of Service | 2021-10-16T12:00:00.001Z | 2025-05-14T13:00:14.000Z |
| vde-2020-038 | Pepperl+Fuchs: Multiple vulnerabilites in Comtrol IO-Link Master | 2021-01-04T13:01:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2019-002 | Pepperl+Fuchs: Path traversal in WirelessHART Gateway | 2019-03-06T10:35:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-007 | Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service | 2021-02-16T14:53:00.000Z | 2025-05-14T12:53:43.000Z |
| vde-2024-065 | PEPPERL+FUCHS: HMI devices are affected by Insecure Platform Key | 2024-11-26T11:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2024-063 | PEPPERL+FUCHS: Multiple products are affected by regreSSHion | 2024-10-08T12:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-001 | Pepperl+Fuchs: Vulnerability allowing code-excution in PACTware <=5.0.5.31 | 2021-01-15T12:41:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2018-016 | Pepperl+Fuchs: ecom Mobile devices prone to Android privilege elevation vulnerability | 2018-10-19T10:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2018-002 | Pepperl+Fuchs: HMI devices vulnerable to Meltdown and Spectre Attacks | 2018-02-14T08:50:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2024-037 | Pepperl+Fuchs: Use after free vulnerability in Smart-Ex 02 and Smart-Ex 03 | 2024-07-10T06:00:00.000Z | 2024-07-10T06:00:00.000Z |
| vde-2022-012 | Pepperl+Fuchs: Vulnerability in multiple VisuNet devices | 2022-04-26T12:00:00.000Z | 2022-05-16T14:15:00.000Z |
| vde-2021-034 | Pepperl+Fuchs: Security Advisory for PrintNightmare Vulnerability in multiple HMI Devices | 2021-07-30T07:55:00.000Z | 2021-07-30T07:55:00.000Z |
| vde-2021-018 | Pepperl+Fuchs: Multiple vulnerabilites in ICE1 Ethernet IO Modules | 2021-05-12T08:57:00.000Z | 2021-05-12T08:57:00.000Z |
| vde-2020-040 | Pepperl+Fuchs: Multiple Products prone to multiple vulnerabilities in Comtrol RocketLinux | 2020-10-05T12:00:00.000Z | 2020-10-05T12:00:00.000Z |
| vde-2020-034 | Pepperl+Fuchs: VMT MSS and VMT IS - Several vulnerabilities in products utilizing WIBU-SYSTEMS CodeMeter components | 2020-09-10T13:22:00.000Z | 2020-09-10T13:22:00.000Z |
| vde-2019-011 | Pepperl+Fuchs: Remote code execution vulnerability in HMI devices | 2019-05-29T07:35:00.000Z | 2019-10-07T10:00:00.000Z |
| vde-2019-004 | Pepperl+Fuchs: ecom Mobile Devices prone to BlueBorne Attack | 2019-03-14T07:52:00.000Z | 2019-03-14T07:52:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ppsa-2026-001 | Pilz: Multiple Vulnerabilities affecting the PIT User Authentication Service | 2026-02-02T08:00:00.000Z | 2026-02-02T10:00:00.000Z |
| ppsa-2025-004 | Pilz: Vulnerability affecting PASvisu Runtime | 2025-10-20T10:00:00.000Z | 2025-10-20T10:00:00.000Z |
| ppsa-2025-003 | Pilz: Authentication Bypass in IndustrialPI Webstatus | 2025-07-01T10:00:00.000Z | 2025-07-01T10:00:00.000Z |
| ppsa-2025-002 | Pilz: Missing Authentication in Node-RED integration | 2025-07-01T10:00:00.000Z | 2025-07-01T10:00:00.000Z |
| ppsa-2025-001 | Pilz: Authentication Bypass and Cross-Site-Scripting in PiCtory | 2025-06-30T10:00:00.000Z | 2025-06-30T10:00:00.000Z |
| vde-2022-044 | Pilz: Multiple products affected by ZipSlip | 2022-11-24T09:00:00.000Z | 2025-06-05T13:28:13.000Z |
| vde-2023-048 | Pilz: Multiple products prone to libwebp vulnerability | 2023-12-05T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-033 | Pilz: WIBU Vulnerabilitiy in multiple Products | 2023-10-12T06:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-045 | Pilz: PAS 4000 prone to ZipSlip | 2022-11-24T09:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-009 | Pilz: Multiple products prone to Niche Ethernet Stack vulnerabilities | 2021-09-20T11:56:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-033 | Pilz: Multiple products prone to WIBU-SYSTEMS CodeMeter vulnerabilities | 2020-09-10T13:18:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2023-050 | Pilz: Vulnerability in PASvisu and PMI v8xx | 2024-01-30T07:00:00.000Z | 2025-04-10T13:00:00.000Z |
