Johnson Controls security advisories are official notifications released by Johnson Controls to address security vulnerabilities and updates in their software products. These security advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
Browse the johnson-controls index
Alibaba Cloud security advisories are official notifications released by Alibaba to address security vulnerabilities and updates in their software products. These high-risk vulnerabilities in the cloud provide important information about their potential impact and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
Living Off the Land (LOL) Advisories collects all available sources of LOL attacks for database, binaries and system drivers. These advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
This index is a collection of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format.
Browse the malicious-packages index
PKCERT security advisories are official notifications released by Pakistan's national CERT (Computer Emergency Response Team) to address security vulnerabilities and updates. These advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure security.
Cisco Known Good values (KGVs) issues KGVs from Cisco. They provide and publish these values to provide a level of integrity for many its products. Measurements of some of the component categories included are boot files integrity, running image file measurements etc.
Browse the cisco-known-good-values index
GHSA is a list of official notifications released by Github to address security vulnerabilities and updates. These advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure security.
Tenda AC20 Telnet Remote Enable was added on Aug, 27 and is found in 1 product.
View more detail on CVE-2025-9090
Docker Desktop for Windows Container Escape was added on Sep, 11 and is found in 1 product.
View more detail on CVE-2025-9074
N-able N-central Command Injection was added on Sep, 10 and is found in 1 product.
View more detail on CVE-2025-8876
N-able N-central Java Deserialization was added on Sep, 4 and is found in 1 product.
View more detail on CVE-2025-8875
Oracle E-Business Suite Cl0p Remote Code Execution was added on Oct, 5 and is found in 1 product.
View more detail on CVE-2025-61882
FOGProject Unauthenticated Database Dump was added on Sep, 7 and is found in 1 product.
View more detail on CVE-2025-58443
FlowiseAI Flowise Password Reset Token Account Takeover was added on Sep, 25 and is found in 1 product.
View more detail on CVE-2025-58434
Django Project Annotation SQL Injection was added on Sep, 18 and is found in 1 product.
View more detail on CVE-2025-57833
FreePBX Endpoint Manager Auth Bypass to SQL Injection RCE was added on Sep, 18 and is found in 1 product.
View more detail on CVE-2025-57819
Commvault Admin Token Retrieval via Authentication Bypass was added on Aug, 28 and is found in 1 product.
View more detail on CVE-2025-57788
SCP and SFTP Appliance Mode Escalation was added on Oct, 15 and is found in 1 product.
View more detail on CVE-2025-53868
Fortinet FortiWeb Authentication Bypass was added on Aug, 26 and is found in 1 product.
View more detail on CVE-2025-52970
Burk Technology ARC Solo Set Admin Password was added on Sep, 18 and is found in 1 product.
View more detail on CVE-2025-5095
Redis Authenticated Garbage Collector UAF RCE was added on Oct, 14 and is found in 1 product.
View more detail on CVE-2025-49844
Redis Privilege Escalation via LUA Scripting Interface was added on Oct, 14 and is found in 1 product.
View more detail on CVE-2025-46818
SUSE Manager RemoteMinionCommands WebSocket RCE was added on Aug, 21 and is found in 2 products.
View more detail on CVE-2025-46811
Dell UnityVSA Unauthenticated OS Command Injection was added on Oct, 9 and is found in 1 product.
View more detail on CVE-2025-36604
FlowiseAI Flowise Authenticated Sandbox Bypass RCE was added on Oct, 13 and is found in 1 product.
View more detail on CVE-2025-34267
Shenzhen Aitemi M300 Wi-Fi Repeater Unauthenticated RCE was added on Sep, 4 and is found in 1 product.
View more detail on CVE-2025-34152
GFI Kerio Control Firmware Upgrade RCE was added on Oct, 1 and is found in 1 product.
View more detail on CVE-2025-34071
XWiki Rest Query SQL Injection was added on Sep, 11 and is found in 1 product.
View more detail on CVE-2025-32969
Lissy93 web-check Unauthed Command Injection RCE was added on Aug, 21 and is found in 1 product.
