Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-qmf6-23g2-95xp | A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an… | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-hxgr-h468-wf97 | A security vulnerability has been detected in code-projects Refugee Food Management System 1.0. Thi… | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-hh4w-cc4q-rp64 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-gg4j-vv7g-h3f6 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-fjmr-7667-8v4p | To prevent unexpected untrusted code execution, the Visual Studio Code Go extension is now disabled… | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-fcr8-c3fr-779m | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-863c-m9f2-hgxh | Insertion of Sensitive Information Into Sent Data vulnerability in weDevs WP Project Manager wedevs… | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-6w33-8qh2-c7jv | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-5884-m867-xg58 | Missing Authorization vulnerability in wpdive Better Elementor Addons allows Exploiting Incorrectly… | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-3wm7-jw5g-v3gq | Missing Authorization vulnerability in Emraan Cheema CubeWP allows Accessing Functionality Not Prop… | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-ww9v-567h-hcvj | A security flaw has been discovered in code-projects Refugee Food Management System 1.0. Affected b… | 2025-12-30T00:32:58Z | 2025-12-30T00:32:59Z |
| ghsa-qwx9-mmhx-chg8 | Missing Authorization vulnerability in Crocoblock JetBlog allows Exploiting Incorrectly Configured … | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-p3hp-24mv-wr6w | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-m6vw-2qvg-8xgj | Authentication Bypass Using an Alternate Path or Channel vulnerability in Mobile Builder Mobile bui… | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-hfg8-jg35-3hqr | A vulnerability has been found in Campcodes Supplier Management System 1.0. Affected is an unknown … | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-cjpf-7pxx-hqc7 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-94f7-w8j3-ppqr | Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a W… | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-786g-jpf2-55wg | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:58Z | 2025-12-30T00:32:59Z |
| ghsa-4x3m-m7qg-rjvc | A flaw has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function… | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-29xr-58g9-8qfq | Authorization Bypass Through User-Controlled Key vulnerability in Crocoblock JetPopup allows Exploi… | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-2844-9647-m4rw | Vulnerability in CodexThemes TheGem (Elementor), CodexThemes TheGem (WPBakery).This issue affects T… | 2025-12-30T00:32:58Z | 2025-12-30T00:32:59Z |
| ghsa-cffc-mxrf-mhh4 | Picklescan is vulnerable to RCE via missing detection when calling numpy.f2py.crackfortran.param_eval | 2025-12-29T22:44:26Z | 2025-12-29T22:44:27Z |
| ghsa-jv8r-hv7q-p6vc | phpMyFAQ has Stored XSS in user list via admin-managed display_name | 2025-12-29T22:12:35Z | 2025-12-29T22:12:35Z |
| ghsa-vvxf-wj5w-6gj5 | hemmelig allows SSRF Filter bypass via Secret Request functionality | 2025-12-29T21:31:04Z | 2025-12-29T21:31:04Z |
| ghsa-g3j9-h256-3c38 | A vulnerability was identified in code-projects Student File Management System 1.0. Affected by thi… | 2025-12-29T21:30:26Z | 2025-12-29T21:30:26Z |
| ghsa-wgr2-qr2w-94qw | givanz VvvebJs 1.7.2 suffers from a File Upload vulnerability via save.php. | 2025-12-29T21:30:25Z | 2025-12-29T21:30:25Z |
