Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-rvq5-4f2h-pm6w | PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 contains an unauthenticated remote code execution vuln… | 2025-11-05T21:31:02Z | 2025-11-05T21:31:02Z |
| ghsa-h5hr-wq48-rq9c | OSSN (Open Source Social Network) 8.6 is vulnerable to SQL Injection in /action/rtcomments/status v… | 2025-11-05T21:31:02Z | 2025-11-07T00:30:28Z |
| ghsa-fwcq-rjr3-7rr9 | GOG Galaxy 2.0.0.2 suffers from Missing SSL Certificate Validation. An attacker who controls the lo… | 2025-11-05T21:31:02Z | 2025-11-07T00:30:28Z |
| ghsa-7gqw-xrp6-92rg | ** exclusively-hosted-service ** A Stored Cross-Site Scripting (XSS) vulnerability in the chat func… | 2025-11-05T21:31:02Z | 2025-11-05T21:31:02Z |
| ghsa-3q32-2fc9-c758 | A vulnerability in the XiaozhangBang Voluntary Like System V8.8 allows remote attackers to manipula… | 2025-11-05T21:31:02Z | 2025-11-05T21:31:02Z |
| ghsa-xx43-6j8m-vx2f | Quipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean identifi… | 2025-11-05T21:31:01Z | 2025-11-06T18:32:49Z |
| ghsa-vghq-cm29-427c | HCL iAutomate v6.5.1 and v6.5.2 is susceptible to a sensitive information disclosure. An HTTP GET … | 2025-11-05T21:31:01Z | 2025-11-05T21:31:02Z |
| ghsa-v698-c6j4-6m42 | A Stored Cross-Site Scripting (XSS) vulnerability in the chat functionality of the SelfBest platfor… | 2025-11-05T21:31:01Z | 2025-11-06T18:32:50Z |
| ghsa-rc63-xm4j-4f8h | A reflected cross-site scripting (XSS) vulnerability exists in the authentication endpoints of mult… | 2025-11-05T21:31:01Z | 2025-11-05T21:31:02Z |
| ghsa-qfqc-4pqq-rfmh | An arbitrary code execution vulnerability exists in multiple WSO2 products due to insufficient rest… | 2025-11-05T21:31:01Z | 2025-11-05T21:31:01Z |
| ghsa-9jrh-6qjc-j6p4 | Quipux 4.0.1 through e1774ac allows authenticated users to conduct SQL injection attacks via busque… | 2025-11-05T21:31:01Z | 2025-11-05T21:31:02Z |
| ghsa-96ff-3rwm-724g | A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS … | 2025-11-05T21:31:01Z | 2025-11-05T21:31:01Z |
| ghsa-8f5r-v3mh-q89r | Cross Site Scripting vulnerability in Quipux 4.0.1 through e1774ac allows anexos/anexos_nuevo.php a… | 2025-11-05T21:31:01Z | 2025-11-06T18:32:49Z |
| ghsa-4x6x-rggp-ff9q | A reflected cross-site scripting (XSS) vulnerability exists in the management console of multiple W… | 2025-11-05T21:31:01Z | 2025-11-05T21:31:02Z |
| ghsa-4h7f-6q5m-3p6f | A DOM-based Cross-Site Scripting (XSS) vulnerability in the SelfBest platform 2023.3 allows attacke… | 2025-11-05T21:31:01Z | 2025-11-06T18:32:50Z |
| ghsa-2vg5-px79-v62f | This issue was addressed by restricting options offered on a locked device. This issue is fixed in … | 2025-11-05T21:31:01Z | 2025-11-05T21:31:02Z |
| ghsa-wwqv-p2pp-99h5 | LangGraph Checkpoint affected by RCE in "json" mode of JsonPlusSerializer | 2025-11-05T19:52:50Z | 2025-11-07T21:55:55Z |
| ghsa-x4qj-2f4q-r4rx | Parse Server Vulnerable to Server-Side Request Forgery (SSRF) in File Upload via URI Format | 2025-11-05T19:52:27Z | 2025-11-07T20:31:43Z |
| ghsa-cpf4-pmr4-w6cx | IDOR Vulnerabilities in ZITADEL's Organization API allows Cross-Tenant Data Tempering | 2025-11-05T19:52:01Z | 2025-11-07T21:55:43Z |
| ghsa-gr35-vpx2-qxhc | Weblate leaks the IP of project member inviting user to be reviewer in Audit log | 2025-11-05T18:45:59Z | 2025-11-06T23:13:28Z |
| ghsa-vf95-55w6-qmrf | youki container escape and denial of service due to arbitrary write gadgets and procfs write redirects | 2025-11-05T18:45:18Z | 2025-11-06T15:29:58Z |
| ghsa-4g74-7cff-xcv8 | youki container escape via "masked path" abuse due to mount race conditions | 2025-11-05T18:44:18Z | 2025-11-06T15:29:34Z |
| ghsa-cgrx-mc8f-2prm | runc container escape and denial of service due to arbitrary write gadgets and procfs write redirects | 2025-11-05T18:40:40Z | 2025-11-07T12:31:34Z |