View more detail on CVE-2025-32778
BentoML Unauthenticated Python Deserialization RCE was added on Sep, 4 and is found in 1 product.
View more detail on CVE-2025-27520
OttoKit WordPress Plugin Incorrect Privilege Assignment was added on Aug, 28 and is found in 2 products.
View more detail on CVE-2025-27007
Fortinet FortiSIEM Command Injection was added on Aug, 21 and is found in 1 product.
View more detail on CVE-2025-25256
Cisco ASA, ASA-X, and FTD VPN Web Server Authenticated Heap-Based Buffer Overflow was added on Sep, 25 and is found in 3 products.
View more detail on CVE-2025-20363
Cisco ASA, ASA-X, and FTD VPN Web Server Authentication Bypass was added on Sep, 25 and is found in 3 products.
View more detail on CVE-2025-20362
Cisco IOS and IOS-XE SNMP Authenticated Stack-Based Buffer Overflow was added on Sep, 25 and is found in 2 products.
View more detail on CVE-2025-20352
Cisco ASA, ASA-X, and FTD VPN Web Server Authenticated Stack-Based Buffer Overflow was added on Sep, 25 and is found in 3 products.
View more detail on CVE-2025-20333
Fortra GoAnywhere MFT License Servlet Deserialization was added on Oct, 1 and is found in 1 product.
View more detail on CVE-2025-10035
LibreNMS Hostname Command Injection was added on Sep, 4 and is found in 1 product.
View more detail on CVE-2024-51092
Fortinet FortiSIEM Command Injection was added on Oct, 2 and is found in 1 product.
View more detail on CVE-2024-23109
Fortinet FortiSIEM Command Injection was added on Sep, 17 and is found in 1 product.
View more detail on CVE-2024-23108
Cisco Smart License Utility Static API Credential was added on Sep, 25 and is found in 1 product.
View more detail on CVE-2024-20439
Huijietong Cloud Video Platform Backup File LFI was added on Oct, 14 and is found in 1 product.
View more detail on CVE-2024-13991
BYTEVALUE Flow Control webRead Command Injection was added on Oct, 14 and is found in 1 product.
View more detail on CVE-2023-7311
Ruijie Networks RG-UAC template_path Command Injection was added on Oct, 14 and is found in 1 product.
View more detail on CVE-2023-7304
GL.iNet Router Regex Injection Authentication Bypass was added on Oct, 2 and is found in 19 products.
View more detail on CVE-2023-50919
GL.iNet Router Post-Auth Shell Injection was added on Oct, 2 and is found in 19 products.
View more detail on CVE-2023-50445
China Mobile Intelligent Home Gateway Arbitrary Command Execution was added on Oct, 14 and is found in 1 product.
View more detail on CVE-2023-41011
LG Simple Editor Command Injection was added on Oct, 14 and is found in 1 product.
View more detail on CVE-2023-40504
Fortinet FortiSIEM Command Injection was added on Sep, 21 and is found in 1 product.
View more detail on CVE-2023-34992
GeoServer GetFeature SQL Injection was added on Aug, 14 and is found in 1 product.
View more detail on CVE-2023-25157
CHCNAV P5E GNSS API Credential Leak (and Backdoor) was added on Aug, 20 and is found in 1 product.
View more detail on CVE-2022-30622
Cisco Adaptive Security Device Manager (ASDM) RCE via Unsigned Software Delivery was added on Oct, 2 and is found in 1 product.
View more detail on CVE-2021-1585
Microsoft Sharepoint SuggestionsCache Deserialization RCE was added on Aug, 21 and is found in 1 product.
View more detail on CVE-2020-1147
Tenda AC15 Unauthenticated OS Command Injection was added on Oct, 16 and is found in 1 product.
View more detail on CVE-2020-10987
Pulse Connect Secure Arbitrary File Disclosure was added on Aug, 14 and is found in 1 product.
View more detail on CVE-2019-11510
Xdebug OS Command Execution was added on Oct, 9 and is found in 1 product.