| ghsa-w5v4-r6mh-235c | A vulnerability in the SSH server of TP-Link TL-WR820N v2.80 allows the use of a weak cryptographic… | 2025-12-29T21:30:25Z | 2025-12-29T21:30:25Z |
| ghsa-w2wc-5vr8-f58p | A vulnerability has been found in SohuTV CacheCloud up to 3.2.0. This affects the function taskQueu… | 2025-12-29T21:30:25Z | 2025-12-29T21:30:25Z |
| ghsa-q38m-7hwc-v39w | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/d… | 2025-12-29T21:30:25Z | 2025-12-31T18:30:23Z |
| ghsa-m3w5-5pmv-9m9q | A vulnerability was determined in SohuTV CacheCloud up to 3.2.0. Affected is the function doQuartzL… | 2025-12-29T21:30:25Z | 2025-12-29T21:30:26Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-15232 | Tenda M3 setAdPushInfo formSetAdPushInfo stack-based o… |
Tenda |
M3 |
2025-12-30T07:32:09.836Z | 2025-12-30T14:48:12.802Z | |
| cve-2025-15231 | Tenda M3 setVlanInfo formSetRemoteVlanInfo stack-based… |
Tenda |
M3 |
2025-12-30T07:02:06.664Z | 2025-12-30T14:48:44.393Z | |
| cve-2025-15230 | Tenda M3 setVlanPolicyData formSetVlanPolicy heap-base… |
Tenda |
M3 |
2025-12-30T06:32:07.597Z | 2025-12-30T14:50:28.070Z | |
| cve-2025-15229 | Tenda CH22 DhcpListClient fromDhcpListClient denial of… |
Tenda |
CH22 |
2025-12-30T06:02:07.970Z | 2025-12-30T14:51:09.821Z | |
| cve-2025-14313 | N/A | Advance WP Query Search Filter <= 1.0.10 - Reflected X… |
Unknown |
Advance WP Query Search Filter |
2025-12-30T06:00:04.941Z | 2025-12-30T15:59:50.222Z |
| cve-2025-14312 | N/A | Advance WP Query Search Filter <= 1.0.10 - Reflected X… |
Unknown |
Advance WP Query Search Filter |
2025-12-30T06:00:03.998Z | 2025-12-30T15:59:06.324Z |
| cve-2025-15222 | Dromara Sa-Token SaSerializerTemplateForJdkUseBase64.j… |
Dromara |
Sa-Token |
2025-12-30T05:32:05.705Z | 2025-12-30T14:56:32.958Z | |
| cve-2025-15221 | SohuTV CacheCloud AppDataMigrateController.java index … |
SohuTV |
CacheCloud |
2025-12-30T05:02:05.317Z | 2025-12-30T15:08:29.719Z | |
| cve-2025-15220 | SohuTV CacheCloud LoginController.java init cross site… |
SohuTV |
CacheCloud |
2025-12-30T04:32:07.020Z | 2025-12-30T15:23:53.739Z | |
| cve-2025-15219 | SohuTV CacheCloud MachineManageController.java doPodLi… |
SohuTV |
CacheCloud |
2025-12-30T04:02:07.018Z | 2025-12-30T15:37:03.221Z | |
| cve-2025-15218 | Tenda AC10U POST Request Parameter AdvSetLanip fromadv… |
Tenda |
AC10U |
2025-12-30T03:32:08.254Z | 2025-12-30T15:37:55.493Z | |
| cve-2025-15217 | Tenda AC23 HTTP POST Request formSetPPTPUserList buffe… |
Tenda |
AC23 |
2025-12-30T03:02:07.501Z | 2025-12-30T18:45:25.252Z | |
| cve-2025-15216 | Tenda AC23 SetIpMacBind fromSetIpMacBind stack-based o… |
Tenda |
AC23 |
2025-12-30T02:32:08.203Z | 2025-12-30T18:45:52.248Z | |
| cve-2025-15215 | Tenda AC10U HTTP POST Request setPptpUserList formSetP… |
Tenda |
AC10U |
2025-12-30T02:02:08.414Z | 2025-12-30T18:46:13.307Z | |
| cve-2025-15214 | Campcodes Park Ticketing System admin_class.php save_p… |
Campcodes |
Park Ticketing System |
2025-12-30T01:32:07.496Z | 2025-12-30T18:46:38.082Z | |
| cve-2025-69235 | N/A | Whale browser before 4.35.351.12 allows an attack… |
NAVER |
NAVER Whale browser |
2025-12-30T01:22:57.770Z | 2025-12-31T17:15:35.598Z |
| cve-2025-69234 | N/A | Whale browser before 4.35.351.12 allows an attack… |
NAVER |
NAVER Whale browser |
2025-12-30T01:18:05.718Z | 2025-12-31T17:17:34.260Z |
| cve-2025-15213 | code-projects Student File Management System File Down… |
code-projects |
Student File Management System |
2025-12-30T01:02:07.571Z | 2025-12-30T18:47:10.060Z | |