| vde-2024-002 | Pilz: Multiple products affected by uC/HTTP vulnerability | 2024-02-06T07:00:00.000Z | 2024-02-06T07:00:00.000Z |
| vde-2023-059 | Pilz: Electron Vulnerabilities in PASvisu and PMI v8xx | 2023-12-05T07:06:00.000Z | 2023-12-05T07:06:00.000Z |
| vde-2022-033 | Pilz: PASvisu and PMI affected by multiple vulnerabilities | 2022-11-24T09:00:00.000Z | 2022-11-24T09:00:00.000Z |
| vde-2021-061 | Pilz: PMC programming tool 3.x.x affected by multiple vulnerabilities | 2022-04-26T10:00:00.000Z | 2022-04-26T10:00:00.000Z |
| vde-2021-055 | Pilz: PMC programming tool 2.x.x affected by multiple vulnerabilities | 2022-04-26T10:00:00.000Z | 2022-04-26T10:00:00.000Z |
| vde-2021-054 | Pilz: Multiple vulnerabilities in CODESYS V2 and V3 runtime system | 2022-04-26T10:00:00.000Z | 2022-04-26T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2026-021 | WAGO: Multiple Vulnerabilities in WAGO VC Hub | 2026-03-30T07:00:00.000Z | 2026-03-30T07:00:00.000Z |
| vde-2026-010 | WAGO: Multiple Vulnerabilities in WAGO Solution Builder and WAGO Device Sphere | 2026-03-30T07:00:00.000Z | 2026-03-30T07:00:00.000Z |
| vde-2026-020 | WAGO: Vulnerability in managed switches | 2026-03-23T08:00:00.000Z | 2026-03-23T08:00:00.000Z |
| vde-2026-004 | WAGO: Vulnerabilities in Managed Switch | 2026-02-09T08:00:00.000Z | 2026-02-09T08:00:00.000Z |
| vde-2025-095 | WAGO: Vulnerabilities in WAGO Industrial-Managed Switches | 2025-12-10T10:00:00.000Z | 2026-01-19T08:00:00.000Z |
| vde-2025-018 | WAGO: Vulnerabilities in WAGO Device Manager | 2025-06-16T10:00:00.000Z | 2025-11-21T12:00:00.000Z |
| vde-2025-062 | WAGO: Multiple Vulnerabilities in CODESYS components | 2025-11-03T11:00:00.000Z | 2025-11-03T11:00:00.000Z |
| vde-2025-087 | WAGO: Vulnerabilities in Device Sphere and Solution Builder | 2025-09-24T09:00:00.000Z | 2025-09-24T09:00:00.000Z |
| vde-2018-013 | WAGO: 750-8xx Controller Denial of Service | 2018-08-17T09:45:00.000Z | 2025-09-22T10:00:00.000Z |
| vde-2025-083 | WAGO: Vulnerability in hardware switch circuit | 2025-09-15T08:00:00.000Z | 2025-09-15T08:00:00.000Z |
| vde-2025-080 | WAGO: Multiple Vulnerabilities in I/O-Check Service | 2025-09-09T10:00:00.000Z | 2025-09-09T10:00:00.000Z |
| vde-2025-082 | WAGO: Critical sudo Vulnerability in Multiple Products | 2025-09-08T07:00:00.000Z | 2025-09-08T07:00:00.000Z |
| vde-2025-048 | WAGO: Escalation of Privileges in Coupler Firmware | 2025-09-08T07:00:00.000Z | 2025-09-08T07:00:00.000Z |
| vde-2025-057 | WAGO: Vulnerability in WAGO Device Sphere | 2025-06-23T10:00:00.000Z | 2025-07-07T06:15:00.000Z |
| vde-2025-040 | WAGO: Vulnerabilities in ctrlX OS app | 2025-06-16T10:00:00.000Z | 2025-06-16T10:00:00.000Z |
| vde-2024-014 | WAGO: Multiple products affected by Terrapin | 2024-02-22T07:00:00.000Z | 2025-06-05T13:28:13.000Z |
| vde-2025-020 | WAGO: Switches affected by year 2k38 problem | 2025-06-02T06:00:00.000Z | 2025-06-02T06:00:00.000Z |
| vde-2024-047 | WAGO: Multiple vulnerabilities in docker configuration | 2024-11-18T11:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-026 | WAGO: Multiple products prone to multiple vulnerabilities in e!Runtime / CODESYS V3 Runtime | 2023-07-31T07:36:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-007 | WAGO: Unauthenticated command execution via Web-based-management UPDATE A | 2023-05-15T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-009 | WAGO: Multiple Products affected by Linux Kernel Vulnerability Dirty Pipe | 2022-04-06T07:30:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-002 | WAGO: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro | 2022-01-31T13:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-060 | WAGO: Smart Script affected by Log4Shell