Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-w2jf-268q-mrvh | OpenTofu affected denials of service in "tofu init" with maliciously-crafted module package responses | 2025-11-06T15:44:04Z | 2025-11-06T15:44:04Z |
| ghsa-j5h3-g7ch-42qf | Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files… | 2025-11-06T15:31:02Z | 2025-11-06T15:31:02Z |
| ghsa-chqh-jw54-v96h | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2025-11-06T15:31:02Z | 2025-11-06T15:31:02Z |
| ghsa-954p-ff4g-qrwj | IBM Business Automation Workflow containers 24.0.0 through 24.0.0-IF006, 24.0.1 through 24.0.1-IF00… | 2025-11-06T15:31:02Z | 2025-11-06T15:31:02Z |
| ghsa-47fj-h8p3-32hr | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2025-11-06T15:31:02Z | 2025-11-06T15:31:02Z |
| ghsa-w832-gg5g-x44m | Open redirect endpoint in Datasette | 2025-11-06T15:13:33Z | 2025-11-07T21:56:19Z |
| ghsa-pwhc-rpq9-4c8w | containerd affected by a local privilege escalation via wide permissions on CRI directory | 2025-11-06T15:12:08Z | 2025-11-06T23:12:26Z |
| ghsa-wwqf-mr46-f48r | The Hubbub Lite – Fast, free social sharing and follow buttons plugin for WordPress is vulnerable t… | 2025-11-06T09:30:27Z | 2025-11-06T09:30:27Z |
| ghsa-c6mq-jmqr-fj42 | The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to unauthor… | 2025-11-06T09:30:27Z | 2025-11-06T09:30:27Z |
| ghsa-8pxf-65qh-4qrc | Improper Validation of Specified Quantity in Input vulnerability in TCP Communication Function on M… | 2025-11-06T09:30:27Z | 2025-11-06T09:30:27Z |
| ghsa-59gw-wcgq-689r | The Strong Testimonials plugin for WordPress is vulnerable to arbitrary shortcode execution in all … | 2025-11-06T09:30:27Z | 2025-11-06T09:30:27Z |
| ghsa-w98m-8w6g-8h8h | Rejected reason: Not used | 2025-11-06T06:31:00Z | 2025-11-06T06:31:00Z |
| ghsa-rrj6-v2g6-p956 | Cross-site scripting vulnerability exists in GROWI prior to v7.2.10. If a malicious user creates a … | 2025-11-06T06:31:00Z | 2025-11-06T06:31:00Z |
| ghsa-rqm6-jmg2-pgr4 | The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Server-Si… | 2025-11-06T06:31:00Z | 2025-11-06T06:31:00Z |
| ghsa-c6v2-f464-375q | The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to limited f… | 2025-11-06T06:31:00Z | 2025-11-06T06:31:00Z |
| ghsa-89rw-3v7g-7694 | A improper restriction of operations within the bounds of a memory buffer exists in AsIO3.sys drive… | 2025-11-06T06:31:00Z | 2025-11-06T06:31:00Z |
| ghsa-6jrq-cfpr-p7h7 | The Easy Digital Downloads plugin for WordPress is vulnerable to Order Manipulation in all versions… | 2025-11-06T06:31:00Z | 2025-11-06T06:31:00Z |
| ghsa-xr75-qffj-f7pp | Rejected reason: Not used | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ghsa-jfgq-q79f-mg46 | Rejected reason: Not used | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ghsa-j46x-7r2f-39jj | Rejected reason: Not used | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ghsa-hxmw-gjp6-v3hg | Rejected reason: Not used | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ghsa-cgph-cwx2-p8cf | Rejected reason: Not used | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ghsa-9rw2-959c-gw2m | Rejected reason: Not used | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ghsa-5f59-4f8w-6g47 | Rejected reason: Not used | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ghsa-4rhv-r8jc-m23p | The Easy Email Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in all… | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ghsa-25h8-7qpw-h33r | Rejected reason: Not used | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ghsa-q7xf-93c3-w2p7 | The Easy Email Subscription plugin for WordPress is vulnerable to SQL Injection via the 'uid' param… | 2025-11-06T03:30:25Z | 2025-11-06T03:30:25Z |
| ghsa-mcg2-rcmm-mhww | Improper handling of the authentication token in the Amazon WorkSpaces client for Linux, versions 2… | 2025-11-06T00:30:26Z | 2025-11-10T21:30:32Z |
