Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-9r27-775m-fq63 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-11-06T18:32:55Z | 2025-11-06T18:32:55Z |
| ghsa-9h9p-fpp6-8v2m | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-11-06T18:32:55Z | 2025-11-07T15:31:28Z |
| ghsa-939c-56c3-9v9c | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-11-06T18:32:55Z | 2025-11-06T21:31:27Z |
| ghsa-8qw9-m9qp-g8qm | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-11-06T18:32:55Z | 2025-11-07T00:30:29Z |
| ghsa-83hv-h643-r92h | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-11-06T18:32:55Z | 2025-11-06T18:32:55Z |
| ghsa-7jq3-x2f7-gcvg | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-11-06T18:32:55Z | 2025-11-07T15:31:28Z |
| ghsa-7fpm-j8mp-fp7x | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-11-06T18:32:55Z | 2025-11-06T18:32:55Z |
| ghsa-6799-fjfp-m83v | Unrestricted Upload of File with Dangerous Type vulnerability in Addify Custom User Registration Fi… | 2025-11-06T18:32:55Z | 2025-11-06T18:32:55Z |
| ghsa-648j-fchv-3hrv | Insertion of Sensitive Information Into Sent Data vulnerability in Vito Peleg Atarim atarim-visual-… | 2025-11-06T18:32:55Z | 2025-11-06T18:32:55Z |
| ghsa-6274-x8vj-52cw | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-11-06T18:32:55Z | 2025-11-07T00:30:29Z |
| ghsa-5r9x-826m-hjm7 | Missing Authorization vulnerability in Bux Bux Woocommerce bux-woocommerce allows Accessing Functio… | 2025-11-06T18:32:55Z | 2025-11-07T15:31:28Z |
| ghsa-5pqw-v7pg-6v9r | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2025-11-06T18:32:55Z | 2025-11-07T15:31:28Z |
| ghsa-5pmp-9cc5-cc5f | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-11-06T18:32:55Z | 2025-11-07T15:31:28Z |
| ghsa-575h-jw7h-9pjq | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ana… | 2025-11-06T18:32:55Z | 2025-11-06T18:32:55Z |
| ghsa-4px4-qq7x-7w9j | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-11-06T18:32:55Z | 2025-11-06T21:31:26Z |
| ghsa-445f-486h-qh76 | Unrestricted Upload of File with Dangerous Type vulnerability in Vito Peleg Atarim atarim-visual-co… | 2025-11-06T18:32:55Z | 2025-11-07T00:30:29Z |
| ghsa-wm3r-xgh7-77jf | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T18:32:54Z | 2025-11-06T18:32:54Z |
| ghsa-vwx7-c6q3-j293 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-11-06T18:32:54Z | 2025-11-06T18:32:54Z |
| ghsa-vfv7-fp4j-fvpr | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T18:32:54Z | 2025-11-06T18:32:54Z |
| ghsa-rrf9-p43r-8gmm | Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorre… | 2025-11-06T18:32:54Z | 2025-11-06T18:32:54Z |
| ghsa-qqwg-wprf-h8ff | Deserialization of Untrusted Data vulnerability in Cozmoslabs TranslatePress translatepress-multili… | 2025-11-06T18:32:54Z | 2025-11-07T18:30:27Z |
| ghsa-qqmx-f7c6-cqmp | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T18:32:54Z | 2025-11-06T18:32:54Z |
| ghsa-qmvr-vqwv-566v | Missing Authorization vulnerability in Jthemes imEvent imevent allows Accessing Functionality Not P… | 2025-11-06T18:32:54Z | 2025-11-06T18:32:54Z |
| ghsa-qc98-fx88-c58q | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T18:32:54Z | 2025-11-07T21:31:20Z |
| ghsa-j9c7-gf84-2wqg | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T18:32:54Z | 2025-11-06T18:32:54Z |
| ghsa-hwg2-j439-r9qp | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T18:32:54Z | 2025-11-06T18:32:54Z |
| ghsa-hrj4-vcrc-2hch | Missing Authorization vulnerability in bPlugins Info Cards info-cards allows Accessing Functionalit… | 2025-11-06T18:32:54Z | 2025-11-07T21:31:20Z |
| ghsa-hqcq-5vqf-g22m | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T18:32:54Z | 2025-11-06T18:32:54Z |