Vulnerability | 2022-01-05T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-049 | WAGO: Denial of Service Vulnerability in CODESYS Runtime 2.3 | 2021-11-16T12:05:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-014 | WAGO: Multiple Vulnerabilities in CODESYS Runtime 2.3 | 2021-05-20T09:08:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-011 | WAGO: Multiple Vulnerabilities in I/O-Check Service | 2020-03-09T09:30:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-009 | WAGO: e!Cockpit Two Update Package Vulnerabilities | 2020-03-09T09:18:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2018-010 | WAGO: Multiple vulnerabilities in e!DISPLAY products | 2018-07-10T09:50:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2025-008 | WAGO: Vulnerabilities in CODESYS Control | 2025-02-04T11:00:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2020-036 | WAGO: Multiple Vulnerabilities in I/O-Check Service | 2021-06-29T10:00:00.000Z | 2025-05-14T13:00:15.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2024-061 | ifm: Improper Access Control vulnerability | 2025-06-30T10:00:00.000Z | 2026-02-18T08:00:00.000Z |
| vde-2024-028 | ifm moneo password reset can be exploited | 2024-05-06T10:00:00.000Z | 2026-01-15T11:00:00.000Z |
| vde-2024-012 | ifm: Vulnerabilities in ifm AC14 firmware | 2024-07-09T07:00:00.000Z | 2026-01-15T11:00:00.000Z |
| vde-2022-050 | IFM: weak password recovery vulnerability in moneo appliance | 2022-12-12T11:00:00.000Z | 2026-01-06T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-106 | Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server | 2026-01-26T10:00:00.000Z | 2026-02-12T09:00:00.000Z |
| vde-2025-092 | Beckhoff: Privilege escalation and information leak via Beckhoff Device Manager | 2026-01-27T11:00:00.000Z | 2026-01-27T11:00:00.000Z |
| vde-2025-075 | Beckhoff: Deserialization of untrusted data by TwinCAT 3 Engineering | 2025-09-09T10:00:00.000Z | 2025-09-09T10:00:00.000Z |
| vde-2022-003 | BECKHOFF: Null Pointer Dereference vulnerability in products with OPC UA technology | 2022-03-01T12:34:00.000Z | 2025-06-05T13:28:13.000Z |
| vde-2024-050 | Beckhoff: Denial-of-Service vulnerability in the MDP package included in TwinCAT/BSD operating system | 2024-08-27T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-049 | Beckhoff: Denial-of-Service vulnerability in the IPC-Diagnostics package included in TwinCAT/BSD operating system | 2024-08-27T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-048 | Beckhoff: Improper neutralization of input in IPC-Diagnostics-www package included in TwinCAT/BSD operating system | 2024-08-27T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-045 | Beckhoff: Local authentication bypass in IPC-Diagnostics package included in TwinCAT/BSD operating system | 2024-08-27T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-067 | Beckhoff: Open redirect in TwinCAT/BSD package authelia-bhf | 2023-12-13T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-051 | Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server | 2021-11-04T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-008 | Beckhoff: Stack Overflow and XXE vulnerability in various OPC UA products | 2024-10-21T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-037 | Beckhoff: Privilege Escalation through TwinCat System Tray (TcSysUI.exe) | 2020-11-19T13:41:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-019 | Beckhoff: EtherLeak in TwinCAT RT network driver | 2020-06-16T08:31:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-005 | Beckhoff: BK9000 couplers - Denial of service inhibits function | 2020-03-10T13:17:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2019-019 | Beckhoff: TwinCAT Denial-of-Service in Profinet driver | 2019-10-09T10:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-064 | Beckhoff: Local command injection via TwinCAT Package Manager | 2024-10-31T11:00:00.000Z | 2025-04-11T07:00:00.000Z |