| ghsa-fvfq-q238-j7j3 | WSO2 Carbon Mediation vulnerable to XML External Entity (XXE) attacks | 2025-11-05T18:31:31Z | 2025-11-06T15:12:30Z |
| ghsa-fc89-q8rg-m49m | An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validat… | 2025-11-05T18:31:31Z | 2025-11-05T18:31:31Z |
| ghsa-6mv5-ch6p-7g97 | Tonec Internet Download Manager 6.42.41.1 and earlier suffers from Missing SSL Certificate Validati… | 2025-11-05T18:31:31Z | 2025-11-05T21:31:01Z |
| ghsa-x3h8-2mvf-vv78 | A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to… | 2025-11-05T17:48:29Z | 2025-11-05T17:48:29Z |
| ghsa-vhqc-4wgw-frfj | Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be exploi… | 2025-11-05T17:48:29Z | 2025-11-05T17:48:29Z |
| ghsa-vcvf-6gw2-rm4v | A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to… | 2025-11-05T17:48:29Z | 2025-11-05T17:48:29Z |
| ghsa-v789-p96v-5f4v | Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known p… | 2025-11-05T17:48:29Z | 2025-11-05T17:48:29Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-59556 | N/A | WordPress GoStore theme < 1.6.4 - Cross Site Scripting… |
skygroup |
GoStore |
2025-11-06T15:54:38.990Z | 2025-11-06T15:54:38.990Z |
| cve-2025-58998 | N/A | WordPress s2Member Plugin <= 250701 - PHP Object Injec… |
Cristián Lávaque |
s2Member |
2025-11-06T15:54:37.699Z | 2025-11-06T15:54:37.699Z |
| cve-2025-58996 | N/A | WordPress Advanced Settings Plugin <= 3.1.1 - Arbitrar… |
Helmut Wandl |
Advanced Settings |
2025-11-06T15:54:36.343Z | 2025-11-06T15:54:36.343Z |
| cve-2025-58995 | N/A | WordPress Leblix Theme <= 2.4 - Local File Inclusion V… |
Creatives_Planet |
Leblix |
2025-11-06T15:54:33.654Z | 2025-11-06T15:54:33.654Z |
| cve-2025-58994 | N/A | WordPress Greenify theme <= 2.2 - Local File Inclusion… |
designervily |
Greenify |
2025-11-06T15:54:32.378Z | 2025-11-06T15:54:32.378Z |
| cve-2025-58986 | N/A | WordPress Jock On Air Now (JOAN) plugin <= 6.0.4 - Bro… |
ganddser |
Jock On Air Now (JOAN) |
2025-11-06T15:54:30.961Z | 2025-11-06T15:54:30.961Z |
| cve-2025-58972 | N/A | WordPress Barcode Scanner with Inventory & Order Manag… |
Dmitry V. (CEO of "UKR Solution") |
Barcode Scanner with Inventory & Order Manager |
2025-11-06T15:54:30.300Z | 2025-11-06T15:54:30.300Z |
| cve-2025-58964 | N/A | WordPress Enzy theme < 1.6.4 - Cross Site Scripting (X… |
skygroup |
Enzy |
2025-11-06T15:54:29.627Z | 2025-11-06T15:54:29.627Z |
| cve-2025-58638 | N/A | WordPress Institutions Directory Plugin <= 1.3.3 - Cro… |
e-plugins |
Institutions Directory |
2025-11-06T15:54:28.161Z | 2025-11-06T15:54:28.161Z |
| cve-2025-58636 | N/A | WordPress WP Gravity Forms Keap/Infusionsoft Plugin <=… |
CRM Perks |
WP Gravity Forms Keap/Infusionsoft |
2025-11-06T15:54:26.970Z | 2025-11-06T15:54:26.970Z |
| cve-2025-58629 | N/A | WordPress Miraculous theme < 2.0.9 - Arbitrary Content… |
kamleshyadav |
Miraculous |
2025-11-06T15:54:25.101Z | 2025-11-06T15:54:25.101Z |
| cve-2025-58627 | N/A | WordPress Miraculous Core Plugin plugin < 2.0.9 - Inse… |
kamleshyadav |
Miraculous Core Plugin |
2025-11-06T15:54:23.943Z | 2025-11-06T15:54:23.943Z |
| cve-2025-58619 | N/A | WordPress Falang multilanguage Plugin <= 1.3.65 - PHP … |
sbouey |
Falang multilanguage |
2025-11-06T15:54:22.879Z | 2025-11-07T16:13:04.283Z |
| cve-2025-58595 | N/A | WordPress All In One Login plugin <= 2.0.8 - Bypass Vu… |
Saad Iqbal |
All In One Login |
2025-11-06T15:54:21.774Z | 2025-11-10T19:47:08.490Z |
| cve-2025-58592 | N/A | WordPress TranslatePress Plugin <= 2.10.2 - Deserializ… |
Cozmoslabs |
TranslatePress |
2025-11-06T15:54:20.550Z | 2025-11-07T15:56:17.602Z |
| cve-2025-58243 | N/A | WordPress imEvent Theme <= 3.4.0 - Broken Access Contr… |
Jthemes |
imEvent |
2025-11-06T15:54:19.824Z | 2025-11-06T16:15:30.261Z |
| cve-2025-58207 | N/A | WordPress Ai Image Alt Text Generator for WP Plugin <=… |
WP Messiah |
Ai Image Alt Text Generator for WP |