| ghsa-hc8c-89gg-5q5v | Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Keap/Infusionsoft gf-… | 2025-11-06T18:32:54Z | 2025-11-06T18:32:54Z |
| ghsa-gcvc-4v23-j4jw | Unrestricted Upload of File with Dangerous Type vulnerability in Helmut Wandl Advanced Settings adv… | 2025-11-06T18:32:54Z | 2025-11-06T18:32:54Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-62030 | N/A | WordPress tagDiv Composer plugin <= 5.4.1 - Cross Site… |
tagDiv |
tagDiv Composer |
2025-11-06T15:55:27.866Z | 2025-11-06T18:09:44.391Z |
| cve-2025-62028 | N/A | WordPress Salient theme < 17.4.0 - Broken Access Contr… |
ThemeNectar |
Salient |
2025-11-06T15:55:27.077Z | 2025-11-06T18:08:30.204Z |
| cve-2025-62018 | N/A | WordPress Kallyas theme <= 4.22.0 - Broken Access Cont… |
hogash |
Kallyas |
2025-11-06T15:55:26.361Z | 2025-11-06T18:00:28.192Z |
| cve-2025-62017 | N/A | WordPress Kallyas theme <= 4.22.0 - Broken Access Cont… |
hogash |
Kallyas |
2025-11-06T15:55:25.294Z | 2025-11-06T17:59:33.877Z |
| cve-2025-62016 | N/A | WordPress Kallyas theme <= 4.22.0 - Arbitrary File Upl… |
hogash |
Kallyas |
2025-11-06T15:55:24.586Z | 2025-11-07T14:05:19.194Z |
| cve-2025-62014 | N/A | WordPress ITok theme <= 1.1.42 - Local File Inclusion … |
ApusTheme |
ITok |
2025-11-06T15:55:23.874Z | 2025-11-07T14:06:52.557Z |
| cve-2025-62012 | N/A | WordPress TheGem (Elementor) theme <= 5.10.5 - Cross S… |
CodexThemes |
TheGem (Elementor) |
2025-11-06T15:55:23.261Z | 2025-11-07T14:25:21.864Z |
| cve-2025-62011 | N/A | WordPress TheGem theme <= 5.10.5 - Cross Site Scriptin… |
CodexThemes |
TheGem |
2025-11-06T15:55:22.593Z | 2025-11-07T14:25:28.464Z |
| cve-2025-62010 | N/A | WordPress Famita theme <= 1.54 - Local File Inclusion … |
ApusTheme |
Famita |
2025-11-06T15:55:21.866Z | 2025-11-07T14:25:34.207Z |
| cve-2025-60248 | N/A | WordPress WPC Product Options for WooCommerce plugin <… |
WPClever |
WPC Product Options for WooCommerce |
2025-11-06T15:55:21.142Z | 2025-11-07T14:25:39.722Z |
| cve-2025-60247 | N/A | WordPress Bux Woocommerce plugin <= 1.2.3 - Broken Acc… |
Bux |
Bux Woocommerce |
2025-11-06T15:55:20.539Z | 2025-11-07T14:25:45.410Z |
| cve-2025-60245 | N/A | WordPress WP User Manager plugin <= 2.9.12 - PHP Objec… |
WP User Manager |
WP User Manager |
2025-11-06T15:55:19.859Z | 2025-11-06T15:55:19.859Z |
| cve-2025-60244 | N/A | WordPress TableOn plugin <= 1.0.4.2 - Content Injectio… |
RealMag777 |
TableOn |
2025-11-06T15:55:18.193Z | 2025-11-06T15:55:18.193Z |
| cve-2025-60243 | N/A | WordPress Selling Commander for WooCommerce plugin <= … |
Holest Engineering |
Selling Commander for WooCommerce |
2025-11-06T15:55:15.782Z | 2025-11-06T15:55:15.782Z |
| cve-2025-60242 | N/A | WordPress Download Counter plugin <= 1.4 - Arbitrary F… |
Anatoly |
Download Counter |
2025-11-06T15:55:14.917Z | 2025-11-06T15:55:14.917Z |
| cve-2025-60241 | N/A | WordPress Premmerce plugin <= 1.3.19 - Local File Incl… |
Premmerce |
Premmerce |
2025-11-06T15:55:13.362Z | 2025-11-07T14:25:51.174Z |
| cve-2025-60240 | N/A | WordPress AnyComment plugin <= 0.3.6 - Local File Incl… |
Alexander |
AnyComment |
2025-11-06T15:55:10.324Z | 2025-11-07T14:25:56.516Z |
| cve-2025-60239 | N/A | WordPress CoSchool LMS plugin <= 1.4.3 - SQL Injection… |
Codexpert, Inc |
CoSchool LMS |
2025-11-06T15:55:09.493Z | 2025-11-07T14:26:02.764Z |
| cve-2025-60235 | N/A | WordPress Helpdesk Support Ticket System for WooCommer… |
Plugify |
Helpdesk Support Ticket System for WooCommerce |
2025-11-06T15:55:07.928Z | 2025-11-06T15:55:07.928Z |
| cve-2025-60207 | N/A | WordPress Custom User Registration Fields for WooComme… |
Addify |
Custom User Registration Fields for WooCommerce |
2025-11-06T15:55:06.274Z | 2025-11-06T15:55:06.274Z |
