AI Vulnerability Database (AVID) is an open source knowledge base of failure modes for Artificial Intelligence (AI) models, datasets, and systems. This database house full-fidelity information (metadata, harm metrics, measurements, benchmarks, and mitigation techniques if any) on evaluation use cases of a harm (sub)category Evaluate systems, models, and datasets for specific harms and persist the structured results into a single source of truth.
This index contains data from SANS DShield which can be described as follows:
"The ISC (Internet Storm Center) relies on an all-volunteer effort to detect problems, analyze the threat, and disseminate both technical as well as procedural information to the general public. Thousands of sensors that work with most firewalls, intrusion detection systems, home broadband devices, and nearly all operating systems are constantly collecting information about unwanted traffic arriving from the Internet. These devices feed the DShield database where human volunteers as well as machines pour through the data looking for abnormal trends and behavior. The resulting analysis is posted to the ISC's main web page where it can be automatically retrieved by simple scripts or can be viewed in near real time by any Internet user."
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet.
The Microsoft's blocklist is a curated set of kernel-mode drivers that Microsoft has identified as having security vulnerabilities (such as privilege escalation risk in the Windows kernel) or behaving in ways that undermine the Windows security model. Because kernel-level drivers can give deep access to a system when compromised, using the blocklist is important as part of a defense-in-depth strategy for Windows endpoints.
Browse the microsoft-driver-block-list index
Ubuntu Purls is a collection of ubuntu package purls with their associated versions and cves.
Endress + Hauser Security Advisories are official notifications released by them to address security vulnerabilities and updates in their software products. They provide details on their smart sensors, software products and solutions. These advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
IGEL security notices are official notifications released by IGEL to address security vulnerabilities and updates in their products. These advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
Lantronix Security Advisories are official notifications released byLantronix to address security vulnerabilities and updates in their software products. These bulletins provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
Danfoss Security Bulletins are official notifications released by Danfoss to address security vulnerabilities and updates in their software products. These bulletins provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
Linksys E1700 systemCommand Command Injection was added on Nov, 4 and is found in 1 product.
View more detail on CVE-2025-9528
WatchGuard Fireware OS Out-of-bounds Write was added on Oct, 29 and is found in 1 product.
View more detail on CVE-2025-9242
FlowiseAI Flowise CustomMCP Command Execution was added on Nov, 25 and is found in 1 product.
View more detail on CVE-2025-8943
Belkin and Others /goform/mp Command Injection was added on Oct, 27 and is found in 1 product.
View more detail on CVE-2025-7083
Fortinet FortiWeb API Path Traversal was added on Nov, 13 and is found in 1 product.
View more detail on CVE-2025-64446
Taiga Authenticated Python Deserialization RCE was added on Nov, 23 and is found in 1 product.
View more detail on CVE-2025-62368
Oracle Identity Manager Auth Bypass and RCE was added on Nov, 25 and is found in 1 product.
View more detail on CVE-2025-61757
Microsoft WSUS SynchronizationUpdateErrorsKey Unauthenticated Deserialization was added on Oct, 23 and is found in 1 product.
View more detail on CVE-2025-59287
Fortinet FortiWeb Authenticated FortiWeb CLI Command Injection was added on Nov, 24 and is found in 1 product.
View more detail on CVE-2025-58034
Adobe Magento SessionReaper deserialization remote code execution was added on Nov, 11 and is found in 2 products.
View more detail on CVE-2025-54236
Redis Use After Free (UAF) RCE was added on Nov, 6 and is found in 1 product.
View more detail on CVE-2025-49844
Monsta FTP Unauthenticated SFTP File Upload RCE was added on Nov, 13 and is found in 1 product.
View more detail on CVE-2025-34299
LILIN DVR /dvr/cmd XML Command Injection was added on Oct, 28 and is found in 1 product.
View more detail on CVE-2025-34132
Gladinet Triofox Authentication Bypass RCE was added on Nov, 20 and is found in 1 product.
View more detail on CVE-2025-12480
Facebook React Native Metro Development Server Command Injection RCE was added on Nov, 13 and is found in 1 product.
View more detail on CVE-2025-11953
Gladinet CentreStack Unauthenticated Local File Inclusion was added on Oct, 23 and is found in 1 product.
View more detail on CVE-2025-11371
ViciDial Remote Code Execution was added on Oct, 20 and is found in 1 product.
View more detail on CVE-2024-8504
TOTOLINK /boafrm/formSysCmd Command Injection was added on Oct, 27 and is found in 4 products.
View more detail on CVE-2024-51228
FOGProject Unauthenticated Command Injection via Filename Parameter was added on Oct, 28 and is found in 1 product.
View more detail on CVE-2024-39914
TBK DVR /device.rsp Arbitrary Command Execution was added on Oct, 30 and is found in 2 products.
View more detail on CVE-2024-3721
RaspberryMatic Unauthenticated File Upload RCE was added on Nov, 23 and is found in 1 product.
View more detail on CVE-2024-24578
IBM Operational Decision Manager (ODM) JNDI Injection was added on Oct, 21 and is found in 1 product.
View more detail on CVE-2024-22319
Uniview ISC 2500-S /Interface/DevManage/VM.php Command Injection was added on Nov, 5 and is found in 1 product.
View more detail on CVE-2024-0778
Anheng Mingyu Operation and Maintenance Audit and Risk Control System Path Traversal was added on Nov, 5 and is found in 1 product.
View more detail on CVE-2023-7325
SmartBI RMIServlet Arbitrary Method Call was added on Nov, 6 and is found in 1 product.
View more detail on CVE-2023-7305
Digiever DS-2105 time_tzsetup.cgi NTP Command Injection was added on Nov, 5 and is found in 1 product.
View more detail on CVE-2023-52163
Repetier-Server Information Disclosure (Path Traversal) was added on Nov, 19 and is found in 1 product.
View more detail on CVE-2023-31059
Seeyon OA thirdpartyController.do Cookie Leak was added on Nov, 4 and is found in 1 product.
View more detail on CVE-2021-4461
JeecgBoot Sensitive Information Disclosure (Phone Number) was added on Oct, 23 and is found in 1 product.
View more detail on CVE-2021-37305
Spring Cloud Netflix Hystrix Dashboard SpEL Injection was added on Oct, 23 and is found in 1 product.
View more detail on CVE-2021-22053
SAP SCIMono Template Injection was added on Oct, 23 and is found in 1 product.
View more detail on CVE-2021-21479
Ralink SDK (Belkin, Linksys, Wansview, and more) /goform/systemCommand Command Injection was added on Oct, 29 and is found in 1 product.
View more detail on CVE-2020-35714
Netgear Funjsq Token Command Injection was added on Oct, 23 and is found in 13 products.
View more detail on CVE-2020-27867
D-Link DNS-343 ShareCenter /goform/Mail_Test Command Injection was added on Oct, 28 and is found in 1 product.
View more detail on CVE-2018-25120
Dreambox OpenDreamBox Unauthenticated Command Injection was added on Nov, 11 and is found in 1 product.