| vde-2020-051 | Beckhoff: DoS-Vulnerability for TwinCAT OPC UA Server and IPC Diagnostics UA Server | 2021-04-27T08:08:00.000Z | 2021-05-11T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2026-007 | TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability | 2026-02-23T08:00:00.000Z | 2026-02-23T08:00:00.000Z |
| vde-2021-011 | TRUMPF Laser GmbH: TruControl 2.14.0 to 3.14.0 affected by recent sudo vulnerability | 2021-03-22T08:59:00.000Z | 2026-02-02T14:25:00.000Z |
| vde-2025-078 | TRUMPF: Remote support uses an outdated encryption algorithm | 2025-08-25T06:00:00.000Z | 2025-08-29T10:00:00.000Z |
| vde-2024-005 | TRUMPF: Multiple products contain vulnerable version of 7-zip | 2024-01-23T07:00:00.000Z | 2025-06-05T13:28:12.000Z |
| vde-2024-004 | TRUMPF: Multiple products affected by log4net vulnerability | 2025-04-22T10:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-003 | TRUMPF: Multiple products include a vulnerable version of Notepad++ | 2024-01-23T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-049 | TRUMPF: Multiple products prone to X.Org server vulnerabilities | 2022-11-07T11:43:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-039 | TRUMPF: Multiple products prone to WIBU CodeMeter vulnerabilities | 2020-10-27T10:28:00.000Z | 2025-05-14T12:36:39.000Z |
| vde-2024-040 | Multiple TRUMPF products prone to regreSSHion OpenSSH server vulnerabilities | 2024-06-25T10:00:00.000Z | 2025-04-10T13:00:00.000Z |
| vde-2024-034 | Multiple TRUMPF products prone to nftables server vulnerabilities | 2024-06-25T10:00:00.000Z | 2025-04-10T13:00:00.000Z |
| vde-2024-001 | TRUMPF: Multiple products contain WIBU CodeMeter vulnerabilities | 2024-01-29T07:00:00.000Z | 2024-01-29T07:00:00.000Z |
| vde-2024-006 | TRUMPF: Oseon contains vulnerable version of OpenSSL 1.1.x | 2024-01-23T07:00:00.000Z | 2024-01-23T07:00:00.000Z |
| vde-2023-031 | Trumpf: Multiple Products affected by WIBU Codemeter Vulnerability | 2023-09-13T10:00:00.000Z | 2023-11-13T11:00:00.000Z |
| vde-2022-023 | TRUMPF TruTops prone to improper access control | 2022-10-17T10:00:00.000Z | 2022-10-17T10:00:00.000Z |
| vde-2022-034 | TRUMPF: Products prone to Unified Automation vulnerabilities | 2022-08-15T10:00:00.000Z | 2022-08-15T10:00:00.000Z |
| vde-2022-016 | TRUMPF: TruTops Fab, TruTops Boost prone to vulnerability | 2022-05-02T10:00:00.000Z | 2022-05-02T10:00:00.000Z |
| vde-2021-033 | TRUMPF Laser GmbH: multiple products prone to codesys runtime vulnerabilities | 2021-08-12T13:02:00.001Z | 2021-08-12T13:02:00.001Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-043 | Lenze: PLC Designer V4 with insecure storage of sensitive information | 2025-06-25T10:00:00.000Z | 2025-06-25T10:00:00.000Z |
| vde-2025-042 | Lenze: VPN Client Privilege Escalation in combination with Lenze x500 IoT Gateway | 2025-05-27T09:00:00.000Z | 2025-05-27T09:00:00.000Z |
| vde-2024-053 | Lenze: Install Directory with insufficient permissions | 2024-09-03T08:00:00.000Z | 2025-03-13T11:30:00.000Z |
| vde-2022-030 | Lenze: Vulnerability in the OPC-UA authentification connection in the firmware | 2022-07-11T10:00:00.000Z | 2022-07-11T10:00:00.000Z |
| vde-2021-048 | Lenze: Multiple Vulnerabilities in CODESYS Control V2 communication | 2021-10-04T12:33:00.000Z | 2021-10-04T12:33:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2022-029 | Carlo Gavazzi Controls: Multiple Vulnerabilities in Controller UWP 3.0 | 2022-09-26T08:00:00.000Z | 2026-03-02T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-047 | AUMA: Incorrect delivery status of the Bluetooth configuration | 2025-06-10T10:00:00.000Z | 2025-06-10T10:00:00.000Z |