| ghsa-8gg4-hx7q-h82p | Improper authentication in the API authentication middleware of HCL DevOps Loop allows authenticati… | 2025-11-06T00:30:26Z | 2025-11-06T00:30:26Z |
| ghsa-rw7h-fw9j-wrgx | A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affe… | 2025-11-05T21:31:02Z | 2025-11-05T21:31:02Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-60247 | N/A | WordPress Bux Woocommerce plugin <= 1.2.3 - Broken Acc… |
Bux |
Bux Woocommerce |
2025-11-06T15:55:20.539Z | 2025-11-07T14:25:45.410Z |
| cve-2025-60245 | N/A | WordPress WP User Manager plugin <= 2.9.12 - PHP Objec… |
WP User Manager |
WP User Manager |
2025-11-06T15:55:19.859Z | 2025-11-06T15:55:19.859Z |
| cve-2025-60244 | N/A | WordPress TableOn plugin <= 1.0.4.2 - Content Injectio… |
RealMag777 |
TableOn |
2025-11-06T15:55:18.193Z | 2025-11-06T15:55:18.193Z |
| cve-2025-60243 | N/A | WordPress Selling Commander for WooCommerce plugin <= … |
Holest Engineering |
Selling Commander for WooCommerce |
2025-11-06T15:55:15.782Z | 2025-11-06T15:55:15.782Z |
| cve-2025-60242 | N/A | WordPress Download Counter plugin <= 1.4 - Arbitrary F… |
Anatoly |
Download Counter |
2025-11-06T15:55:14.917Z | 2025-11-06T15:55:14.917Z |
| cve-2025-60241 | N/A | WordPress Premmerce plugin <= 1.3.19 - Local File Incl… |
Premmerce |
Premmerce |
2025-11-06T15:55:13.362Z | 2025-11-07T14:25:51.174Z |
| cve-2025-60240 | N/A | WordPress AnyComment plugin <= 0.3.6 - Local File Incl… |
Alexander |
AnyComment |
2025-11-06T15:55:10.324Z | 2025-11-07T14:25:56.516Z |
| cve-2025-60239 | N/A | WordPress CoSchool LMS plugin <= 1.4.3 - SQL Injection… |
Codexpert, Inc |
CoSchool LMS |
2025-11-06T15:55:09.493Z | 2025-11-07T14:26:02.764Z |
| cve-2025-60235 | N/A | WordPress Helpdesk Support Ticket System for WooCommer… |
Plugify |
Helpdesk Support Ticket System for WooCommerce |
2025-11-06T15:55:07.928Z | 2025-11-06T15:55:07.928Z |
| cve-2025-60207 | N/A | WordPress Custom User Registration Fields for WooComme… |
Addify |
Custom User Registration Fields for WooCommerce |
2025-11-06T15:55:06.274Z | 2025-11-06T15:55:06.274Z |
| cve-2025-60204 | N/A | WordPress WooCommerce Store Toolkit plugin <= 2.4.3 - … |
Josh Kohlbach |
WooCommerce Store Toolkit |
2025-11-06T15:55:05.172Z | 2025-11-06T17:35:11.397Z |
| cve-2025-60203 | N/A | WordPress Store Exporter plugin <= 2.7.6 - Local File … |
Josh Kohlbach |
Store Exporter |
2025-11-06T15:55:04.065Z | 2025-11-06T17:37:00.570Z |
| cve-2025-60202 | N/A | WordPress Favorites plugin <= 2.3.6 - Local File Inclu… |
Kyle Phillips |
Favorites |
2025-11-06T15:55:03.303Z | 2025-11-06T17:38:34.953Z |
| cve-2025-60201 | N/A | WordPress WP Customer Area plugin <= 8.2.7 - Local Fil… |
aguilatechnologies |
WP Customer Area |
2025-11-06T15:55:00.953Z | 2025-11-06T17:40:48.385Z |
| cve-2025-60200 | N/A | WordPress LearnPress Export Import plugin <= 4.0.9 - L… |
ThimPress |
LearnPress Export Import |
2025-11-06T15:54:59.689Z | 2025-11-06T17:42:08.469Z |
| cve-2025-60199 | N/A | WordPress InHype - Blog & Magazine WordPress Theme the… |
dedalx |
InHype - Blog & Magazine WordPress Theme |
2025-11-06T15:54:56.700Z | 2025-11-06T17:44:09.601Z |
| cve-2025-60198 | N/A | WordPress Saxon - Viral Content Blog & Magazine Market… |
dedalx |
Saxon - Viral Content Blog & Magazine Marketing WordPress Theme |
2025-11-06T15:54:55.955Z | 2025-11-06T17:45:02.935Z |
| cve-2025-60197 | N/A | WordPress Simple Contact Forms plugin <= 1.6.4 - Local… |
owenr88 |
Simple Contact Forms |
2025-11-06T15:54:54.553Z | 2025-11-06T17:45:51.893Z |
| cve-2025-60196 | N/A | WordPress Clearblue® Ovulation Calculator plugin <= 1.… |
Clearblue |
Clearblue® Ovulation Calculator |
2025-11-06T15:54:52.172Z | 2025-11-06T19:42:52.437Z |
| cve-2025-60195 | N/A | WordPress Atarim plugin <= 4.2 - Privilege Escalation … |
Vito Peleg |
Atarim |
2025-11-06T15:54:51.541Z | 2025-11-06T19:46:32.722Z |