| cve-2025-60204 | N/A | WordPress WooCommerce Store Toolkit plugin <= 2.4.3 - … |
Josh Kohlbach |
WooCommerce Store Toolkit |
2025-11-06T15:55:05.172Z | 2025-11-06T17:35:11.397Z |
| cve-2025-60203 | N/A | WordPress Store Exporter plugin <= 2.7.6 - Local File … |
Josh Kohlbach |
Store Exporter |
2025-11-06T15:55:04.065Z | 2025-11-06T17:37:00.570Z |
| cve-2025-60202 | N/A | WordPress Favorites plugin <= 2.3.6 - Local File Inclu… |
Kyle Phillips |
Favorites |
2025-11-06T15:55:03.303Z | 2025-11-06T17:38:34.953Z |
| cve-2025-60201 | N/A | WordPress WP Customer Area plugin <= 8.2.7 - Local Fil… |
aguilatechnologies |
WP Customer Area |
2025-11-06T15:55:00.953Z | 2025-11-06T17:40:48.385Z |
| cve-2025-60200 | N/A | WordPress LearnPress Export Import plugin <= 4.0.9 - L… |
ThimPress |
LearnPress Export Import |
2025-11-06T15:54:59.689Z | 2025-11-06T17:42:08.469Z |
| cve-2025-60199 | N/A | WordPress InHype - Blog & Magazine WordPress Theme the… |
dedalx |
InHype - Blog & Magazine WordPress Theme |
2025-11-06T15:54:56.700Z | 2025-11-06T17:44:09.601Z |
| cve-2025-60198 | N/A | WordPress Saxon - Viral Content Blog & Magazine Market… |
dedalx |
Saxon - Viral Content Blog & Magazine Marketing WordPress Theme |
2025-11-06T15:54:55.955Z | 2025-11-06T17:45:02.935Z |
| cve-2025-60197 | N/A | WordPress Simple Contact Forms plugin <= 1.6.4 - Local… |
owenr88 |
Simple Contact Forms |
2025-11-06T15:54:54.553Z | 2025-11-06T17:45:51.893Z |
| cve-2025-60196 | N/A | WordPress Clearblue® Ovulation Calculator plugin <= 1.… |
Clearblue |
Clearblue® Ovulation Calculator |
2025-11-06T15:54:52.172Z | 2025-11-06T19:42:52.437Z |
| cve-2025-60195 | N/A | WordPress Atarim plugin <= 4.2 - Privilege Escalation … |
Vito Peleg |
Atarim |
2025-11-06T15:54:51.541Z | 2025-11-06T19:46:32.722Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-62045 | N/A | WordPress TheGem Theme Elements (for WPBakery) plugin … |
CodexThemes |
TheGem Theme Elements (for WPBakery) |
2025-11-06T15:55:41.551Z | 2025-11-06T21:08:50.158Z |
| cve-2025-62044 | N/A | WordPress TheGem Theme Elements (for WPBakery) plugin … |
CodexThemes |
TheGem Theme Elements (for WPBakery) |
2025-11-06T15:55:39.461Z | 2025-11-06T20:52:27.508Z |
| cve-2025-62041 | N/A | WordPress TheGem (Elementor) theme <= 5.10.5.1 - Cross… |
CodexThemes |
TheGem (Elementor) |
2025-11-06T15:55:38.770Z | 2025-11-06T20:50:57.073Z |
| cve-2025-62040 | N/A | WordPress YOP Poll plugin <= 6.5.37 - Cross Site Scrip… |
YOP |
YOP Poll |
2025-11-06T15:55:38.092Z | 2025-11-06T18:24:05.792Z |
| cve-2025-62039 | N/A | WordPress AI ChatBot with ChatGPT and Content Generato… |
Ays Pro |
AI ChatBot with ChatGPT and Content Generator by AYS |
2025-11-06T15:55:37.380Z | 2025-11-06T18:23:02.084Z |
| cve-2025-62038 | N/A | WordPress MeetingHub plugin <= 1.23.9 - Sensitive Data… |
Sovlix |
MeetingHub |
2025-11-06T15:55:36.094Z | 2025-11-06T18:22:02.186Z |
| cve-2025-62037 | N/A | WordPress Togo theme < 1.0.4 - Broken Access Control v… |
uxper |
Togo |
2025-11-06T15:55:34.720Z | 2025-11-06T18:20:50.029Z |
| cve-2025-62036 | N/A | WordPress Togo theme < 1.0.4 - Cross Site Scripting (X… |
uxper |
Togo |
2025-11-06T15:55:32.766Z | 2025-11-06T18:18:58.843Z |
| cve-2025-62035 | N/A | WordPress Togo theme < 1.0.4 - PHP Object Injection vu… |
uxper |
Togo |
2025-11-06T15:55:31.398Z | 2025-11-06T18:17:30.906Z |
| cve-2025-62034 | N/A | WordPress Togo theme < 1.0.4 - Privilege Escalation vu… |
uxper |
Togo |
2025-11-06T15:55:30.572Z | 2025-11-07T14:04:24.192Z |
| cve-2025-62033 | N/A | WordPress Togo theme < 1.0.4 - Broken Access Control v… |
uxper |
Togo |
2025-11-06T15:55:29.843Z | 2025-11-06T18:15:37.360Z |
| cve-2025-62032 | N/A | WordPress tagDiv Cloud Library plugin < 3.9.2 - Cross … |