| cve-2025-69217 | Coturn has unsafe nonce and relay port randomization d… |
coturn |
coturn |
2025-12-30T00:41:18.792Z | 2025-12-30T15:57:25.040Z | |
| cve-2025-15212 | code-projects Refugee Food Management System regfood.p… |
code-projects |
Refugee Food Management System |
2025-12-30T00:32:06.172Z | 2025-12-30T18:47:27.338Z | |
| cve-2025-15211 | code-projects Refugee Food Management System refugee.p… |
code-projects |
Refugee Food Management System |
2025-12-30T00:02:07.439Z | 2025-12-30T18:47:48.669Z | |
| cve-2025-66848 | N/A | JD Cloud NAS routers AX1800 (4.3.1.r4308 and earl… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T17:04:56.353Z |
| cve-2025-66835 | N/A | TrueConf Client 8.5.2 is vulnerable to DLL hijack… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T18:26:04.210Z |
| cve-2025-66834 | N/A | A CSV Formula Injection vulnerability in TrueConf… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T18:34:56.946Z |
| cve-2025-66824 | N/A | A Stored Cross-Site Scripting (XSS) vulnerability… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T18:52:27.447Z |
| cve-2025-66823 | N/A | An HTML Injection vulnerability in TrueConf serve… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T19:41:11.937Z |
| cve-2025-66723 | N/A | inMusic Brands Engine DJ 4.3.0 suffers from Insec… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T20:26:26.850Z |
| cve-2025-65925 | N/A | An issue was discovered in Zeroheight (SaaS) prio… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T16:27:34.310Z |
| cve-2025-65411 | N/A | A NULL pointer dereference in the src/path.c comp… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T17:39:43.714Z |
| cve-2025-65409 | N/A | A divide-by-zero in the encryption/decryption rou… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T17:46:21.953Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-68997 | N/A | WordPress wpDiscuz plugin <= 7.6.40 - Insecure Direct … |
AdvancedCoding |
wpDiscuz |
2025-12-30T10:47:51.914Z | 2025-12-30T14:53:58.866Z |
| cve-2025-68996 | N/A | WordPress Responsive Posts Carousel Pro plugin <= 15.1… |
WebCodingPlace |
Responsive Posts Carousel Pro |
2025-12-30T10:47:51.680Z | 2025-12-30T15:22:57.395Z |
| cve-2025-68995 | N/A | WordPress My Sticky Elements plugin <= 2.3.3 - Broken … |
Gal Dubinski |
My Sticky Elements |
2025-12-30T10:47:51.492Z | 2025-12-30T15:33:13.996Z |
| cve-2025-68994 | N/A | WordPress Product Loops for WooCommerce plugin <= 2.1.… |
XforWooCommerce |
Product Loops for WooCommerce |
2025-12-30T10:47:51.296Z | 2025-12-30T15:42:08.806Z |
| cve-2025-68993 | N/A | WordPress Share, Print and PDF Products for WooCommerc… |
XforWooCommerce |
Share, Print and PDF Products for WooCommerce |
2025-12-30T10:47:51.107Z | 2025-12-30T15:52:20.057Z |
| cve-2025-68992 | N/A | WordPress BWL Knowledge Base Manager plugin <= 1.6.3 -… |
xenioushk |
BWL Knowledge Base Manager |
2025-12-30T10:47:50.920Z | 2025-12-30T15:55:07.197Z |
| cve-2025-68991 | N/A | WordPress BWL Pro Voting Manager plugin <= 1.4.9 - Cro… |
xenioushk |
BWL Pro Voting Manager |
2025-12-30T10:47:50.729Z | 2025-12-30T19:43:21.355Z |
| cve-2025-68990 | N/A | WordPress BWL Pro Voting Manager plugin <= 1.4.9 - SQL… |
xenioushk |
BWL Pro Voting Manager |
2025-12-30T10:47:50.548Z | 2025-12-30T22:12:17.928Z |
| cve-2025-68989 | N/A | WordPress Contact Form 7 Extension For Mailchimp plugi… |
Renzo Johnson |
Contact Form 7 Extension For Mailchimp |
2025-12-30T10:47:50.363Z | 2025-12-30T22:12:39.183Z |
| cve-2025-68988 | N/A | WordPress E-Invoice App Malaysia plugin <= 1.1.0 - Sen… |
o2oe |
E-Invoice App Malaysia |