| cve-2025-60194 | N/A | WordPress Premmerce Product Search for WooCommerce plu… |
Premmerce |
Premmerce Product Search for WooCommerce |
2025-11-06T15:54:50.878Z | 2025-11-06T20:02:04.425Z |
| cve-2025-60193 | N/A | WordPress Premmerce User Roles plugin <= 1.0.13 - Loca… |
Premmerce |
Premmerce User Roles |
2025-11-06T15:54:49.770Z | 2025-11-06T20:01:26.912Z |
| cve-2025-60192 | N/A | WordPress Premmerce Wholesale Pricing for WooCommerce … |
Premmerce |
Premmerce Wholesale Pricing for WooCommerce |
2025-11-06T15:54:49.257Z | 2025-11-06T19:57:53.547Z |
| cve-2025-60191 | N/A | WordPress Premmerce Wishlist for WooCommerce plugin <=… |
Premmerce |
Premmerce Wishlist for WooCommerce |
2025-11-06T15:54:48.713Z | 2025-11-06T21:19:06.815Z |
| cve-2025-60190 | N/A | WordPress Immocaster WordPress Plugin plugin <= 1.3.6 … |
Hinnerk Altenburg |
Immocaster WordPress Plugin |
2025-11-06T15:54:48.157Z | 2025-11-06T21:20:06.464Z |
| cve-2025-60189 | N/A | WordPress PoloPag – Pix Automático para Woocommerce pl… |
PoloPag |
PoloPag – Pix Automático para Woocommerce |
2025-11-06T15:54:47.579Z | 2025-11-06T15:54:47.579Z |
| cve-2025-60188 | N/A | WordPress Atarim plugin <= 4.2 - Sensitive Data Exposu… |
Vito Peleg |
Atarim |
2025-11-06T15:54:46.469Z | 2025-11-06T15:54:46.469Z |
| cve-2025-60187 | N/A | WordPress Atarim plugin <= 4.2 - Arbitrary File Upload… |
Vito Peleg |
Atarim |
2025-11-06T15:54:45.484Z | 2025-11-06T21:29:17.523Z |
| cve-2025-60074 | N/A | WordPress Lazy Load Optimizer plugin <= 1.4.7 - Local … |
Processby |
Lazy Load Optimizer |
2025-11-06T15:54:43.533Z | 2025-11-06T21:30:24.551Z |
| cve-2025-60073 | N/A | WordPress Responsive Sidebar plugin <= 1.2.2 - Local F… |
Processby |
Responsive Sidebar |
2025-11-06T15:54:42.201Z | 2025-11-06T15:54:42.201Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-62035 | N/A | WordPress Togo theme < 1.0.4 - PHP Object Injection vu… |
uxper |
Togo |
2025-11-06T15:55:31.398Z | 2025-11-06T18:17:30.906Z |
| cve-2025-62034 | N/A | WordPress Togo theme < 1.0.4 - Privilege Escalation vu… |
uxper |
Togo |
2025-11-06T15:55:30.572Z | 2025-11-07T14:04:24.192Z |
| cve-2025-62033 | N/A | WordPress Togo theme < 1.0.4 - Broken Access Control v… |
uxper |
Togo |
2025-11-06T15:55:29.843Z | 2025-11-06T18:15:37.360Z |
| cve-2025-62032 | N/A | WordPress tagDiv Cloud Library plugin < 3.9.2 - Cross … |
tagDiv |
tagDiv Cloud Library |
2025-11-06T15:55:29.230Z | 2025-11-06T18:13:57.864Z |
| cve-2025-62031 | N/A | WordPress tagDiv Composer plugin <= 5.4.1 - Cross Site… |
tagDiv |
tagDiv Composer |
2025-11-06T15:55:28.516Z | 2025-11-06T18:11:04.272Z |
| cve-2025-62030 | N/A | WordPress tagDiv Composer plugin <= 5.4.1 - Cross Site… |
tagDiv |
tagDiv Composer |
2025-11-06T15:55:27.866Z | 2025-11-06T18:09:44.391Z |
| cve-2025-62028 | N/A | WordPress Salient theme < 17.4.0 - Broken Access Contr… |
ThemeNectar |
Salient |
2025-11-06T15:55:27.077Z | 2025-11-06T18:08:30.204Z |
| cve-2025-62018 | N/A | WordPress Kallyas theme <= 4.22.0 - Broken Access Cont… |
hogash |
Kallyas |
2025-11-06T15:55:26.361Z | 2025-11-06T18:00:28.192Z |
| cve-2025-62017 | N/A | WordPress Kallyas theme <= 4.22.0 - Broken Access Cont… |
hogash |
Kallyas |
2025-11-06T15:55:25.294Z | 2025-11-06T17:59:33.877Z |
| cve-2025-62016 | N/A | WordPress Kallyas theme <= 4.22.0 - Arbitrary File Upl… |
hogash |
Kallyas |
2025-11-06T15:55:24.586Z | 2025-11-07T14:05:19.194Z |
| cve-2025-62014 | N/A | WordPress ITok theme <= 1.1.42 - Local File Inclusion … |
ApusTheme |
ITok |
2025-11-06T15:55:23.874Z | 2025-11-07T14:06:52.557Z |
| cve-2025-62012 | N/A | WordPress TheGem (Elementor) theme <= 5.10.5 - Cross S… |
CodexThemes |
TheGem (Elementor) |
2025-11-06T15:55:23.261Z | 2025-11-07T14:25:21.864Z |
| cve-2025-62011 | N/A | WordPress TheGem theme <= 5.10.5 - Cross Site Scriptin… |
CodexThemes |
TheGem |
2025-11-06T15:55:22.593Z | 2025-11-07T14:25:28.464Z |
| cve-2025-62010 | N/A | WordPress Famita theme <= 1.54 - Local File Inclusion … |