| vde-2023-028 | AUMA: SIMA Master Station affected by WRECK vulnerability | 2023-08-07T11:35:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2022-024 | Auma: SIMA² Master Station Denial of Service Vulnerability on Automation Runtime Webserver | 2022-06-15T10:00:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2025-026 | AUMA Riester: Buffer overflow in service telegram | 2025-05-12T10:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2023-027 | AUMA: Reflected Cross-Site Scripting Vulnerability in SIMA Master Stations | 2023-08-07T09:35:00.000Z | 2023-08-07T09:35:00.000Z |
| vde-2022-032 | AUMA: Multiple Vulnerabilities in Automation Runtime NTP Service | 2022-08-09T08:00:00.000Z | 2022-08-09T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-084 | Bender Charge Controller Vulnerability - Unsecure Communication | 2025-09-08T07:00:00.000Z | 2025-09-08T07:00:00.000Z |
| vde-2025-061 | Bender Charge Controller Vulnerability - Disclosure Of Stored Credentials When Authenticated | 2025-09-08T07:00:00.000Z | 2025-09-08T07:00:00.000Z |
| vde-2021-047 | Bender/ebee: Multiple Charge Controller Vulnerabilities | 2022-04-26T10:00:00.000Z | 2022-04-26T10:00:00.000Z |
| vde-2020-043 | Bender: COMTRAXX < 4.2.0 affected by inadquate credentials check vulnerability | 2020-10-16T06:54:00.000Z | 2020-10-16T06:54:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-107 | Endress+Hauser: Multiple products affected by Qualcomm vulnerabilities | 2025-12-05T11:00:00.000Z | 2026-04-02T10:00:00.000Z |
| vde-2026-003 | Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime | 2026-03-31T08:00:00.000Z | 2026-04-01T11:00:00.000Z |
| vde-2026-002 | Endress+Hauser: buffer overflow in glibc ld.so leading to privilege escalation | 2026-03-02T07:00:00.000Z | 2026-03-02T07:00:00.000Z |
| vde-2025-068 | Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions | 2025-09-02T10:00:00.000Z | 2026-02-20T09:00:00.000Z |
| vde-2025-105 | Endress+Hauser: Multiple products affected by Wibu-Systems CodeMeter Vulnerability | 2025-12-08T09:00:00.000Z | 2025-12-08T09:00:00.000Z |
| vde-2024-054 | Endress+Hauser: Netilion Network Insights is affected by multiple vulnerabilities | 2024-10-21T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-044 | Endress+Hauser: Multiple products affected by log4net vulnerability | 2022-01-20T08:06:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-005 | Endress+Hauser: Multiple Devices affected by fdtContainer vulnerability | 2021-03-01T06:39:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-031 | Endress+Hauser: Multiple products prone to WIBU CodeMeter vulnerabilities | 2020-10-27T13:10:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-022 | Endress+Hauser: Ecograph T utilizing Webserver firmware version 2.x exposes sensitive information | 2020-11-19T14:48:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-040 | Endress+Hauser: Promass 83 with EtherNet/IP affected by a stack-based buffer overflow | 2021-10-04T12:30:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-010 | Endress+Hauser: products utilizing WPA2 vulnerable to KRACK attacks | 2021-05-18T09:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-021 | Endress+Hauser: Ecograph T utilizing Webserver firmware version 1.x suffers from improper privilege management | 2020-11-19T14:48:00.000Z | 2025-04-11T07:00:00.000Z |
| vde-2025-036 | Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 | 2025-03-06T14:00:00.000Z | 2025-03-06T14:00:00.000Z |
| vde-2024-041 | Endress+Hauser: Multiple products are vulnerable to code injection | 2024-09-10T08:00:00.000Z | 2024-09-10T08:00:00.000Z |
| vde-2022-019 | Endress+Hauser: Multiple products utilizing vulnerable WIBU-SYSTEMS CodeMeter components | 2022-06-02T15:11:00.000Z | 2022-06-02T15:11:00.000Z |
| vde-2022-006 | Endress+Hauser: FieldPort SFP50 Memory Corruption in Bluetooth Controller Firmware | 2022-03-24T10:48:00.000Z | 2022-03-24T10:48:00.000Z |