2025-12-30T10:47:50.131Z | 2025-12-30T22:13:39.542Z |
| cve-2025-68987 | N/A | WordPress Cinerama - A WordPress Theme for Movie Studi… |
Edge-Themes |
Cinerama - A WordPress Theme for Movie Studios and Filmmakers |
2025-12-30T10:47:49.947Z | 2025-12-30T22:16:08.638Z |
| cve-2025-68985 | N/A | WordPress Aora theme <= 1.3.15 - Local File Inclusion … |
thembay |
Aora |
2025-12-30T10:47:49.767Z | 2025-12-30T22:18:46.080Z |
| cve-2025-68984 | N/A | WordPress Puca theme <= 2.6.39 - Local File Inclusion … |
thembay |
Puca |
2025-12-30T10:47:49.577Z | 2025-12-30T22:19:09.287Z |
| cve-2025-68983 | N/A | WordPress Greenmart theme <= 4.2.11 - Local File Inclu… |
thembay |
Greenmart |
2025-12-30T10:47:49.392Z | 2025-12-30T22:19:26.741Z |
| cve-2025-68982 | N/A | WordPress DesignThemes LMS Addon plugin <= 2.6 - Broke… |
designthemes |
DesignThemes LMS Addon |
2025-12-30T10:47:49.216Z | 2025-12-30T22:20:31.813Z |
| cve-2025-68981 | N/A | WordPress HomeFix Elementor Portfolio plugin <= 1.0.1 … |
designthemes |
HomeFix Elementor Portfolio |
2025-12-30T10:47:49.035Z | 2025-12-30T22:21:43.215Z |
| cve-2025-68980 | N/A | WordPress WeDesignTech Portfolio plugin <= 1.0.2 - Bro… |
designthemes |
WeDesignTech Portfolio |
2025-12-30T10:47:48.858Z | 2025-12-30T22:23:55.769Z |
| cve-2025-68979 | N/A | WordPress Google Calendar Events plugin <= 3.5.9 - Ins… |
SimpleCalendar |
Google Calendar Events |
2025-12-30T10:47:48.678Z | 2025-12-30T22:24:07.354Z |
| cve-2025-68978 | N/A | WordPress DesignThemes Core plugin <= 1.6 - Cross Site… |
designthemes |
DesignThemes Core |
2025-12-30T10:47:48.485Z | 2025-12-30T16:03:47.382Z |
| cve-2025-68977 | N/A | WordPress DesignThemes Portfolio Addon plugin <= 1.5 -… |
designthemes |
DesignThemes Portfolio Addon |
2025-12-30T10:47:48.297Z | 2025-12-30T16:03:04.715Z |
| cve-2025-68976 | N/A | WordPress Eagle Booking plugin <= 1.3.4.3 - Settings C… |
Eagle-Themes |
Eagle Booking |
2025-12-30T10:47:48.092Z | 2025-12-30T22:24:18.062Z |
| cve-2025-68975 | N/A | WordPress Eagle Booking plugin <= 1.3.4.3 - Insecure D… |
Eagle-Themes |
Eagle Booking |
2025-12-30T10:47:47.878Z | 2025-12-30T22:24:56.415Z |
| cve-2025-68974 | N/A | WordPress WordPress Social Login and Register plugin <… |
miniOrange |
WordPress Social Login and Register |
2025-12-30T10:47:47.632Z | 2025-12-30T22:25:19.008Z |
| cve-2025-15245 | D-Link DCS-850L Firmware Update Service uploadfirmware… |
D-Link |
DCS-850L |
2025-12-30T11:02:16.676Z | 2025-12-30T12:57:33.830Z | |
| cve-2025-15244 | PHPEMS Purchase Request race condition |
n/a |
PHPEMS |
2025-12-30T10:32:05.640Z | 2025-12-30T16:02:21.268Z | |
| cve-2025-15359 | 9.1 (v3.1) | DVP-12SE11T - Out-of-bound memory write Vulnerability |
Delta Electronics |
DVP-12SE11T |
2025-12-30T09:07:04.319Z | 2025-12-30T15:56:55.535Z |
| cve-2025-15243 | code-projects Simple Stock System login.php sql injection |
code-projects |
Simple Stock System |
2025-12-30T10:02:06.196Z | 2025-12-30T16:01:37.004Z | |
| cve-2025-15242 | PHPEMS Coupon race condition |
n/a |
PHPEMS |
2025-12-30T09:32:07.221Z | 2025-12-30T16:00:48.345Z | |
| cve-2025-15358 | 7.5 (v3.1) | DVP-12SE11T - Denial of Service Vulnerability |
Delta Electronics |
DVP-12SE11T |
2025-12-30T09:04:41.325Z | 2025-12-30T15:57:00.870Z |
| cve-2025-15241 | CloudPanel Community Edition HTTP Header users redirect |
CloudPanel |
Community Edition |
2025-12-30T09:02:07.225Z | 2025-12-30T14:41:02.720Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192468 | Malicious code in yzip (PyPI) | 2025-12-11T15:53:42Z | 2025-12-11T17:12:54Z |
| mal-2025-192543 | Malicious code in mw-proto-ts (npm) | 2025-12-11T12:17:38Z | 2025-12-23T19:24:03Z |