ApusTheme |
Famita |
2025-11-06T15:55:21.866Z | 2025-11-07T14:25:34.207Z |
| cve-2025-60248 | N/A | WordPress WPC Product Options for WooCommerce plugin <… |
WPClever |
WPC Product Options for WooCommerce |
2025-11-06T15:55:21.142Z | 2025-11-07T14:25:39.722Z |
| cve-2025-60247 | N/A | WordPress Bux Woocommerce plugin <= 1.2.3 - Broken Acc… |
Bux |
Bux Woocommerce |
2025-11-06T15:55:20.539Z | 2025-11-07T14:25:45.410Z |
| cve-2025-60245 | N/A | WordPress WP User Manager plugin <= 2.9.12 - PHP Objec… |
WP User Manager |
WP User Manager |
2025-11-06T15:55:19.859Z | 2025-11-06T15:55:19.859Z |
| cve-2025-60244 | N/A | WordPress TableOn plugin <= 1.0.4.2 - Content Injectio… |
RealMag777 |
TableOn |
2025-11-06T15:55:18.193Z | 2025-11-06T15:55:18.193Z |
| cve-2025-60243 | N/A | WordPress Selling Commander for WooCommerce plugin <= … |
Holest Engineering |
Selling Commander for WooCommerce |
2025-11-06T15:55:15.782Z | 2025-11-06T15:55:15.782Z |
| cve-2025-60242 | N/A | WordPress Download Counter plugin <= 1.4 - Arbitrary F… |
Anatoly |
Download Counter |
2025-11-06T15:55:14.917Z | 2025-11-06T15:55:14.917Z |
| cve-2025-60241 | N/A | WordPress Premmerce plugin <= 1.3.19 - Local File Incl… |
Premmerce |
Premmerce |
2025-11-06T15:55:13.362Z | 2025-11-07T14:25:51.174Z |
| cve-2025-60240 | N/A | WordPress AnyComment plugin <= 0.3.6 - Local File Incl… |
Alexander |
AnyComment |
2025-11-06T15:55:10.324Z | 2025-11-07T14:25:56.516Z |
| cve-2025-60239 | N/A | WordPress CoSchool LMS plugin <= 1.4.3 - SQL Injection… |
Codexpert, Inc |
CoSchool LMS |
2025-11-06T15:55:09.493Z | 2025-11-07T14:26:02.764Z |
| cve-2025-60235 | N/A | WordPress Helpdesk Support Ticket System for WooCommer… |
Plugify |
Helpdesk Support Ticket System for WooCommerce |
2025-11-06T15:55:07.928Z | 2025-11-06T15:55:07.928Z |
| cve-2025-60207 | N/A | WordPress Custom User Registration Fields for WooComme… |
Addify |
Custom User Registration Fields for WooCommerce |
2025-11-06T15:55:06.274Z | 2025-11-06T15:55:06.274Z |
| cve-2025-60204 | N/A | WordPress WooCommerce Store Toolkit plugin <= 2.4.3 - … |
Josh Kohlbach |
WooCommerce Store Toolkit |
2025-11-06T15:55:05.172Z | 2025-11-06T17:35:11.397Z |
| cve-2025-60203 | N/A | WordPress Store Exporter plugin <= 2.7.6 - Local File … |
Josh Kohlbach |
Store Exporter |
2025-11-06T15:55:04.065Z | 2025-11-06T17:37:00.570Z |
| cve-2025-60202 | N/A | WordPress Favorites plugin <= 2.3.6 - Local File Inclu… |
Kyle Phillips |
Favorites |
2025-11-06T15:55:03.303Z | 2025-11-06T17:38:34.953Z |
| cve-2025-60201 | N/A | WordPress WP Customer Area plugin <= 8.2.7 - Local Fil… |
aguilatechnologies |
WP Customer Area |
2025-11-06T15:55:00.953Z | 2025-11-06T17:40:48.385Z |
| cve-2025-60200 | N/A | WordPress LearnPress Export Import plugin <= 4.0.9 - L… |
ThimPress |
LearnPress Export Import |
2025-11-06T15:54:59.689Z | 2025-11-06T17:42:08.469Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-82348 | Malicious code in wibowo-keripik58-sukiwir (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82347 | Malicious code in wibowo-keraktelor4-sukiwir (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82346 | Malicious code in wibowo-kentang67-sukiwir (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82345 | Malicious code in wibowo-kentang24-sukiwir (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82344 | Malicious code in wibowo-jus99-sukiwir (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82343 | Malicious code in wibowo-gandul13-sukiwir (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82342 | Malicious code in wibowo-esdoger94-sukiwir (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82341 | Malicious code in wibowo-dodol70-sukiwir (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82340 | Malicious code in wibowo-bubur85-sukiwir (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82339 | Malicious