tagDiv |
tagDiv Cloud Library |
2025-11-06T15:55:29.230Z | 2025-11-06T18:13:57.864Z |
| cve-2025-62031 | N/A | WordPress tagDiv Composer plugin <= 5.4.1 - Cross Site… |
tagDiv |
tagDiv Composer |
2025-11-06T15:55:28.516Z | 2025-11-06T18:11:04.272Z |
| cve-2025-62030 | N/A | WordPress tagDiv Composer plugin <= 5.4.1 - Cross Site… |
tagDiv |
tagDiv Composer |
2025-11-06T15:55:27.866Z | 2025-11-06T18:09:44.391Z |
| cve-2025-62028 | N/A | WordPress Salient theme < 17.4.0 - Broken Access Contr… |
ThemeNectar |
Salient |
2025-11-06T15:55:27.077Z | 2025-11-06T18:08:30.204Z |
| cve-2025-62018 | N/A | WordPress Kallyas theme <= 4.22.0 - Broken Access Cont… |
hogash |
Kallyas |
2025-11-06T15:55:26.361Z | 2025-11-06T18:00:28.192Z |
| cve-2025-62017 | N/A | WordPress Kallyas theme <= 4.22.0 - Broken Access Cont… |
hogash |
Kallyas |
2025-11-06T15:55:25.294Z | 2025-11-06T17:59:33.877Z |
| cve-2025-62016 | N/A | WordPress Kallyas theme <= 4.22.0 - Arbitrary File Upl… |
hogash |
Kallyas |
2025-11-06T15:55:24.586Z | 2025-11-07T14:05:19.194Z |
| cve-2025-62014 | N/A | WordPress ITok theme <= 1.1.42 - Local File Inclusion … |
ApusTheme |
ITok |
2025-11-06T15:55:23.874Z | 2025-11-07T14:06:52.557Z |
| cve-2025-62012 | N/A | WordPress TheGem (Elementor) theme <= 5.10.5 - Cross S… |
CodexThemes |
TheGem (Elementor) |
2025-11-06T15:55:23.261Z | 2025-11-07T14:25:21.864Z |
| cve-2025-62011 | N/A | WordPress TheGem theme <= 5.10.5 - Cross Site Scriptin… |
CodexThemes |
TheGem |
2025-11-06T15:55:22.593Z | 2025-11-07T14:25:28.464Z |
| cve-2025-62010 | N/A | WordPress Famita theme <= 1.54 - Local File Inclusion … |
ApusTheme |
Famita |
2025-11-06T15:55:21.866Z | 2025-11-07T14:25:34.207Z |
| cve-2025-60248 | N/A | WordPress WPC Product Options for WooCommerce plugin <… |
WPClever |
WPC Product Options for WooCommerce |
2025-11-06T15:55:21.142Z | 2025-11-07T14:25:39.722Z |
| cve-2025-60247 | N/A | WordPress Bux Woocommerce plugin <= 1.2.3 - Broken Acc… |
Bux |
Bux Woocommerce |
2025-11-06T15:55:20.539Z | 2025-11-07T14:25:45.410Z |
| cve-2025-60245 | N/A | WordPress WP User Manager plugin <= 2.9.12 - PHP Objec… |
WP User Manager |
WP User Manager |
2025-11-06T15:55:19.859Z | 2025-11-06T15:55:19.859Z |
| cve-2025-60244 | N/A | WordPress TableOn plugin <= 1.0.4.2 - Content Injectio… |
RealMag777 |
TableOn |
2025-11-06T15:55:18.193Z | 2025-11-06T15:55:18.193Z |
| cve-2025-60243 | N/A | WordPress Selling Commander for WooCommerce plugin <= … |
Holest Engineering |
Selling Commander for WooCommerce |
2025-11-06T15:55:15.782Z | 2025-11-06T15:55:15.782Z |
| cve-2025-60242 | N/A | WordPress Download Counter plugin <= 1.4 - Arbitrary F… |
Anatoly |
Download Counter |
2025-11-06T15:55:14.917Z | 2025-11-06T15:55:14.917Z |
| cve-2025-60241 | N/A | WordPress Premmerce plugin <= 1.3.19 - Local File Incl… |
Premmerce |
Premmerce |
2025-11-06T15:55:13.362Z | 2025-11-07T14:25:51.174Z |
| cve-2025-60240 | N/A | WordPress AnyComment plugin <= 0.3.6 - Local File Incl… |
Alexander |
AnyComment |
2025-11-06T15:55:10.324Z | 2025-11-07T14:25:56.516Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-61387 | Malicious code in striped_pig_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61386 | Malicious code in striped_gerbil_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61385 | Malicious code in striped_fox_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61384 | Malicious code in striped_crawdad_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61383 | Malicious code in striped_catshark_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61382 | Malicious code in strict_skunk_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61381 | Malicious code in