| vde-2019-005 | Endress+Hauser: WIFI enabled products utilising WPA2 | 2019-03-19T15:34:00.000Z | 2019-03-19T15:34:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-030 | Frauscher: FDS101, FDS-SNMP101 and FDS102 for FAdC/FAdCi are Vulnerable to OS Command Injection Vulnerability | 2025-07-07T10:00:00.000Z | 2025-07-29T10:00:00.000Z |
| vde-2023-049 | Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability | 2023-12-11T07:00:00.000Z | 2023-12-11T07:00:00.000Z |
| vde-2023-038 | Frauscher: Multiple Vulnerabilities in FDS101 | 2023-09-21T06:00:00.000Z | 2023-09-21T06:00:00.000Z |
| vde-2023-011 | Frauscher: Diagnostic System FDS001 for FAdC/FAdCi Path Traversal vulnerability | 2023-07-05T08:00:00.000Z | 2023-07-05T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2019-010 | Miele: Multiple Vulnerabilities in XGW 3000 ZigBee Gateway | 2019-05-20T06:58:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2020-024 | Miele: Treck TCP/IP Vulnerabilities (Ripple20) affecting Communication Module XKM3000 L MED | 2020-07-08T07:29:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2022-052 | Miele: Vulnerability in ease2pay cloud service used by appWash | 2022-11-21T09:00:00.000Z | 2022-11-21T09:00:00.000Z |
| vde-2022-015 | Miele: Security vulnerability in Benchmark Programming Tool | 2022-04-27T12:00:00.000Z | 2022-04-27T12:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-096 | Weidmueller: Multiple vulnerabilities in Energy Meter 750-24 and Energy Meter 750-230 | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| vde-2025-044 | Weidmueller: Industrial ethernet switches are affected by multiple vulnerabilities | 2025-05-27T09:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2025-052 | Weidmueller: Security routers IE-SR-2TX are affected by multiple vulnerabilities | 2025-06-11T10:00:00.000Z | 2025-07-23T10:00:00.000Z |
| vde-2023-032 | Weidmueller: WIBU Vulnerability in multiple Products | 2023-11-09T07:42:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2019-018 | Weidmueller: multiple vulnerabilities in various Industrial Ethernet managed switches | 2019-12-05T12:03:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2025-041 | Weidmueller: ResMa is affected by a Vulnerability for ASP.NET AJAX | 2025-05-19T09:00:00.000Z | 2025-05-19T09:00:00.000Z |
| vde-2025-021 | Weidmueller: Authentication Vulnerability in PROCON-WIN 5 | 2025-03-05T09:00:00.000Z | 2025-05-14T13:26:53.000Z |
| vde-2021-026 | Weidmueller: Multiple vulnerabilities in Industrial WLAN devices | 2021-06-23T11:04:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2021-042 | Weidmueller: Remote I/O fieldbus couplers (IP20) affected by INFRA:HALT vulnerabilities | 2021-10-18T08:24:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-016 | Weidmueller: Accidentally open network port in u-controls and IoT-Gateways | 2021-05-04T08:17:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-002 | Weidmueller: WI Manager affected by fdtContainer vulnerability | 2021-01-20T13:32:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-041 | Weidmueller: u-create studio < 1.20.2 affected by WIBU-SYSTEMS CodeMeter vulnerabilities | 2020-10-12T09:14:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2025-023 | Weidmueller: OpenSSL vulnerability in industrial ethernet switches | 2025-03-05T08:00:00.000Z | 2025-03-05T11:00:00.000Z |
| vde-2022-056 | Weidmueller: Multiple IoT and control products affected by JavaScript injection vulnerability | 2022-12-14T07:00:00.000Z | 2022-12-14T07:00:00.000Z |
| vde-2021-004 | Weidmueller: EtherNet/IP Fieldbus Coupler out-of-bounds write | 2022-06-21T08:00:00.000Z | 2022-06-21T08:00:00.000Z |
| vde-2022-008 | WEIDMUELLER: Multiple vulnerabilities in Modbus TCP/RTU Gateways | 2022-04-07T06:00:00.000Z | 2022-04-07T06:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-066 | SMA: Directory Traversal in Sunny Boy | 2025-08-27T08:00:00.000Z | 2025-08-27T08:00:00.000Z |