2025-11-06T15:54:19.210Z | 2025-11-06T16:19:34.849Z |
| cve-2025-5803 | N/A | WordPress VikBooking Hotel Booking Engine & PMS plugin… |
e4jvikwp |
VikBooking Hotel Booking Engine & PMS |
2025-11-06T15:54:18.609Z | 2025-11-10T19:47:13.884Z |
| cve-2025-54737 | N/A | WordPress Jobmonster theme <= 4.7.8 - Cross Site Scrip… |
NooTheme |
Jobmonster |
2025-11-06T15:54:17.806Z | 2025-11-06T16:21:42.168Z |
| cve-2025-54722 | N/A | WordPress WooTour plugin <= 3.6.3 - Cross Site Scripti… |
Ex-Themes |
WooTour |
2025-11-06T15:54:16.991Z | 2025-11-06T16:27:22.618Z |
| cve-2025-54721 | N/A | WordPress Resca theme <= 3.0.2 - Cross Site Scripting … |
ThimPress |
Resca |
2025-11-06T15:54:16.209Z | 2025-11-06T16:30:47.235Z |
| cve-2025-54719 | N/A | WordPress Yogi - Health Beauty & Yoga Theme <= 2.9.2 -… |
NooTheme |
Yogi - Health Beauty & Yoga |
2025-11-06T15:54:15.371Z | 2025-11-06T18:07:10.677Z |
| cve-2025-54718 | N/A | WordPress Yogi - Health Beauty & Yoga theme <= 2.9.2 -… |
NooTheme |
Yogi - Health Beauty & Yoga |
2025-11-06T15:54:14.634Z | 2025-11-06T19:48:15.891Z |
| cve-2025-54711 | N/A | WordPress Info Cards Plugin <= 1.0.11 - Broken Access … |
bPlugins |
Info Cards |
2025-11-06T15:54:14.029Z | 2025-11-07T20:38:27.602Z |
| cve-2025-53586 | N/A | WordPress WeMusic Theme <= 1.9.1 - PHP Object Injectio… |
NooTheme |
WeMusic |
2025-11-06T15:54:13.387Z | 2025-11-10T19:47:21.249Z |
| cve-2025-53585 | N/A | WordPress WeMusic theme <= 1.9.1 - Cross Site Scriptin… |
NooTheme |
WeMusic |
2025-11-06T15:54:12.787Z | 2025-11-07T19:41:15.613Z |
| cve-2025-53574 | N/A | WordPress Doliconnect Plugin <= 9.3.2 - Cross Site Scr… |
ptibogxiv |
Doliconnect |
2025-11-06T15:54:11.607Z | 2025-11-10T19:47:28.207Z |
| cve-2025-53573 | N/A | WordPress Epic Review Plugin <= 1.0.2 - Cross Site Scr… |
jegtheme |
Epic Review |
2025-11-06T15:54:10.426Z | 2025-11-07T13:21:38.978Z |
| cve-2025-53349 | N/A | WordPress Kalium Theme <= 3.18.3 - Cross Site Scriptin… |
Laborator |
Kalium |
2025-11-06T15:54:06.581Z | 2025-11-10T19:47:34.159Z |
| cve-2025-53324 | N/A | WordPress Gutenify Plugin <= 1.5.7 - Cross Site Script… |
CodeYatri |
Gutenify |
2025-11-06T15:54:05.737Z | 2025-11-10T19:47:40.684Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-60199 | N/A | WordPress InHype - Blog & Magazine WordPress Theme the… |
dedalx |
InHype - Blog & Magazine WordPress Theme |
2025-11-06T15:54:56.700Z | 2025-11-06T17:44:09.601Z |
| cve-2025-60198 | N/A | WordPress Saxon - Viral Content Blog & Magazine Market… |
dedalx |
Saxon - Viral Content Blog & Magazine Marketing WordPress Theme |
2025-11-06T15:54:55.955Z | 2025-11-06T17:45:02.935Z |
| cve-2025-60197 | N/A | WordPress Simple Contact Forms plugin <= 1.6.4 - Local… |
owenr88 |
Simple Contact Forms |
2025-11-06T15:54:54.553Z | 2025-11-06T17:45:51.893Z |
| cve-2025-60196 | N/A | WordPress Clearblue® Ovulation Calculator plugin <= 1.… |
Clearblue |
Clearblue® Ovulation Calculator |
2025-11-06T15:54:52.172Z | 2025-11-06T19:42:52.437Z |
| cve-2025-60195 | N/A | WordPress Atarim plugin <= 4.2 - Privilege Escalation … |
Vito Peleg |
Atarim |
2025-11-06T15:54:51.541Z | 2025-11-06T19:46:32.722Z |
| cve-2025-60194 | N/A | WordPress Premmerce Product Search for WooCommerce plu… |
Premmerce |
Premmerce Product Search for WooCommerce |
2025-11-06T15:54:50.878Z | 2025-11-06T20:02:04.425Z |
| cve-2025-60193 | N/A | WordPress Premmerce User Roles plugin <= 1.0.13 - Loca… |
Premmerce |
Premmerce User Roles |
2025-11-06T15:54:49.770Z | 2025-11-06T20:01:26.912Z |
| cve-2025-60192 | N/A | WordPress Premmerce Wholesale Pricing for WooCommerce … |
Premmerce |
Premmerce Wholesale Pricing for WooCommerce |
2025-11-06T15:54:49.257Z | 2025-11-06T19:57:53.547Z |
| cve-2025-60191 | N/A | WordPress Premmerce Wishlist for WooCommerce plugin <=… |
Premmerce |
Premmerce Wishlist for WooCommerce |
2025-11-06T15:54:48.713Z | 2025-11-06T21:19:06.815Z |