code in wibowo-brongkos37-sukiwir (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82338 | Malicious code in wibowo-brengkes78-sukiwir (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82337 | Malicious code in wibowo-botok27-sukiwir (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82336 | Malicious code in wibowo-bakwan94-sukiwir (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82335 | Malicious code in wibowo-bakwan23-sukiwir (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82334 | Malicious code in wibowo-bakso85-sukiwir (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82333 | Malicious code in wibowo-bakso54-sukiwir (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82332 | Malicious code in whole_raccoon_z3n (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82331 | Malicious code in whispering_whale_z3n (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82330 | Malicious code in whispering_trout_z3n (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82329 | Malicious code in whispering_basilisk_z3n (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82328 | Malicious code in wet_goldfish_z3n (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82327 | Malicious code in western_tiglon_z3n (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82326 | Malicious code in well_manatee_z3n (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82325 | Malicious code in welcome_wallaby_z3n (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82324 | Malicious code in weekly_kangaroo_z3n (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82323 | Malicious code in wee_slug_z3n (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82322 | Malicious code in wealthy_galliform_z3n (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82321 | Malicious code in wealthy_bear_z3n (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82320 | Malicious code in weak_mouse_z3n (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| mal-2025-82319 | Malicious code in weak_leopard_z3n (npm) | 2025-11-11T03:48:15Z | 2025-11-11T03:48:15Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:15680 | Red Hat Security Advisory: OpenShift Container Platform 4.16.48 bug fix and security update | 2025-09-17T11:15:03+00:00 | 2025-11-07T00:15:32+00:00 |
| rhsa-2025:15681 | Red Hat Security Advisory: OpenShift Container Platform 4.16.48 security and extras update | 2025-09-17T10:36:08+00:00 | 2025-11-10T01:32:44+00:00 |
| rhsa-2025:16046 | Red Hat Security Advisory: mysql:8.4 security update | 2025-09-17T08:11:40+00:00 | 2025-11-06T23:14:57+00:00 |
| rhba-2025:15714 | Red Hat Bug Fix Advisory: OpenShift Container Platform 4.18.24 bug fix update | 2025-09-17T07:54:00+00:00 | 2025-11-06T23:41:15+00:00 |
| rhsa-2025:16045 | Red Hat Security Advisory: kpatch-patch-4_18_0-372_118_1, kpatch-patch-4_18_0-372_131_1, kpatch-patch-4_18_0-372_137_1, kpatch-patch-4_18_0-372_145_1, and kpatch-patch-4_18_0-372_158_1 security update | 2025-09-17T07:28:05+00:00 | 2025-11-08T07:17:16+00:00 |
| rhsa-2025:16044 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.1.2 | 2025-09-17T07:00:14+00:00 | 2025-11-07T00:15:01+00:00 |
| rhsa-2025:16040 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.0.5 | 2025-09-17T06:34:26+00:00 | 2025-11-07T00:15:03+00:00 |
| rhsa-2025:16031 | Red Hat Security Advisory: python3.11 security update | 2025-09-17T05:27:10+00:00 | 2025-11-07T10:53:31+00:00 |
| rhsa-2025:16021 | Red Hat Security Advisory: udisks2 security update | 2025-09-16T20:29:49+00:00 | 2025-11-06T23:42:18+00:00 |
| rhsa-2025:16020 | Red Hat Security Advisory: Red Hat Developer Hub 1.7.1 release. | 2025-09-16T20:12:11+00:00 | 2025-11-06T22:48:54+00:00 |
| rhsa-2025:16016 | Red Hat Security Advisory: python3.11 security update | 2025-09-16T19:30:24+00:00 | 2025-11-07T10:53:31+00:00 |