strict_llama_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61380 | Malicious code in strategic_stingray_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61379 | Malicious code in strategic_shrimp_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61378 | Malicious code in strategic_flyingfish_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61377 | Malicious code in strategic_dolphin_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61376 | Malicious code in strange_rooster_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61375 | Malicious code in strange_kite_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61374 | Malicious code in straightforward_swift_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61373 | Malicious code in straightforward_gerbil_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61372 | Malicious code in straightforward_bonobo_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61371 | Malicious code in straight_tiglon_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61370 | Malicious code in straight_mongoose_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61369 | Malicious code in straight_dormouse_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61368 | Malicious code in stormy_barracuda_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61367 | Malicious code in stingy_koi_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61366 | Malicious code in stiff_asp_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61365 | Malicious code in steep_vulture_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61364 | Malicious code in steep_sturgeon_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61363 | Malicious code in steep_mastodon_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61362 | Malicious code in steep_camel_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61361 | Malicious code in steep_anglerfish_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61360 | Malicious code in steady_cheetah_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61359 | Malicious code in statutory_nightingale_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| mal-2025-61358 | Malicious code in statutory_clownfish_z3n (npm) | 2025-11-10T18:02:22Z | 2025-11-10T18:02:22Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:17374 | Red Hat Security Advisory: firefox security update | 2025-10-06T10:07:21+00:00 | 2025-11-06T23:23:58+00:00 |
| rhsa-2025:17373 | Red Hat Security Advisory: firefox security update | 2025-10-06T09:45:01+00:00 | 2025-11-06T23:23:58+00:00 |
| rhsa-2025:17371 | Red Hat Security Advisory: firefox security update | 2025-10-06T09:37:26+00:00 | 2025-11-06T23:23:58+00:00 |
| rhsa-2025:17372 | Red Hat Security Advisory: firefox security update | 2025-10-06T09:36:06+00:00 | 2025-11-06T23:23:57+00:00 |
| rhsa-2025:17367 | Red Hat Security Advisory: firefox security update | 2025-10-06T09:08:41+00:00 | 2025-11-06T23:23:56+00:00 |
| rhsa-2025:17368 | Red Hat Security Advisory: firefox security update | 2025-10-06T09:07:46+00:00 | 2025-11-06T23:24:02+00:00 |
| rhsa-2025:17361 | Red Hat Security Advisory: gnutls security, bug fix, and enhancement update | 2025-10-06T08:50:07+00:00 | 2025-11-06T23:15:03+00:00 |
| rhsa-2025:17348 | Red Hat Security Advisory: gnutls security, bug fix, and enhancement update | 2025-10-06T02:41:41+00:00 | 2025-11-06T23:15:02+00:00 |
| rhsa-2025:17346 | Red Hat Security Advisory: thunderbird security update | 2025-10-06T02:33:01+00:00 | 2025-11-06T23:23:56+00:00 |
| rhsa-2025:17345 | Red Hat Security Advisory: thunderbird security update | 2025-10-06T01:39:41+00:00 | 2025-11-06T23:24:00+00:00 |