| cve-2025-60190 | N/A | WordPress Immocaster WordPress Plugin plugin <= 1.3.6 … |
Hinnerk Altenburg |
Immocaster WordPress Plugin |
2025-11-06T15:54:48.157Z | 2025-11-06T21:20:06.464Z |
| cve-2025-60189 | N/A | WordPress PoloPag – Pix Automático para Woocommerce pl… |
PoloPag |
PoloPag – Pix Automático para Woocommerce |
2025-11-06T15:54:47.579Z | 2025-11-06T15:54:47.579Z |
| cve-2025-60188 | N/A | WordPress Atarim plugin <= 4.2 - Sensitive Data Exposu… |
Vito Peleg |
Atarim |
2025-11-06T15:54:46.469Z | 2025-11-06T15:54:46.469Z |
| cve-2025-60187 | N/A | WordPress Atarim plugin <= 4.2 - Arbitrary File Upload… |
Vito Peleg |
Atarim |
2025-11-06T15:54:45.484Z | 2025-11-06T21:29:17.523Z |
| cve-2025-60074 | N/A | WordPress Lazy Load Optimizer plugin <= 1.4.7 - Local … |
Processby |
Lazy Load Optimizer |
2025-11-06T15:54:43.533Z | 2025-11-06T21:30:24.551Z |
| cve-2025-60073 | N/A | WordPress Responsive Sidebar plugin <= 1.2.2 - Local F… |
Processby |
Responsive Sidebar |
2025-11-06T15:54:42.201Z | 2025-11-06T15:54:42.201Z |
| cve-2025-5803 | N/A | WordPress VikBooking Hotel Booking Engine & PMS plugin… |
e4jvikwp |
VikBooking Hotel Booking Engine & PMS |
2025-11-06T15:54:18.609Z | 2025-11-10T19:47:13.884Z |
| cve-2025-59556 | N/A | WordPress GoStore theme < 1.6.4 - Cross Site Scripting… |
skygroup |
GoStore |
2025-11-06T15:54:38.990Z | 2025-11-06T15:54:38.990Z |
| cve-2025-59392 | N/A | On Elspec G5 devices through 1.2.2.19, a person w… |
n/a |
n/a |
2025-11-06T00:00:00.000Z | 2025-11-06T16:38:10.176Z |
| cve-2025-58998 | N/A | WordPress s2Member Plugin <= 250701 - PHP Object Injec… |
Cristián Lávaque |
s2Member |
2025-11-06T15:54:37.699Z | 2025-11-06T15:54:37.699Z |
| cve-2025-58996 | N/A | WordPress Advanced Settings Plugin <= 3.1.1 - Arbitrar… |
Helmut Wandl |
Advanced Settings |
2025-11-06T15:54:36.343Z | 2025-11-06T15:54:36.343Z |
| cve-2025-58995 | N/A | WordPress Leblix Theme <= 2.4 - Local File Inclusion V… |
Creatives_Planet |
Leblix |
2025-11-06T15:54:33.654Z | 2025-11-06T15:54:33.654Z |
| cve-2025-58994 | N/A | WordPress Greenify theme <= 2.2 - Local File Inclusion… |
designervily |
Greenify |
2025-11-06T15:54:32.378Z | 2025-11-06T15:54:32.378Z |
| cve-2025-58986 | N/A | WordPress Jock On Air Now (JOAN) plugin <= 6.0.4 - Bro… |
ganddser |
Jock On Air Now (JOAN) |
2025-11-06T15:54:30.961Z | 2025-11-06T15:54:30.961Z |
| cve-2025-58972 | N/A | WordPress Barcode Scanner with Inventory & Order Manag… |
Dmitry V. (CEO of "UKR Solution") |
Barcode Scanner with Inventory & Order Manager |
2025-11-06T15:54:30.300Z | 2025-11-06T15:54:30.300Z |
| cve-2025-58964 | N/A | WordPress Enzy theme < 1.6.4 - Cross Site Scripting (X… |
skygroup |
Enzy |
2025-11-06T15:54:29.627Z | 2025-11-06T15:54:29.627Z |
| cve-2025-58638 | N/A | WordPress Institutions Directory Plugin <= 1.3.3 - Cro… |
e-plugins |
Institutions Directory |
2025-11-06T15:54:28.161Z | 2025-11-06T15:54:28.161Z |
| cve-2025-58636 | N/A | WordPress WP Gravity Forms Keap/Infusionsoft Plugin <=… |
CRM Perks |
WP Gravity Forms Keap/Infusionsoft |
2025-11-06T15:54:26.970Z | 2025-11-06T15:54:26.970Z |
| cve-2025-58629 | N/A | WordPress Miraculous theme < 2.0.9 - Arbitrary Content… |
kamleshyadav |
Miraculous |
2025-11-06T15:54:25.101Z | 2025-11-06T15:54:25.101Z |
| cve-2025-58627 | N/A | WordPress Miraculous Core Plugin plugin < 2.0.9 - Inse… |
kamleshyadav |
Miraculous Core Plugin |
2025-11-06T15:54:23.943Z | 2025-11-06T15:54:23.943Z |
| cve-2025-58619 | N/A | WordPress Falang multilanguage Plugin <= 1.3.65 - PHP … |
sbouey |
Falang multilanguage |