| vde-2025-050 | SMA: Sunny Portal limited disclosure of personal data of registered users to an authenticated user | 2025-08-19T10:00:00.000Z | 2025-08-19T10:00:00.000Z |
| vde-2024-075 | SMA: Sunny Webbox clickjacking vulnerability | 2025-01-27T13:00:00.000Z | 2025-06-17T06:00:00.000Z |
| vde-2025-012 | SMA: Sunny Portal Remote Code Execution | 2025-02-26T11:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2025-010 | SMA: Sunny Portal demo system privilege escalation | 2025-05-13T11:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-074 | SMA: SQL injection in Sunny Central UP | 2024-11-27T09:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2024-020 | SMA: Cluster Controller CSRF vulnerability | 2025-01-27T13:00:00.000Z | 2025-02-12T16:48:47.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2024-013 | HIMA: Multiple products affected by DoS and Port-Based-VLAN Crossing | 2024-02-13T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-059 | HIMA: unquoted path vulnerabilities in X-OPC and X-OTS | 2023-01-16T09:00:00.000Z | 2025-05-22T13:03:10.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-091 | Murrelektronik: Cleartext Transmission of Sensitive Information in IMPACT67 Pro | 2025-10-14T10:00:00.000Z | 2025-10-14T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2020-016 | SWARCO: Critical Vulnerability in CPU LS4000 | 2020-05-28T13:00:00.000Z | 2020-05-28T13:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2024-016 | ADS-TEC Industrial IT: Docker vulnerability affects multiple products | 2024-02-19T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2025-033 | ads-tec Industrial IT: Mosquitto MQTT Client Vulnerability in ADS-TEC IRF Products | 2025-04-14T10:00:00.000Z | 2025-04-14T10:00:00.000Z |
| vde-2023-009 | ads-tec: Multiple Vulnerabilities in IRF1000, IRF2000 and IRF3000 | 2023-05-08T13:37:00.000Z | 2023-05-08T13:37:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2022-061 | VARTA: Multiple devices prone to hard-coded credentials | 2023-03-15T09:00:00.000Z | 2023-03-15T09:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-060 | Sauter: Multiple vulnerabilities in SAUTER modulo 6 | 2025-10-21T10:00:00.000Z | 2025-10-27T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-079 | Janitza: Multiple vulnerabilities in UMG 96RM-E | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| vde-2025-094 | Janitza: Vulnerability in Modbus interface of UMG 96-PA and UMG 96-PA-MID+ | 2025-11-24T12:00:00.000Z | 2025-11-24T12:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2026-001 | METTLER TOLEDO: ASP.NET core vulnerability in LabX | 2026-03-04T07:00:00.000Z | 2026-03-04T07:00:00.000Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| GCVE-1-2026-0022 |
6.4 (4.0)
|
MISP - Beta Overmind UI Stored Cross-Site Scripting in… |
misp |
misp |
2026-03-30T09:48:36.968649Z | 2026-03-30T09:48:36.968649Z |
| GCVE-1-2026-0021 |
10 (4.0)
|
Critical RCE Vulnerability reported in Windchill |
windchill |
FlexPLM |
2026-03-23T12:30:40.249187Z | 2026-03-23T12:30:40.249187Z |
| GCVE-1-2026-0020 |
10 (4.0)
|
Remote Code Execution Attack Against Eircom D1000 Router |
Eir |
D1000 |
2026-03-11T14:12:00.000Z | 2026-03-11T14:23:24.609831Z |
| GCVE-1-2026-0019 |
6.4 (4.0)
|
Improper URL validation in MISP dashboard button widge… |
misp |
misp |
2026-02-27T14:55:00.000Z | 2026-02-27T15:44:29.998063Z |
| GCVE-1-2026-0018 |
6.5 (4.0)
|
Improper access control in MISP user contact form allo… |
misp |
misp |
2026-02-27T13:25:32.632362Z | 2026-02-27T13:25:32.632362Z |
| GCVE-1-2026-0017 |
7.2 (4.0)
|
Improper Neutralization of Raw HTML in MISP modules Ma… |
misp |
misp-modules |
2026-02-27T13:10:24.641948Z | 2026-02-27T13:10:24.641948Z |
| GCVE-1-2026-0016 |
7 (4.0)
|
Server-Side Request Forgery via Event Report Import Fr… |
misp |
misp |
2026-02-27T10:56:32.745676Z | 2026-02-27T10:56:32.745676Z |
| GCVE-1-2026-0015 |
7.2 (4.0)
|