| rhsa-2025:17343 | Red Hat Security Advisory: thunderbird security update | 2025-10-06T01:37:41+00:00 | 2025-11-06T23:23:55+00:00 |
| rhsa-2025:17344 | Red Hat Security Advisory: thunderbird security update | 2025-10-06T01:36:35+00:00 | 2025-11-06T23:23:55+00:00 |
| rhsa-2025:17342 | Red Hat Security Advisory: thunderbird security update | 2025-10-06T01:34:27+00:00 | 2025-11-06T23:23:57+00:00 |
| rhsa-2025:17340 | Red Hat Security Advisory: thunderbird security update | 2025-10-06T01:30:57+00:00 | 2025-11-06T23:23:59+00:00 |
| rhsa-2025:17341 | Red Hat Security Advisory: thunderbird security update | 2025-10-06T01:30:32+00:00 | 2025-11-06T23:23:55+00:00 |
| rhsa-2025:17317 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.9 security update | 2025-10-02T17:38:07+00:00 | 2025-11-08T07:17:41+00:00 |
| rhsa-2025:17318 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.9 security update | 2025-10-02T17:34:35+00:00 | 2025-11-08T07:17:42+00:00 |
| rhsa-2025:17298 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.0 security update | 2025-10-02T14:58:17+00:00 | 2025-11-08T07:17:40+00:00 |
| rhsa-2025:17299 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.0 security update | 2025-10-02T14:54:02+00:00 | 2025-11-08T07:17:41+00:00 |
| rhsa-2025:17187 | Red Hat Security Advisory: Red Hat build of Quarkus 3.15.7 release and security update | 2025-10-02T11:58:55+00:00 | 2025-11-08T07:17:40+00:00 |
| rhsa-2025:17241 | Red Hat Security Advisory: kernel security update | 2025-10-02T10:07:46+00:00 | 2025-11-10T15:58:36+00:00 |
| rhsa-2025:17192 | Red Hat Security Advisory: kernel-rt security update | 2025-10-01T19:19:25+00:00 | 2025-11-08T07:17:21+00:00 |
| rhsa-2025:17159 | Red Hat Security Advisory: kernel security update | 2025-10-01T18:14:44+00:00 | 2025-11-08T07:17:21+00:00 |
| rhsa-2025:17189 | Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.8.22 | 2025-10-01T18:01:13+00:00 | 2025-11-07T20:55:55+00:00 |
| rhsa-2025:17161 | Red Hat Security Advisory: kernel security update | 2025-10-01T17:47:28+00:00 | 2025-11-10T17:57:06+00:00 |
| rhsa-2025:17163 | Red Hat Security Advisory: perl-JSON-XS security update | 2025-10-01T17:44:11+00:00 | 2025-11-06T23:15:02+00:00 |
| rhsa-2025:17164 | Red Hat Security Advisory: cups security update | 2025-10-01T17:36:39+00:00 | 2025-11-06T23:42:26+00:00 |
| rhsa-2025:17162 | Red Hat Security Advisory: perl-JSON-XS security update | 2025-10-01T16:59:04+00:00 | 2025-11-06T23:15:01+00:00 |
| rhsa-2025:17181 | Red Hat Security Advisory: Insights proxy Container Image | 2025-10-01T16:41:41+00:00 | 2025-11-07T00:15:20+00:00 |
| rhsa-2025:16729 | Red Hat Security Advisory: OpenShift Container Platform 4.18.25 packages and security update | 2025-10-01T16:38:14+00:00 | 2025-11-10T14:22:21+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-39748 | bpf: Forget ranges when refining tnum after JSET | 2025-09-02T00:00:00.000Z | 2025-09-13T01:03:30.000Z |
| msrc_cve-2025-39747 | drm/msm: Add error handling for krealloc in metadata setup | 2025-09-02T00:00:00.000Z | 2025-09-13T01:03:14.000Z |
| msrc_cve-2025-39746 | wifi: ath10k: shutdown driver when hardware is unreliable | 2025-09-02T00:00:00.000Z | 2025-09-13T01:02:57.000Z |
| msrc_cve-2025-39745 | rcutorture: Fix rcutorture_one_extend_check() splat in RT kernels | 2025-09-02T00:00:00.000Z | 2025-09-13T01:01:28.000Z |
| msrc_cve-2025-39744 | rcu: Fix rcu_read_unlock() deadloop due to IRQ work | 2025-09-02T00:00:00.000Z | 2025-09-13T01:04:53.000Z |
| msrc_cve-2025-39743 | jfs: truncate good inode pages when hard link is 0 | 2025-09-02T00:00:00.000Z | 2025-09-13T01:04:03.000Z |
| msrc_cve-2025-39742 | RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() | 2025-09-02T00:00:00.000Z | 2025-09-13T01:03:58.000Z |