| rhsa-2025:16012 | Red Hat Security Advisory: python3.11 security update | 2025-09-16T18:01:55+00:00 | 2025-11-07T10:53:31+00:00 |
| rhsa-2025:16008 | Red Hat Security Advisory: kpatch-patch-4_18_0-477_107_1, kpatch-patch-4_18_0-477_67_1, kpatch-patch-4_18_0-477_81_1, kpatch-patch-4_18_0-477_89_1, and kpatch-patch-4_18_0-477_97_1 security update | 2025-09-16T17:51:24+00:00 | 2025-11-08T07:17:16+00:00 |
| rhsa-2025:15968 | Red Hat Security Advisory: python3 security update | 2025-09-16T14:49:39+00:00 | 2025-11-07T10:53:30+00:00 |
| rhsa-2025:15956 | Red Hat Security Advisory: udisks2 security update | 2025-09-16T12:41:58+00:00 | 2025-11-06T23:42:18+00:00 |
| rhsa-2025:15932 | Red Hat Security Advisory: kpatch-patch-5_14_0-427_31_1, kpatch-patch-5_14_0-427_44_1, kpatch-patch-5_14_0-427_55_1, kpatch-patch-5_14_0-427_68_2, and kpatch-patch-5_14_0-427_84_1 security update | 2025-09-16T09:07:47+00:00 | 2025-11-08T07:17:15+00:00 |
| rhsa-2025:15933 | Red Hat Security Advisory: kpatch-patch-5_14_0-70_112_1, kpatch-patch-5_14_0-70_121_1, kpatch-patch-5_14_0-70_124_1, kpatch-patch-5_14_0-70_132_1, and kpatch-patch-5_14_0-70_144_1 security update | 2025-09-16T09:06:23+00:00 | 2025-11-08T07:17:16+00:00 |
| rhsa-2025:15931 | Red Hat Security Advisory: kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_134_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 security update | 2025-09-16T09:06:12+00:00 | 2025-11-08T07:17:15+00:00 |
| rhba-2025:15694 | Red Hat Bug Fix Advisory: OpenShift Container Platform 4.19.12 bug fix update | 2025-09-16T08:35:17+00:00 | 2025-11-06T23:41:15+00:00 |
| rhsa-2025:15921 | Red Hat Security Advisory: kpatch-patch-4_18_0-553_16_1, kpatch-patch-4_18_0-553_30_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, and kpatch-patch-4_18_0-553_72_1 security update | 2025-09-16T08:09:12+00:00 | 2025-11-08T07:17:14+00:00 |
| rhsa-2025:15904 | Red Hat Security Advisory: container-tools:rhel8 security update | 2025-09-16T05:56:47+00:00 | 2025-11-07T18:35:48+00:00 |
| rhsa-2025:15900 | Red Hat Security Advisory: podman security update | 2025-09-16T03:57:07+00:00 | 2025-11-07T18:35:48+00:00 |
| rhba-2025:15878 | Red Hat Bug Fix Advisory: linux-firmware bug fix and enhancement update | 2025-09-16T03:51:47+00:00 | 2025-11-10T01:48:10+00:00 |
| rhsa-2025:15901 | Red Hat Security Advisory: podman security update | 2025-09-16T02:22:07+00:00 | 2025-11-07T18:35:48+00:00 |
| rhsa-2025:15887 | Red Hat Security Advisory: opentelemetry-collector security update | 2025-09-16T00:59:56+00:00 | 2025-11-07T16:34:38+00:00 |
| rhsa-2025:15874 | Red Hat Security Advisory: python-cryptography security update | 2025-09-16T00:58:46+00:00 | 2025-11-06T23:05:41+00:00 |
| rhsa-2025:15872 | Red Hat Security Advisory: VolSync v0.12 security fixes and container updates | 2025-09-15T21:56:29+00:00 | 2025-11-10T13:43:32+00:00 |
| rhsa-2025:15847 | Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.23.0 Release. | 2025-09-15T16:27:40+00:00 | 2025-11-10T13:55:11+00:00 |
| rhsa-2025:15828 | Red Hat Security Advisory: updated web-terminal/tooling container image | 2025-09-15T15:14:08+00:00 | 2025-11-07T18:37:12+00:00 |
| rhsa-2025:15827 | Red Hat Security Advisory: updated web-terminal/tooling container image | 2025-09-15T15:13:16+00:00 | 2025-11-07T18:37:07+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-54349 | In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resultant heap-based buffer overflow. | 2025-08-02T00:00:00.000Z | 2025-09-04T03:41:51.000Z |
| msrc_cve-2025-53859 | NGINX ngx_mail_smtp_module vulnerability | 2025-08-02T00:00:00.000Z | 2025-09-04T00:15:43.000Z |
| msrc_cve-2025-52194 | A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential code execution. | 2025-08-02T00:00:00.000Z | 2025-09-03T23:34:47.000Z |
| msrc_cve-2025-50422 | Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled->face == NULL" assertion failure for _cairo_ft_unscaled_font_fini in cairo-ft-font.c. | 2025-08-02T00:00:00.000Z | 2025-09-03T22:28:31.000Z |