| mal-2025-192541 | Malicious code in mui-wrapper-icons (npm) | 2025-12-11T12:17:23Z | 2025-12-23T19:24:03Z |
| mal-2025-192542 | Malicious code in mui-wrapper-styles (npm) | 2025-12-11T12:15:41Z | 2025-12-23T19:24:03Z |
| mal-0000-ossf-package-analysis-ba19fbf2e13483ed | Malicious code in @cheqplease/structured-logger (npm) | 2025-12-11T07:37:23Z | 2025-12-11T07:37:23Z |
| mal-0000-ossf-package-analysis-c6ef1fa05f2ae34a | Malicious code in @cheqplease/structured-logger (npm) | 2025-12-11T05:38:58Z | 2025-12-11T05:38:58Z |
| mal-2025-192466 | Malicious code in tnaxmlparserctf (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192465 | Malicious code in tnaparserxml (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:46Z |
| mal-2025-192464 | Malicious code in ofjaaah12 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:45Z |
| mal-2025-192463 | Malicious code in libxmlussr (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192462 | Malicious code in libxmlpupupu (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192461 | Malicious code in libxmljsololos (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192460 | Malicious code in libxmljsololo4 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192459 | Malicious code in libxmljsololo3 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192458 | Malicious code in libxmljsololo (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192457 | Malicious code in libxmljs2var234 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192456 | Malicious code in libxmljs10 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192455 | Malicious code in libxmlhere (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192454 | Malicious code in libxmlfinal5 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192453 | Malicious code in libxmlfinal4 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192452 | Malicious code in libxmlfinal3 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192451 | Malicious code in libxmlfinal (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192450 | Malicious code in fadafas3 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T16:25:55Z |
| mal-2025-192449 | Malicious code in elf-stats-sugarplum-mitten-141 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| mal-2025-192448 | Malicious code in elf-stats-sparkly-snowglobe-243 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| mal-2025-192447 | Malicious code in elf-stats-snowy-toolkit-186 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| mal-2025-192446 | Malicious code in elf-stats-silvered-wishlist-243 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| mal-2025-192445 | Malicious code in elf-stats-silvered-mailbag-755 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| mal-2025-192444 | Malicious code in elf-stats-merry-icicle-449 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| mal-2025-192443 | Malicious code in elf-stats-jolly-hammer-980 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:17361 | Red Hat Security Advisory: gnutls security, bug fix, and enhancement update | 2025-10-06T08:50:07+00:00 | 2025-11-21T19:28:16+00:00 |
| rhsa-2025:17348 | Red Hat Security Advisory: gnutls security, bug fix, and enhancement update | 2025-10-06T02:41:41+00:00 | 2025-11-21T19:28:15+00:00 |
| rhsa-2025:17346 | Red Hat Security Advisory: thunderbird security update | 2025-10-06T02:33:01+00:00 | 2025-11-21T19:28:14+00:00 |
| rhsa-2025:17347 | Red Hat Security Advisory: libtasn1 security update | 2025-10-06T02:07:36+00:00 | 2025-11-21T19:28:14+00:00 |
