● Live advisory feed
Security Advisory Fusion for CSIRTs, SOCs & Defenders
Security advisories from 24 sources — CISA, CERT-EU, NCSC-UK, BSI, CERT-FR, NCSC-NL, JPCERT/CC, JVN, HKCERT, the Canadian Cyber Centre, NVD, GitHub, Microsoft, Cisco, Fortinet, Palo Alto Networks and more — normalized, translated to English and flagged against the CISA KEV catalog. One global feed for CSIRTs, SOCs and defenders.
An attacker can exploit multiple vulnerabilities in dnsmasq to cause a denial-of-service condition, execute arbitrary code with root privileges, disclose confidential information, manipulate data, and redirect users to malicious domains.
An attacker can exploit multiple vulnerabilities in PHP to execute arbitrary code, perform SQL injection or cross-site scripting attacks, manipulate data, disclose confidential information, or cause a denial-of-service condition.
A remote, anonymous attacker can exploit a vulnerability in Postfix to conduct a denial of service attack.
A remote, anonymous attacker can exploit a vulnerability in FasterXML Jackson to bypass security measures.
A remote, anonymous attacker can exploit a vulnerability in vim to execute arbitrary program code.
An attacker can exploit multiple vulnerabilities in Linux Kernel to carry out a denial of service attack or other unspecified attacks.
An attacker can exploit multiple vulnerabilities in the Linux Kernel to cause a denial of service condition or perform an unspecified attack.
A remote, anonymous attacker can exploit a vulnerability in dnsmasq to conduct a denial of service attack.
A local attacker can exploit a vulnerability in CPython to manipulate data.
A local attacker from a guest VM can exploit a vulnerability in Xen to bypass security measures.
A local attacker can exploit a vulnerability in the Linux Kernel to conduct a denial of service attack or achieve other unspecified effects.
An attacker can exploit multiple vulnerabilities in vllm to manipulate files, bypass security measures, disclose confidential information, or cause a denial-of-service condition.
A remote, anonymous attacker can exploit multiple vulnerabilities in Adobe ColdFusion to execute arbitrary code, gain elevated permissions, bypass security measures, conduct cross-site scripting attacks, manipulate data, or disclose confidential information.
An attacker can exploit a vulnerability in Apache Airflow to manipulate files.
An attacker can exploit multiple vulnerabilities in Roundcube to bypass security measures, cause denial-of-service attacks, perform cross-site scripting attacks, and manipulate or disclose data.
An attacker can exploit multiple vulnerabilities in Apache Camel to execute arbitrary program code, bypass security measures, perform server-side request forgery, disclose confidential information, or manipulate data.
A local attacker can exploit multiple vulnerabilities in OpenVPN to execute arbitrary code, manipulate data, or cause a denial-of-service condition.
A remote, anonymous attacker can exploit a vulnerability in PostgreSQL JDBC Driver to bypass security measures.
An attacker can exploit multiple vulnerabilities in Microsoft Windows and Windows Server to escalate privileges, execute arbitrary code, conduct a denial of service attack, bypass security measures, disclose information, and present false information.
A remote, authenticated attacker can exploit a vulnerability in WSO2 API Manager to disclose information.
A remote, authenticated attacker can exploit a vulnerability in Pega Platform to escalate privileges.
An attacker can exploit multiple vulnerabilities in Samsung Exynos to conduct a denial of service attack or disclose confidential information.
An attacker can exploit multiple vulnerabilities in FreeRDP to execute arbitrary code, conduct a denial of service attack, and disclose information.
A remote, anonymous attacker can exploit multiple vulnerabilities in Google Chrome to execute arbitrary code, cause a denial of service, or bypass security measures.
An attacker can exploit multiple vulnerabilities in Apache Camel to bypass security measures and execute arbitrary code.
An attacker can exploit multiple vulnerabilities in Apache Camel to execute arbitrary program code, manipulate data, or disclose confidential information.
A remote, authenticated attacker can exploit a vulnerability in Apache Camel to manipulate data.
A remote, authenticated attacker can exploit a vulnerability in Red Hat Enterprise Linux to execute arbitrary program code.
A remote anonymous attacker can exploit multiple vulnerabilities in Red Hat products to manipulate files, execute arbitrary code, and create a denial-of-service condition.
An attacker can exploit multiple vulnerabilities in Apache Commons to carry out an unspecified attack.
A remote anonymous attacker can exploit multiple vulnerabilities in Apache Camel to create a denial-of-service condition.
A remote, anonymous attacker can exploit a vulnerability in various http/2 implementations to carry out a denial of service attack.
A local attacker can exploit a vulnerability in Puppet to disclose information.
An attacker can exploit a vulnerability in n8n to execute arbitrary program code, which can lead to data exfiltration, service interruptions, or complete system compromise.
A local attacker can exploit a vulnerability in GIMP to execute arbitrary program code and to carry out a denial of service attack.
A local attacker can exploit a vulnerability in Dell Computer to bypass security measures.
A remote, authenticated attacker can exploit a vulnerability in Icinga to display false information.
An attacker can exploit multiple vulnerabilities in Keycloak to disclose information, bypass security measures, manipulate data, or gain elevated privileges.
An attacker from an adjacent network can exploit a vulnerability in dhcpcd to conduct a denial of service attack.
A remote, anonymous attacker can exploit a vulnerability in lxml to disclose information.
A remote, anonymous attacker can exploit a vulnerability in GIMP to conduct a denial of service attack or disclose information.
An attacker can exploit multiple vulnerabilities in Red Hat Enterprise Linux to execute arbitrary code.
A remote, anonymous attacker can exploit a vulnerability in Internet Systems Consortium BIND to conduct a denial of service attack.
An attacker can exploit these vulnerabilities to conduct unspecified attacks that may lead to denial-of-service, memory corruption, or other undefined impacts.
An attacker can exploit multiple vulnerabilities in Gitea to bypass security measures, disclose information, conduct a cross-site scripting attack, and manipulate files.
An attacker can exploit multiple vulnerabilities in the Linux Kernel to conduct a denial of service attack or perform other unspecified attacks.
A local attacker can exploit multiple vulnerabilities in the Linux Kernel to conduct a denial of service attack or achieve unspecified effects.
A remote, anonymous attacker can exploit multiple vulnerabilities in Golang Go to conduct a denial of service attack.
A remote, anonymous attacker can exploit a vulnerability in libarchive to conduct a Denial of Service attack.
An attacker can exploit multiple vulnerabilities in the Linux Kernel to conduct a Denial of Service attack and cause unspecified effects.