2025-11-06T15:54:22.879Z | 2025-11-07T16:13:04.283Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-97047 | Malicious code in traditional_lizard_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97046 | Malicious code in traditional_finch_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97045 | Malicious code in toxic_whitefish_requirement (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97044 | Malicious code in toxic_trout_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97043 | Malicious code in toxic_sailfish_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97042 | Malicious code in toxic_duck_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97041 | Malicious code in toxic_cuckoo_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97040 | Malicious code in tough_wombat_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97039 | Malicious code in tough_toucan_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97038 | Malicious code in tough_tarsier_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97037 | Malicious code in tough_louse_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97036 | Malicious code in tough_krill_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97035 | Malicious code in total_seahorse_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97034 | Malicious code in tory_stingray_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97033 | Malicious code in tory_mosquito_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97032 | Malicious code in tory_louse_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97031 | Malicious code in tory_eagle_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97030 | Malicious code in tory_buzzard_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97029 | Malicious code in top_unicorn_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97028 | Malicious code in top_hummingbird_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97027 | Malicious code in tired_worm_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97026 | Malicious code in tired_viper_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97025 | Malicious code in tired_parrotfish_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97024 | Malicious code in tired_mollusk_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97023 | Malicious code in tired_hoverfly_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97022 | Malicious code in tired_fish_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97021 | Malicious code in tired_emu_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97020 | Malicious code in tiny_sailfish_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97019 | Malicious code in tiny_blackbird_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| mal-2025-97018 | Malicious code in tight_sole_z3n (npm) | 2025-11-11T05:18:27Z | 2025-11-11T05:18:27Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:15814 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.17 OpenShift Jenkins security update | 2025-09-15T15:09:15+00:00 | 2025-11-06T23:42:17+00:00 |
| rhsa-2025:15816 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 OpenShift Jenkins security update | 2025-09-15T15:05:00+00:00 | 2025-11-06T23:42:17+00:00 |
| rhsa-2025:15817 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.15 OpenShift Jenkins security update | 2025-09-15T15:04:50+00:00 | 2025-11-06T23:42:17+00:00 |
| rhsa-2025:15812 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.19 OpenShift Jenkins security update | 2025-09-15T15:03:43+00:00 | 2025-11-06T23:42:17+00:00 |
| rhsa-2025:15811 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.16 OpenShift Jenkins security update | 2025-09-15T15:03:16+00:00 | 2025-11-06T23:42:21+00:00 |
| rhsa-2025:15810 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.18 OpenShift Jenkins security update | 2025-09-15T14:44:55+00:00 | 2025-11-06T23:42:17+00:00 |
| rhsa-2025:15815 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.13 OpenShift Jenkins security update | 2025-09-15T14:44:44+00:00 | 2025-11-06T23:42:17+00:00 |
| rhsa-2025:15813 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 OpenShift Jenkins security update | 2025-09-15T14:44:30+00:00 | 2025-11-06T23:42:17+00:00 |