| rhsa-2025:17345 | Red Hat Security Advisory: thunderbird security update | 2025-10-06T01:39:41+00:00 | 2025-11-21T19:28:14+00:00 |
| rhsa-2025:17343 | Red Hat Security Advisory: thunderbird security update | 2025-10-06T01:37:41+00:00 | 2025-11-21T19:28:13+00:00 |
| rhsa-2025:17344 | Red Hat Security Advisory: thunderbird security update | 2025-10-06T01:36:35+00:00 | 2025-11-21T19:28:13+00:00 |
| rhsa-2025:17342 | Red Hat Security Advisory: thunderbird security update | 2025-10-06T01:34:27+00:00 | 2025-11-21T19:28:12+00:00 |
| rhsa-2025:17340 | Red Hat Security Advisory: thunderbird security update | 2025-10-06T01:30:57+00:00 | 2025-11-21T19:28:12+00:00 |
| rhsa-2025:17341 | Red Hat Security Advisory: thunderbird security update | 2025-10-06T01:30:32+00:00 | 2025-11-21T19:28:12+00:00 |
| rhsa-2025:17317 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.9 security update | 2025-10-02T17:38:07+00:00 | 2025-11-25T03:02:53+00:00 |
| rhsa-2025:17318 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.9 security update | 2025-10-02T17:34:35+00:00 | 2025-11-25T03:02:49+00:00 |
| rhsa-2025:17298 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.0 security update | 2025-10-02T14:58:17+00:00 | 2025-11-25T03:02:52+00:00 |
| rhsa-2025:17299 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.0 security update | 2025-10-02T14:54:02+00:00 | 2025-11-25T03:02:48+00:00 |
| rhsa-2025:17187 | Red Hat Security Advisory: Red Hat build of Quarkus 3.15.7 release and security update | 2025-10-02T11:58:55+00:00 | 2025-11-25T03:03:53+00:00 |
| rhsa-2025:17241 | Red Hat Security Advisory: kernel security update | 2025-10-02T10:07:46+00:00 | 2025-11-21T19:28:03+00:00 |
| rhsa-2025:17192 | Red Hat Security Advisory: kernel-rt security update | 2025-10-01T19:19:25+00:00 | 2025-11-21T19:27:58+00:00 |
| rhsa-2025:17159 | Red Hat Security Advisory: kernel security update | 2025-10-01T18:14:44+00:00 | 2025-11-21T19:27:54+00:00 |
| rhsa-2025:17189 | Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.8.22 | 2025-10-01T18:01:13+00:00 | 2025-11-21T19:38:44+00:00 |
| rhsa-2025:17161 | Red Hat Security Advisory: kernel security update | 2025-10-01T17:47:28+00:00 | 2025-11-21T19:27:59+00:00 |
| rhsa-2025:17163 | Red Hat Security Advisory: perl-JSON-XS security update | 2025-10-01T17:44:11+00:00 | 2025-11-21T19:27:56+00:00 |
| rhsa-2025:17164 | Red Hat Security Advisory: cups security update | 2025-10-01T17:36:39+00:00 | 2025-11-21T19:27:58+00:00 |
| rhsa-2025:17162 | Red Hat Security Advisory: perl-JSON-XS security update | 2025-10-01T16:59:04+00:00 | 2025-11-21T19:27:56+00:00 |
| rhsa-2025:17181 | Red Hat Security Advisory: Insights proxy Container Image | 2025-10-01T16:41:41+00:00 | 2025-11-25T10:22:49+00:00 |
| rhsa-2025:16729 | Red Hat Security Advisory: OpenShift Container Platform 4.18.25 packages and security update | 2025-10-01T16:38:14+00:00 | 2025-11-28T12:47:33+00:00 |
| rhsa-2025:16724 | Red Hat Security Advisory: OpenShift Container Platform 4.16.49 packages and security update | 2025-10-01T13:18:39+00:00 | 2025-11-28T12:47:33+00:00 |
| rhsa-2025:17145 | Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17 security, enhancement & bug fix update | 2025-10-01T12:01:32+00:00 | 2025-11-21T19:38:48+00:00 |
| rhsa-2025:17144 | Red Hat Security Advisory: cups security update | 2025-10-01T10:43:39+00:00 | 2025-11-21T19:27:53+00:00 |
| rhsa-2025:17141 | Red Hat Security Advisory: cups security update | 2025-10-01T08:21:43+00:00 | 2025-11-21T19:27:53+00:00 |