| msrc_cve-2025-39739 | iommu/arm-smmu-qcom: Add SM6115 MDSS compatible | 2025-09-02T00:00:00.000Z | 2025-09-13T01:02:41.000Z |
| msrc_cve-2025-39738 | btrfs: do not allow relocation of partially dropped subvolumes | 2025-09-02T00:00:00.000Z | 2025-09-13T01:04:36.000Z |
| msrc_cve-2025-39737 | mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup() | 2025-09-02T00:00:00.000Z | 2025-09-13T01:04:47.000Z |
| msrc_cve-2025-39736 | mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock | 2025-09-02T00:00:00.000Z | 2025-09-13T01:02:24.000Z |
| msrc_cve-2025-39732 | wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() | 2025-09-02T00:00:00.000Z | 2025-09-09T01:01:23.000Z |
| msrc_cve-2025-39731 | f2fs: vm_unmap_ram() may be called from an invalid context | 2025-09-02T00:00:00.000Z | 2025-09-09T01:01:17.000Z |
| msrc_cve-2025-39730 | NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() | 2025-09-02T00:00:00.000Z | 2025-09-09T01:01:30.000Z |
| msrc_cve-2025-39726 | s390/ism: fix concurrency management in ism_cmd() | 2025-09-02T00:00:00.000Z | 2025-09-07T01:02:57.000Z |
| msrc_cve-2025-39724 | serial: 8250: fix panic due to PSLVERR | 2025-09-02T00:00:00.000Z | 2025-09-07T01:05:12.000Z |
| msrc_cve-2025-39721 | crypto: qat - flush misc workqueue during device shutdown | 2025-09-02T00:00:00.000Z | 2025-09-07T01:07:41.000Z |
| msrc_cve-2025-39720 | ksmbd: fix refcount leak causing resource not released | 2025-09-02T00:00:00.000Z | 2025-09-07T01:06:21.000Z |
| msrc_cve-2025-39719 | iio: imu: bno055: fix OOB access of hw_xlate array | 2025-09-02T00:00:00.000Z | 2025-09-07T01:13:30.000Z |
| msrc_cve-2025-39718 | vsock/virtio: Validate length in packet header before skb_put() | 2025-09-02T00:00:00.000Z | 2025-09-07T01:03:56.000Z |
| msrc_cve-2025-39716 | parisc: Revise __get_user() to probe user read access | 2025-09-02T00:00:00.000Z | 2025-09-07T01:12:43.000Z |
| msrc_cve-2025-39715 | parisc: Revise gateway LWS calls to probe user read access | 2025-09-02T00:00:00.000Z | 2025-09-07T01:11:11.000Z |
| msrc_cve-2025-39714 | media: usbtv: Lock resolution while streaming | 2025-09-02T00:00:00.000Z | 2025-09-07T01:13:39.000Z |
| msrc_cve-2025-39713 | media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() | 2025-09-02T00:00:00.000Z | 2025-09-07T01:13:46.000Z |
| msrc_cve-2025-39711 | media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls | 2025-09-02T00:00:00.000Z | 2025-09-07T01:07:03.000Z |
| msrc_cve-2025-39710 | media: venus: Add a check for packet size after reading from shared memory | 2025-09-02T00:00:00.000Z | 2025-09-07T01:03:46.000Z |
| msrc_cve-2025-39709 | media: venus: protect against spurious interrupts during probe | 2025-09-02T00:00:00.000Z | 2025-09-07T01:02:25.000Z |
| msrc_cve-2025-39707 | drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities | 2025-09-02T00:00:00.000Z | 2025-09-07T01:09:28.000Z |
| msrc_cve-2025-39706 | drm/amdkfd: Destroy KFD debugfs after destroy KFD wq | 2025-09-02T00:00:00.000Z | 2025-09-07T01:09:21.000Z |
| msrc_cve-2025-39705 | drm/amd/display: fix a Null pointer dereference vulnerability | 2025-09-02T00:00:00.000Z | 2025-09-07T01:09:03.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2024-000031 | "ABEMA" App for Android fails to restrict access permissions | 2024-03-15T16:37+09:00 | 2024-03-15T16:37+09:00 |
| jvndb-2024-002961 | Information Exposure Vulnerability in Cosminexus Component Container | 2024-03-13T12:10+09:00 | 2024-03-13T12:10+09:00 |
| jvndb-2024-000030 | a-blog cms vulnerable to directory traversal | 2024-03-08T15:27+09:00 | 2024-03-08T15:27+09:00 |
| jvndb-2024-002942 | OMRON NJ/NX series vulnerable to path traversal | 2024-03-08T14:16+09:00 | 2024-03-08T14:16+09:00 |