Threat actors use FortiCloud SSO bypass to collect LDA… |
fortinet |
fortios |
2026-02-09T09:09:00.000Z | 2026-02-09T09:14:59.004089Z |
| GCVE-1-2026-0013 |
2.1 (4.0)
|
Flask Application Username Route Collision Allows Rese… |
vulnerability-lookup |
vulnerability-lookup |
2026-02-04T19:27:00.000Z | 2026-02-04T19:32:49.787763Z |
| GCVE-1-2026-0014 |
7.4 (4.0)
|
Missing Authorization Check Allows Unauthorized Modifi… |
vulnerability-lookup |
vulnerability-lookup |
2026-02-04T19:32:14.341383Z | 2026-02-04T19:32:14.341383Z |
| GCVE-1-2026-0012 |
2.1 (4.0)
|
Authentication Error Message Allows Email Address Enum… |
vulnerability-lookup |
vulnerability-lookup |
2026-02-04T19:21:34.411344Z | 2026-02-04T19:21:34.411344Z |
| GCVE-1-2026-0011 |
8.7 (4.0)
|
Out-of-bounds memory write in the network packet … |
EA Games |
Command & Conquer: Generals |
2026-01-29T14:37:00.000Z | 2026-01-29T14:39:17.728822Z |
| GCVE-1-2026-0010 |
9.3 (4.0)
|
Improper input validation in the file transfer ha… |
EA Games |
Command & Conquer: Generals |
2026-01-29T14:33:18.822829Z | 2026-01-29T14:33:18.822829Z |
| GCVE-1-2026-0009 |
9.3 (4.0)
|
Stack-based buffer overflow in the multiplayer ne… |
EA Games |
Command & Conquer: Generals |
2026-01-29T14:30:38.596928Z | 2026-01-29T14:30:38.596928Z |
| GCVE-1-2026-0008 |
10 (4.0)
|
gpg-agent stack buffer overflow in pkdecrypt using KEM |
gnupg |
gpg-agent |
2026-01-28T13:48:12.350509Z | 2026-01-28T13:48:12.350509Z |
| GCVE-1-2026-0007 |
10 (4.0)
|
GNU InetUtils Security Advisory: remote authentication… |
gnu |
InetUtils |
2026-01-20T20:57:00.000Z | 2026-01-26T16:32:40.831364Z |
| GCVE-1-2026-0004 |
8.5 (4.0)
|
Authorization Bypass in Cerebrate IndividualsControlle… |
cerebrate |
cerebrate |
2026-01-13T15:28:00.000Z | 2026-01-13T15:38:37.744618Z |
| GCVE-1-2026-0005 |
8.5 (4.0)
|
Improper Access Control in Cerebrate Alignment Model A… |
cerebrate |
cerebrate |
2026-01-13T15:31:00.000Z | 2026-01-13T15:38:02.888546Z |
| GCVE-1-2026-0006 |
8.5 (4.0)
|
Improper Access Control in Cerebrate AuthKey and Encry… |
cerebrate |
cerebrate |
2026-01-13T15:37:17.337254Z | 2026-01-13T15:37:17.337254Z |
| GCVE-1-2026-0003 |
6.3 (4.0)
|
Stored/Reflected XSS via Unsanitized Parameters in URL… |
misp |
misp |
2026-01-13T10:50:00.000Z | 2026-01-13T10:54:13.659223Z |
| GCVE-1-2026-0002 |
10 (4.0)
|
Heap-buffer-overflow in EXIF writer for extra IFD tags |
ffmpeg |
ffmpeg |
2026-01-02T19:50:00.000Z | 2026-01-02T20:05:27.269877Z |
| GCVE-1-2026-0001 |
N/A
|
Bundle reference to gpg.fail |
gnupg |
gnupg |
2026-01-02T10:20:00.000Z | 2026-01-02T13:31:14.359346Z |
| GCVE-1-2025-0041 |
6.4 (4.0)
|
[online services] Reflected Cross-Site Scripting (XSS)… |
typo3 |
typo3 |
2025-12-19T14:25:00.000Z | 2025-12-19T14:54:51.594645Z |
| GCVE-1-2025-0032 |
10 (4.0)
|
The default configuration of WatchGuard Firebox device… |
watchguard |
firebox |
2025-12-03T16:25:00.000Z | 2025-12-19T13:48:34.570799Z |
| GCVE-1-2025-0031 |
7.1 (4.0)
|
A cross-site scripting (XSS) vulnerability was identif… |
misp |
misp |
2025-12-03T10:58:00.000Z | 2025-12-16T09:36:09.594750Z |
| GCVE-1-2025-0040 |
7.2 (4.0)
|
A cross-site scripting (XSS) vulnerability was id… |
misp |
misp |
2025-12-13T08:44:32.378924Z | 2025-12-13T08:44:32.378924Z |
| GCVE-1-2025-0039 |
8.5 (4.0)
|
XSS Reintroduced in MISP Dashboard World Map Widget Du… |
misp |
misp |
2025-12-10T14:33:52.856734Z | 2025-12-10T14:33:52.856734Z |
| GCVE-1-2025-0038 |
5 (4.0)
|
Reflected XSS in MISP Template Tag Removal and MISP Ad… |
misp |
misp |
2025-12-10T14:10:00.000Z | 2025-12-10T14:16:55.918270Z |
| GCVE-1-2025-0037 |
7 (4.0)
|
Reflected XSS in MISP Dashboard Widgets via Unescaped … |
misp |
misp |
2025-12-10T14:01:03.200804Z | 2025-12-10T14:01:03.200804Z |
| GCVE-1-2025-0036 |
8.3 (4.0)
|
A reflected cross-site scripting (XSS) vulnerability w… |
misp |
misp |
2025-12-10T13:46:07.170083Z | 2025-12-10T13:46:07.170083Z |