| rhsa-2025:17129 | Red Hat Security Advisory: idm:DL1 security update | 2025-10-01T06:35:38+00:00 | 2025-11-21T19:27:51+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-40038 | KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid | 2025-10-02T00:00:00.000Z | 2025-10-29T01:01:49.000Z |
| msrc_cve-2025-40036 | misc: fastrpc: fix possible map leak in fastrpc_put_args | 2025-10-02T00:00:00.000Z | 2025-10-29T01:04:04.000Z |
| msrc_cve-2025-40035 | Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak | 2025-10-02T00:00:00.000Z | 2025-10-29T01:02:33.000Z |
| msrc_cve-2025-40033 | remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() | 2025-10-02T00:00:00.000Z | 2025-10-29T01:03:37.000Z |
| msrc_cve-2025-40032 | PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release | 2025-10-02T00:00:00.000Z | 2025-10-29T01:03:26.000Z |
| msrc_cve-2025-40030 | pinctrl: check the return value of pinmux_ops::get_function_name() | 2025-10-02T00:00:00.000Z | 2025-10-29T01:02:27.000Z |
| msrc_cve-2025-40029 | bus: fsl-mc: Check return value of platform_get_resource() | 2025-10-02T00:00:00.000Z | 2025-10-29T01:02:00.000Z |
| msrc_cve-2025-40027 | net/9p: fix double req put in p9_fd_cancelled | 2025-10-02T00:00:00.000Z | 2025-10-29T01:04:34.000Z |
| msrc_cve-2025-40026 | KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O | 2025-10-02T00:00:00.000Z | 2025-10-29T01:03:10.000Z |
| msrc_cve-2025-40025 | f2fs: fix to do sanity check on node footer for non inode dnode | 2025-10-02T00:00:00.000Z | 2025-10-29T01:02:43.000Z |
| msrc_cve-2025-40024 | vhost: Take a reference on the task in struct vhost_task. | 2025-10-02T00:00:00.000Z | 2025-10-26T01:01:14.000Z |
| msrc_cve-2025-40021 | tracing: dynevent: Add a missing lockdown check on dynevent | 2025-10-02T00:00:00.000Z | 2025-10-26T01:01:36.000Z |
| msrc_cve-2025-40020 | can: peak_usb: fix shift-out-of-bounds issue | 2025-10-02T00:00:00.000Z | 2025-10-26T01:01:30.000Z |
| msrc_cve-2025-40019 | crypto: essiv - Check ssize for decryption and in-place encryption | 2025-10-02T00:00:00.000Z | 2025-12-07T01:39:24.000Z |
| msrc_cve-2025-40018 | ipvs: Defer ip_vs_ftp unregister during netns cleanup | 2025-10-02T00:00:00.000Z | 2025-10-25T14:01:29.000Z |
| msrc_cve-2025-40016 | media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID | 2025-10-02T00:00:00.000Z | 2025-10-22T01:01:25.000Z |
| msrc_cve-2025-40013 | ASoC: qcom: audioreach: fix potential null pointer dereference | 2025-10-02T00:00:00.000Z | 2025-10-22T01:01:20.000Z |
| msrc_cve-2025-40011 | drm/gma500: Fix null dereference in hdmi teardown | 2025-10-02T00:00:00.000Z | 2025-10-22T01:01:36.000Z |
| msrc_cve-2025-40010 | afs: Fix potential null pointer dereference in afs_put_server | 2025-10-02T00:00:00.000Z | 2025-10-22T01:01:41.000Z |
| msrc_cve-2025-40005 | spi: cadence-quadspi: Implement refcount to handle unbind during busy | 2025-10-02T00:00:00.000Z | 2025-12-07T01:39:00.000Z |
| msrc_cve-2025-40003 | net: mscc: ocelot: Fix use-after-free caused by cyclic delayed work | 2025-10-02T00:00:00.000Z | 2025-12-07T01:38:38.000Z |
| msrc_cve-2025-40001 | scsi: mvsas: Fix use-after-free bugs in mvs_work_queue | 2025-10-02T00:00:00.000Z | 2025-12-07T01:38:50.000Z |
| msrc_cve-2025-40000 | wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:49.000Z |
| msrc_cve-2025-39998 | scsi: target: target_core_configfs: Add length check to avoid buffer overflow | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:33.000Z |
| msrc_cve-2025-39996 | media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove | 2025-10-02T00:00:00.000Z | 2025-10-16T01:03:22.000Z |
| msrc_cve-2025-39995 | media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:10.000Z |