| jvndb-2024-000028 | Multiple vulnerabilities in SKYSEA Client View | 2024-03-07T16:09+09:00 | 2024-07-29T18:13+09:00 |
| jvndb-2024-000027 | FUJIFILM Business Innovation Corp. printers vulnerable to cross-site request forgery | 2024-03-06T18:24+09:00 | 2024-03-06T18:24+09:00 |
| jvndb-2024-000026 | Multiple vulnerabilities in printers and scanners which implement BROTHER Web Based Management | 2024-03-06T18:12+09:00 | 2024-03-06T18:12+09:00 |
| jvndb-2024-000029 | Toyoko Inn official App vulnerable to improper server certificate verification | 2024-03-06T13:53+09:00 | 2024-03-06T13:53+09:00 |
| jvndb-2024-000025 | Protection mechanism failure in RevoWorks | 2024-02-29T15:40+09:00 | 2024-02-29T15:40+09:00 |
| jvndb-2024-000024 | OET-213H-BTS1 missing authorization check in the initial configuration | 2024-02-29T14:59+09:00 | 2024-02-29T14:59+09:00 |
| jvndb-2024-000023 | OpenPNE plugin "opTimelinePlugin" vulnerable to cross-site scripting | 2024-02-29T13:12+09:00 | 2024-02-29T13:12+09:00 |
| jvndb-2024-000022 | Multiple vulnerabilities in baserCMS | 2024-02-27T14:25+09:00 | 2024-02-27T14:25+09:00 |
| jvndb-2024-002831 | ELECOM wireless LAN routers vulnerable to OS command injection | 2024-02-22T08:15+09:00 | 2024-11-27T14:45+09:00 |
| jvndb-2024-002832 | EL Injection Vulnerability in Hitachi Global Link Manager | 2024-02-21T15:53+09:00 | 2024-02-21T15:53+09:00 |
| jvndb-2024-000020 | Multiple vulnerabilities in ELECOM wireless LAN routers and wireless LAN repeater | 2024-02-20T14:14+09:00 | 2024-11-26T15:26+09:00 |
| jvndb-2024-002560 | Android App "Mopria Print Service" vulnerable to improper intent handling | 2024-02-15T15:26+09:00 | 2024-02-15T15:26+09:00 |
| jvndb-2024-000019 | a-blog cms vulnerable to URL spoofing | 2024-02-15T14:12+09:00 | 2024-02-15T14:12+09:00 |
| jvndb-2024-002050 | Multiple out-of-bounds write vulnerabilities in Canon Office/Small Office Multifunction Printers and Laser Printers | 2024-02-07T15:39+09:00 | 2024-03-08T18:05+09:00 |
| jvndb-2024-001882 | Sharp NEC Display Solutions' public displays vulnerable to local file inclusion | 2024-02-07T14:25+09:00 | 2024-07-11T14:27+09:00 |
| jvndb-2020-013805 | Zeroshell vulnerable to OS command injection | 2024-02-07T13:38+09:00 | 2024-02-07T13:38+09:00 |
| jvndb-2024-001804 | Multiple buffer overflow vulnerabilities in HOME SPOT CUBE2 | 2024-02-06T15:02+09:00 | 2024-03-11T17:32+09:00 |
| jvndb-2024-001785 | Incorrect permission assignment vulnerability in Trend Micro uiAirSupport | 2024-02-06T14:46+09:00 | 2024-03-11T17:42+09:00 |
| jvndb-2024-000017 | Cybozu KUNAI for Android vulnerable to denial-of-service (DoS) | 2024-02-06T13:25+09:00 | 2024-06-27T13:28+09:00 |
| jvndb-2024-001462 | File and Directory Permissions Vulnerability in Hitachi Tuning Manager | 2024-02-05T14:54+09:00 | 2024-02-05T14:54+09:00 |
| jvndb-2024-000016 | Group Office vulnerable to cross-site scripting | 2024-02-01T13:48+09:00 | 2024-03-11T18:04+09:00 |
| jvndb-2024-000015 | Payment EX vulnerable to information disclosure | 2024-02-01T13:41+09:00 | 2024-03-11T17:42+09:00 |
| jvndb-2024-001161 | Multiple vulnerabilities in SHARP Energy Management Controller with Cloud Services | 2024-01-31T16:01+09:00 | 2024-01-31T16:01+09:00 |
| jvndb-2024-001160 | File and Directory Permissions Vulnerability in Hitachi Storage Plug-in for VMware vCenter | 2024-01-31T15:25+09:00 | 2024-03-11T17:41+09:00 |
| jvndb-2024-001062 | Yamaha wireless LAN access point devices vulnerable to active debug code | 2024-01-24T17:16+09:00 | 2024-03-13T17:24+09:00 |
| jvndb-2024-001061 | ELECOM wireless LAN routers vulnerable to OS command injection | 2024-01-24T17:16+09:00 | 2025-02-13T14:31+09:00 |
| ID | Description | Updated |
|---|