| rhsa-2025:15800 | Red Hat Security Advisory: python3.9 security update | 2025-09-15T14:24:25+00:00 | 2025-11-07T10:53:29+00:00 |
| rhsa-2025:15798 | Red Hat Security Advisory: kpatch-patch-5_14_0-570_17_1 and kpatch-patch-5_14_0-570_39_1 security update | 2025-09-15T13:36:15+00:00 | 2025-11-08T07:17:14+00:00 |
| rhsa-2025:15785 | Red Hat Security Advisory: kernel security update | 2025-09-15T10:45:25+00:00 | 2025-11-10T17:57:00+00:00 |
| rhsa-2025:15782 | Red Hat Security Advisory: kernel security update | 2025-09-15T10:31:30+00:00 | 2025-11-08T07:17:13+00:00 |
| rhsa-2025:15786 | Red Hat Security Advisory: kernel-rt security update | 2025-09-15T10:24:20+00:00 | 2025-11-08T07:17:14+00:00 |
| rhsa-2025:15771 | Red Hat Security Advisory: RHACS 4.8.4 security and bug fix update | 2025-09-15T08:25:16+00:00 | 2025-11-08T07:17:52+00:00 |
| rhsa-2025:15740 | Red Hat Security Advisory: kernel security update | 2025-09-15T08:24:54+00:00 | 2025-11-06T23:14:53+00:00 |
| rhsa-2025:15728 | Red Hat Security Advisory: aide security update | 2025-09-15T01:29:59+00:00 | 2025-11-06T23:42:16+00:00 |
| rhsa-2025:15729 | Red Hat Security Advisory: webkitgtk4 security update | 2025-09-15T01:29:39+00:00 | 2025-11-06T23:14:52+00:00 |
| rhsa-2025:15727 | Red Hat Security Advisory: mod_http2 security update | 2025-09-15T01:29:19+00:00 | 2025-11-06T23:42:16+00:00 |
| rhsa-2025:15726 | Red Hat Security Advisory: mod_http2 security update | 2025-09-15T01:26:54+00:00 | 2025-11-06T23:42:16+00:00 |
| rhsa-2025:15724 | Red Hat Security Advisory: python3.9 security update | 2025-09-15T01:26:54+00:00 | 2025-11-07T10:53:34+00:00 |
| rhsa-2025:15725 | Red Hat Security Advisory: mod_http2 security update | 2025-09-15T01:25:19+00:00 | 2025-11-06T23:42:15+00:00 |
| rhsa-2025:15723 | Red Hat Security Advisory: python-requests security update | 2025-09-15T01:16:24+00:00 | 2025-11-06T23:59:21+00:00 |
| rhsa-2025:15717 | Red Hat Security Advisory: Red Hat Single Sign-On 7.6.12 security update | 2025-09-11T19:39:47+00:00 | 2025-11-07T20:55:54+00:00 |
| rhsa-2025:15700 | Red Hat Security Advisory: cups security update | 2025-09-11T16:22:20+00:00 | 2025-11-06T23:42:17+00:00 |
| rhsa-2025:15702 | Red Hat Security Advisory: cups security update | 2025-09-11T16:10:25+00:00 | 2025-11-06T23:42:15+00:00 |
| rhsa-2025:15701 | Red Hat Security Advisory: cups security update | 2025-09-11T16:07:45+00:00 | 2025-11-06T23:42:15+00:00 |
| rhsa-2025:15709 | Red Hat Security Advisory: Red Hat OpenShift sandboxed containers release | 2025-09-11T15:29:48+00:00 | 2025-11-06T23:42:15+00:00 |
| rhsa-2025:15697 | Red Hat Security Advisory: Streams for Apache Kafka 2.9.2 release and security update | 2025-09-11T15:16:59+00:00 | 2025-11-07T20:55:54+00:00 |
| rhsa-2025:15698 | Red Hat Security Advisory: httpd:2.4 security update | 2025-09-11T14:40:49+00:00 | 2025-11-07T10:53:52+00:00 |
| rhsa-2025:15699 | Red Hat Security Advisory: mysql-selinux and mysql8.4 security update | 2025-09-11T14:40:48+00:00 | 2025-11-06T23:14:56+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-38630 | fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref | 2025-08-02T00:00:00.000Z | 2025-09-03T22:31:45.000Z |
| msrc_cve-2025-38627 | f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic | 2025-08-02T00:00:00.000Z | 2025-09-03T22:29:12.000Z |
| msrc_cve-2025-38626 | f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode | 2025-08-02T00:00:00.000Z | 2025-09-03T22:39:41.000Z |
| msrc_cve-2025-38625 | vfio/pds: Fix missing detach_ioas op | 2025-08-02T00:00:00.000Z | 2025-09-03T22:57:09.000Z |
| msrc_cve-2025-38624 | PCI: pnv_php: Clean up allocated IRQs on unplug | 2025-08-02T00:00:00.000Z | 2025-09-03T23:05:30.000Z |
| msrc_cve-2025-38623 | PCI: pnv_php: Fix surprise plug detection and recovery | 2025-08-02T00:00:00.000Z | 2025-09-03T22:54:25.000Z |