| msrc_cve-2025-4877 | Libssh: write beyond bounds in binary to base64 conversion functions | 2025-08-02T00:00:00.000Z | 2025-09-03T21:53:59.000Z |
| msrc_cve-2025-47907 | Incorrect results returned from Rows.Scan in database/sql | 2025-08-02T00:00:00.000Z | 2025-09-03T22:18:29.000Z |
| msrc_cve-2025-38677 | f2fs: fix to avoid out-of-boundary access in dnode page | 2025-08-02T00:00:00.000Z | 2025-09-04T01:06:37.000Z |
| msrc_cve-2025-38676 | iommu/amd: Avoid stack buffer overflow from kernel cmdline | 2025-08-02T00:00:00.000Z | 2025-09-03T23:53:01.000Z |
| msrc_cve-2025-38671 | i2c: qup: jump out of the loop in case of timeout | 2025-08-02T00:00:00.000Z | 2025-09-03T22:19:35.000Z |
| msrc_cve-2025-38670 | arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() | 2025-08-02T00:00:00.000Z | 2025-09-03T23:20:26.000Z |
| msrc_cve-2025-38668 | regulator: core: fix NULL dereference on unbind due to stale coupling data | 2025-08-02T00:00:00.000Z | 2025-09-03T22:04:02.000Z |
| msrc_cve-2025-38666 | net: appletalk: Fix use-after-free in AARP proxy probe | 2025-08-02T00:00:00.000Z | 2025-09-03T23:29:24.000Z |
| msrc_cve-2025-38665 | can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode | 2025-08-02T00:00:00.000Z | 2025-09-03T22:16:52.000Z |
| msrc_cve-2025-38664 | ice: Fix a null pointer dereference in ice_copy_and_init_pkg() | 2025-08-02T00:00:00.000Z | 2025-09-03T23:00:09.000Z |
| msrc_cve-2025-38663 | nilfs2: reject invalid file types when reading inodes | 2025-08-02T00:00:00.000Z | 2025-09-03T22:51:05.000Z |
| msrc_cve-2025-38660 | [ceph] parse_longname(): strrchr() expects NUL-terminated string | 2025-08-02T00:00:00.000Z | 2025-09-03T22:14:03.000Z |
| msrc_cve-2025-38659 | gfs2: No more self recovery | 2025-08-02T00:00:00.000Z | 2025-09-03T22:09:04.000Z |
| msrc_cve-2025-38653 | proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al | 2025-08-02T00:00:00.000Z | 2025-09-03T22:05:46.000Z |
| msrc_cve-2025-38652 | f2fs: fix to avoid out-of-boundary access in devs.path | 2025-08-02T00:00:00.000Z | 2025-09-03T22:24:43.000Z |
| msrc_cve-2025-38650 | hfsplus: remove mutex_lock check in hfsplus_free_extents | 2025-08-02T00:00:00.000Z | 2025-09-03T22:46:10.000Z |
| msrc_cve-2025-38648 | spi: stm32: Check for cfg availability in stm32_spi_probe | 2025-08-02T00:00:00.000Z | 2025-09-03T22:48:28.000Z |
| msrc_cve-2025-38646 | wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band | 2025-08-02T00:00:00.000Z | 2025-09-03T23:14:25.000Z |
| msrc_cve-2025-38645 | net/mlx5: Check device memory pointer before usage | 2025-08-02T00:00:00.000Z | 2025-09-03T23:23:33.000Z |
| msrc_cve-2025-38644 | wifi: mac80211: reject TDLS operations when station is not associated | 2025-08-02T00:00:00.000Z | 2025-09-03T22:11:23.000Z |
| msrc_cve-2025-38643 | wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() | 2025-08-02T00:00:00.000Z | 2025-09-03T23:17:01.000Z |
| msrc_cve-2025-38640 | bpf: Disable migration in nf_hook_run_bpf(). | 2025-08-02T00:00:00.000Z | 2025-09-03T23:09:33.000Z |
| msrc_cve-2025-38639 | netfilter: xt_nfacct: don't assume acct name is null-terminated | 2025-08-02T00:00:00.000Z | 2025-09-03T22:42:39.000Z |
| msrc_cve-2025-38636 | rv: Use strings in da monitors tracepoints | 2025-08-02T00:00:00.000Z | 2025-09-03T22:36:50.000Z |
| msrc_cve-2025-38635 | clk: davinci: Add NULL check in davinci_lpsc_clk_register() | 2025-08-02T00:00:00.000Z | 2025-09-03T23:03:17.000Z |
| msrc_cve-2025-38634 | power: supply: cpcap-charger: Fix null check for power_supply_get_by_name | 2025-08-02T00:00:00.000Z | 2025-09-03T23:12:01.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2023-002100 | Security updates for multiple Trend Micro products for enterprises (June 2023) | 2023-06-14T14:47+09:00 | 2024-05-23T15:23+09:00 |
| jvndb-2023-000061 | Chatwork Desktop Application (Mac) vulnerable to code injection | 2023-06-13T13:38+09:00 | 2024-05-24T16:02+09:00 |