| msrc_cve-2025-38622 | net: drop UFO packets in udp_rcv_segment() | 2025-08-02T00:00:00.000Z | 2025-09-03T22:26:54.000Z |
| msrc_cve-2025-38618 | vsock: Do not allow binding to VMADDR_PORT_ANY | 2025-08-02T00:00:00.000Z | 2025-09-03T22:21:41.000Z |
| msrc_cve-2025-38617 | net/packet: fix a race in packet_set_ring() and packet_notifier() | 2025-08-02T00:00:00.000Z | 2025-09-03T22:34:22.000Z |
| msrc_cve-2025-38616 | tls: handle data disappearing from under the TLS ULP | 2025-08-02T00:00:00.000Z | 2025-09-03T23:26:07.000Z |
| msrc_cve-2025-38615 | fs/ntfs3: cancle set bad inode after removing name fails | 2025-08-02T00:00:00.000Z | 2025-09-04T04:28:48.000Z |
| msrc_cve-2025-38614 | eventpoll: Fix semi-unbounded recursion | 2025-08-02T00:00:00.000Z | 2025-09-04T04:39:23.000Z |
| msrc_cve-2025-38612 | staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() | 2025-08-02T00:00:00.000Z | 2025-09-04T03:51:07.000Z |
| msrc_cve-2025-38611 | vmci: Prevent the dispatching of uninitialized payloads | 2025-08-02T00:00:00.000Z | 2025-09-04T03:38:53.000Z |
| msrc_cve-2025-38610 | powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() | 2025-08-02T00:00:00.000Z | 2025-09-04T02:51:36.000Z |
| msrc_cve-2025-38609 | PM / devfreq: Check governor before using governor->name | 2025-08-02T00:00:00.000Z | 2025-09-04T03:11:58.000Z |
| msrc_cve-2025-38608 | bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls | 2025-08-02T00:00:00.000Z | 2025-09-04T02:59:49.000Z |
| msrc_cve-2025-38605 | wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() | 2025-08-02T00:00:00.000Z | 2025-09-04T03:28:14.000Z |
| msrc_cve-2025-38604 | wifi: rtl818x: Kill URBs before clearing tx status queue | 2025-08-02T00:00:00.000Z | 2025-09-04T02:44:21.000Z |
| msrc_cve-2025-38602 | iwlwifi: Add missing check for alloc_ordered_workqueue | 2025-08-02T00:00:00.000Z | 2025-09-04T02:35:35.000Z |
| msrc_cve-2025-38601 | wifi: ath11k: clear initialized flag for deinit-ed srng lists | 2025-08-02T00:00:00.000Z | 2025-09-04T04:02:55.000Z |
| msrc_cve-2025-38593 | Bluetooth: hci_sync: fix double free in 'hci_discovery_filter_clear()' | 2025-08-02T00:00:00.000Z | 2025-09-04T04:11:00.000Z |
| msrc_cve-2025-38591 | bpf: Reject narrower access to pointer ctx fields | 2025-08-02T00:00:00.000Z | 2025-09-04T02:32:08.000Z |
| msrc_cve-2025-38590 | net/mlx5e: Remove skb secpath if xfrm state is not found | 2025-08-02T00:00:00.000Z | 2025-09-04T02:47:43.000Z |
| msrc_cve-2025-38585 | staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() | 2025-08-02T00:00:00.000Z | 2025-09-04T03:03:20.000Z |
| msrc_cve-2025-38584 | padata: Fix pd UAF once and for all | 2025-08-02T00:00:00.000Z | 2025-09-04T04:21:24.000Z |
| msrc_cve-2025-38583 | clk: xilinx: vcu: unregister pll_post only if registered correctly | 2025-08-02T00:00:00.000Z | 2025-09-04T04:35:56.000Z |
| msrc_cve-2025-38581 | crypto: ccp - Fix crash when rebind ccp device for ccp.ko | 2025-08-02T00:00:00.000Z | 2025-09-04T03:53:45.000Z |
| msrc_cve-2025-38579 | f2fs: fix KMSAN uninit-value in extent_info usage | 2025-08-02T00:00:00.000Z | 2025-09-04T02:39:27.000Z |
| msrc_cve-2025-38578 | f2fs: fix to avoid UAF in f2fs_sync_inode_meta() | 2025-08-02T00:00:00.000Z | 2025-09-04T04:25:05.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2023-000044 | JINS MEME CORE uses a hard-coded cryptographic key | 2023-05-08T15:13+09:00 | 2024-06-13T16:19+09:00 |
| jvndb-2023-001639 | Heap-based buffer overflow vulnerability in OMRON CX-Drive | 2023-04-25T14:31+09:00 | 2024-05-27T18:11+09:00 |
| jvndb-2023-000040 | WordPress Plugin "Appointment and Event Booking Calendar for WordPress - Amelia" vulnerable to cross-site scripting | 2023-04-24T13:41+09:00 | 2024-05-28T16:59+09:00 |
| jvndb-2023-000035 | Improper restriction of XML external entity references (XXE) in Shinseiyo Sogo Soft | 2023-04-19T14:49+09:00 | 2024-05-29T16:58+09:00 |