| jvndb-2023-000062 | "WPS Office" vulnerable to OS command injection | 2023-06-12T12:57+09:00 | 2024-04-18T17:49+09:00 |
| jvndb-2023-000059 | Multiple vulnerabilities in Inaba Denki Sangyo Wi-Fi AP UNIT | 2023-06-09T15:18+09:00 | 2024-05-27T16:38+09:00 |
| jvndb-2023-000048 | ASUS Router RT-AX3000 vulnerable to using sensitive cookies without 'Secure' attribute | 2023-06-09T15:18+09:00 | 2024-04-18T17:44+09:00 |
| jvndb-2023-002072 | Multiple vulnerabilities in Fuji Electric products | 2023-06-09T12:23+09:00 | 2024-05-23T15:33+09:00 |
| jvndb-2023-002055 | Multiple vulnerabilities in KbDevice digital video recorders | 2023-06-07T11:52+09:00 | 2024-05-24T15:57+09:00 |
| jvndb-2023-002022 | Multiple vulnerabilities in FUJI ELECTRIC FRENIC RHC Loader | 2023-06-05T15:55+09:00 | 2024-04-18T17:40+09:00 |
| jvndb-2023-000057 | "Jiyu Kukan Toku-Toku coupon" App vulnerable to improper server certificate verification | 2023-06-01T14:51+09:00 | 2024-05-23T17:19+09:00 |
| jvndb-2023-002002 | Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS) | 2023-06-01T13:48+09:00 | 2024-03-19T18:13+09:00 |
| jvndb-2023-000058 | Pleasanter vulnerable to cross-site scripting | 2023-05-31T15:34+09:00 | 2024-03-19T18:17+09:00 |
| jvndb-2023-000052 | DataSpider Servista uses a hard-coded cryptographic key | 2023-05-31T15:34+09:00 | 2024-03-19T17:44+09:00 |
| jvndb-2023-000056 | Starlette vulnerable to directory traversal | 2023-05-30T13:34+09:00 | 2024-03-19T18:08+09:00 |
| jvndb-2023-000055 | ESS REC Agent Server Edition for Linux etc. vulnerable to directory traversal | 2023-05-26T13:58+09:00 | 2024-03-21T17:15+09:00 |
| jvndb-2023-000054 | Wacom Tablet Driver installer for macOS vulnerable to improper link resolution before file access | 2023-05-25T13:40+09:00 | 2023-05-25T13:40+09:00 |
| jvndb-2023-001926 | Cross-site Scripting Vulnerability in Hitachi Ops Center Analyzer | 2023-05-24T11:40+09:00 | 2024-05-24T17:01+09:00 |
| jvndb-2023-000053 | Tornado vulnerable to open redirect | 2023-05-22T13:30+09:00 | 2024-03-21T17:05+09:00 |
| jvndb-2023-001894 | Android App "Brother iPrint&Scan" vulnerable to improper access control | 2023-05-19T15:40+09:00 | 2023-05-19T15:40+09:00 |
| jvndb-2023-000051 | Multiple vulnerabilities in T&D and ESPEC MIC data logger products | 2023-05-19T15:21+09:00 | 2024-05-23T17:03+09:00 |
| jvndb-2023-000026 | Qrio Smart Lock Q-SL2 vulnerable to authentication bypass by capture-replay | 2023-05-18T14:13+09:00 | 2024-05-23T17:18+09:00 |
| jvndb-2023-001852 | OS command injection vulnerability in Inaba Denki Sangyo Wi-Fi AP UNIT | 2023-05-17T15:09+09:00 | 2023-05-17T15:09+09:00 |
| jvndb-2023-000050 | Multiple vulnerabilities in WordPress Plugin "MW WP Form" and "Snow Monkey Forms" | 2023-05-15T14:29+09:00 | 2024-05-29T16:27+09:00 |
| jvndb-2023-000049 | Multiple vulnerabilities in Cybozu Garoon | 2023-05-15T14:29+09:00 | 2024-05-24T15:26+09:00 |
| jvndb-2023-000047 | Beekeeper Studio vulnerable to code injection | 2023-05-12T16:42+09:00 | 2024-05-24T16:17+09:00 |
| jvndb-2023-000043 | Multiple vulnerabilities in MicroEngine Mailform | 2023-05-10T13:57+09:00 | 2024-05-24T17:07+09:00 |
| jvndb-2023-001774 | Multiple vulnerabilities in SolarView Compact | 2023-05-09T16:09+09:00 | 2024-06-27T13:30+09:00 |
| jvndb-2023-000045 | WordPress Plugin "VK Blocks" and "VK All in One Expansion Unit" vulnerable to cross-site scripting | 2023-05-09T15:14+09:00 | 2024-05-24T17:05+09:00 |
| jvndb-2023-000042 | WordPress Plugin "Newsletter" vulnerable to cross-site scripting | 2023-05-09T14:42+09:00 | 2024-06-13T16:14+09:00 |
| jvndb-2023-000046 | SR-7100VN vulnerable to privilege escalation | 2023-05-09T13:58+09:00 | 2024-05-24T16:13+09:00 |
| jvndb-2023-000041 | LINE WORKS Drive Explorer vulnerable to code injection | 2023-05-08T15:16+09:00 | 2024-05-23T17:03+09:00 |
| ID | Description | Updated |
|---|