| jvndb-2023-000039 | WordPress plugin "LIQUID SPEECH BALLOON" vulnerable to cross-site request forgery | 2023-04-19T14:24+09:00 | 2024-05-28T16:56+09:00 |
| jvndb-2023-000038 | EC-CUBE plugin "NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series)" vulnerable to authentication bypass | 2023-04-19T14:06+09:00 | 2024-05-30T15:11+09:00 |
| jvndb-2023-001534 | Security Issues in FINS protocol | 2023-04-18T13:58+09:00 | 2024-05-23T17:35+09:00 |
| jvndb-2023-000037 | Joruri Gw vulnerable to cross-site scripting | 2023-04-17T14:19+09:00 | 2024-05-30T16:19+09:00 |
| jvndb-2023-000036 | API server of TONE Family vulnerable to authentication bypass using an alternate path | 2023-04-17T14:04+09:00 | 2023-04-17T14:04+09:00 |
| jvndb-2023-000034 | JB Inquiry form vulnerable to exposure of private personal information to an unauthorized actor | 2023-04-14T15:48+09:00 | 2024-05-29T16:44+09:00 |
| jvndb-2023-000033 | Trend Micro Security may insecurely load Dynamic Link Libraries | 2023-04-14T15:44+09:00 | 2024-04-26T17:48+09:00 |
| jvndb-2023-001493 | Multiple mobile printing apps for Android vulnerable to improper intent handling | 2023-04-13T11:09+09:00 | 2024-05-30T15:48+09:00 |
| jvndb-2023-001492 | Vulnerability in JP1/VERITAS | 2023-04-12T15:01+09:00 | 2023-04-12T15:01+09:00 |
| jvndb-2023-001411 | Yokogawa Electric CENTUM series vulnerable to cleartext storage of sensitive information | 2023-04-06T14:59+09:00 | 2024-05-29T18:23+09:00 |
| jvndb-2023-000032 | Improper restriction of XML external entity references (XXE) in National land numerical information data conversion tool | 2023-04-04T15:22+09:00 | 2024-06-04T15:56+09:00 |
| jvndb-2023-000031 | Multiple vulnerabilities in JustSystems products | 2023-04-04T15:22+09:00 | 2024-05-29T17:32+09:00 |
| jvndb-2023-001402 | JTEKT ELECTRONIC Screen Creator Advance 2 vulnerable to improper restriction of operations within the bounds of a memory buffer | 2023-04-03T16:24+09:00 | 2024-06-04T17:15+09:00 |
| jvndb-2023-001400 | CONPROSYS HMI System(CHS) vulnerable to SQL injection | 2023-04-03T16:19+09:00 | 2023-04-03T16:19+09:00 |
| jvndb-2023-000030 | HAProxy vulnerable to HTTP request/response smuggling | 2023-03-31T15:54+09:00 | 2024-06-04T16:17+09:00 |
| jvndb-2023-000029 | Multiple vulnerabilities in Seiko Solutions SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210 | 2023-03-31T15:54+09:00 | 2024-05-27T17:08+09:00 |
| jvndb-2023-000028 | baserCMS vulnerable to arbitrary file uploads | 2023-03-27T13:39+09:00 | 2024-06-06T17:31+09:00 |
| jvndb-2023-000027 | ELECOM WAB-MAT registers its windows service executable with an unquoted file path | 2023-03-24T14:35+09:00 | 2024-06-03T17:36+09:00 |
| jvndb-2023-001320 | Multiple vulnerabilities in Contec CONPROSYS IoT Gateway products | 2023-03-22T13:41+09:00 | 2024-06-04T17:00+09:00 |
| jvndb-2023-000025 | TP-Link T2600G-28SQ uses vulnerable SSH host keys | 2023-03-17T12:27+09:00 | 2024-06-04T16:58+09:00 |
| jvndb-2023-000024 | Android App "Wolt Delivery: Food and more" uses a hard-coded API key for an external service | 2023-03-13T12:28+09:00 | 2024-06-03T17:15+09:00 |
| jvndb-2023-001308 | Multiple vulnerabilities in Buffalo network devices | 2023-03-08T15:12+09:00 | 2024-06-04T16:42+09:00 |
| jvndb-2023-000022 | Multiple vulnerabilities in SEIKO EPSON printers/network interface Web Config | 2023-03-08T15:09+09:00 | 2024-06-03T17:36+09:00 |
| jvndb-2023-001304 | Multiple vulnerabilities in JTEKT ELECTRONICS Kostac PLC Programming Software | 2023-03-06T15:31+09:00 | 2024-06-07T16:39+09:00 |
| jvndb-2023-000023 | Multiple vulnerabilities in PostgreSQL extension module pg_ivm | 2023-03-06T15:22+09:00 | 2024-06-10T16:41+09:00 |
| jvndb-2023-001291 | Multiple vulnerabilities in Trend Micro Maximum Security | 2023-03-03T11:10+09:00 | 2024-06-13T17:06+09:00 |
| ID | Description | Updated |
|---|