| msrc_cve-2025-39994 | media: tuner: xc5000: Fix use-after-free in xc5000_release | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:44.000Z |
| msrc_cve-2025-39993 | media: rc: fix races with imon_disconnect() | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:22.000Z |
| msrc_cve-2025-39990 | bpf: Check the helper function is valid in get_helper_proto | 2025-10-02T00:00:00.000Z | 2025-12-07T01:38:28.000Z |
| msrc_cve-2025-39988 | can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow | 2025-10-02T00:00:00.000Z | 2025-10-16T01:01:43.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2022-000098 | Zenphoto vulnerable to cross-site scripting | 2022-12-19T13:39+09:00 | 2022-12-19T13:39+09:00 |
| jvndb-2022-002779 | Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS) | 2022-12-16T13:29+09:00 | 2023-01-11T16:55+09:00 |
| jvndb-2022-000097 | Multiple vulnerabilities in DENSHI NYUSATSU CORE SYSTEM | 2022-12-15T15:18+09:00 | 2024-05-29T17:40+09:00 |
| jvndb-2022-000096 | Redmine vulnerable to cross-site scripting | 2022-12-13T14:05+09:00 | 2024-06-03T16:47+09:00 |
| jvndb-2022-002775 | Multiple vulnerabilities in Buffalo network devices | 2022-12-12T15:28+09:00 | 2024-02-14T15:45+09:00 |
| jvndb-2022-002771 | Information Exposure Vulnerability in JP1/Automatic Operation | 2022-12-07T17:30+09:00 | 2022-12-07T17:30+09:00 |
| jvndb-2022-002770 | Contec SolarView Compact vulnerable to cross-site scripting | 2022-12-06T15:08+09:00 | 2024-06-04T17:13+09:00 |
| jvndb-2022-002768 | Multiple vulnerabilities in UNIMO Technology digital video recorders | 2022-12-02T14:57+09:00 | 2024-06-03T16:55+09:00 |
| jvndb-2022-002765 | Multiple vulnerabilities in OMRON CX-Programmer | 2022-11-28T15:40+09:00 | 2024-04-05T18:15+09:00 |
| jvndb-2022-000095 | Cybozu Remote Service vulnerable to Uncontrolled Resource Consumption | 2022-11-25T14:15+09:00 | 2024-06-03T16:08+09:00 |
| jvndb-2022-000094 | Multiple cross-site scripting vulnerabilities in baserCMS | 2022-11-25T13:42+09:00 | 2024-05-31T18:17+09:00 |
| jvndb-2022-000093 | TP-Link RE300 V1 tdpServer vulnerable to improper processing of its input | 2022-11-24T14:46+09:00 | 2024-06-03T16:41+09:00 |
| jvndb-2022-002761 | Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service | 2022-11-21T18:25+09:00 | 2024-05-31T17:43+09:00 |
| jvndb-2022-000092 | Typora fails to properly neutralize JavaScript code. | 2022-11-21T15:31+09:00 | 2024-06-03T15:13+09:00 |
| jvndb-2022-000091 | WordPress Plugin "WordPress Popular Posts" accepts untrusted external inputs to update certain internal variables | 2022-11-18T15:14+09:00 | 2022-11-18T15:14+09:00 |
| jvndb-2022-000089 | RICOH Aficio SP 4210N vulnerable to cross-site scripting | 2022-11-17T11:15+09:00 | 2022-11-17T11:15+09:00 |
| jvndb-2022-000090 | Multiple vulnerabilities in Movable Type | 2022-11-16T17:07+09:00 | 2024-06-03T15:31+09:00 |
| jvndb-2022-000088 | TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java (Rich) vulnerable to ClassLoader manipulation | 2022-11-14T16:45+09:00 | 2024-06-06T16:11+09:00 |
| jvndb-2022-000086 | Aiphone Video Multi-Tenant System Entrance Stations vulnerable to information disclosure | 2022-11-10T13:40+09:00 | 2024-06-06T17:37+09:00 |
| jvndb-2022-002691 | Multiple vulnerabilities in OMRON products | 2022-11-10T09:46+09:00 | 2022-11-10T09:46+09:00 |
| jvndb-2022-000085 | WordPress Plugin "Salon booking system" vulnerable to cross-site scripting | 2022-11-08T15:07+09:00 | 2024-06-05T18:07+09:00 |
| jvndb-2022-000087 | Multiple vulnerabilities in WordPress | 2022-11-08T14:59+09:00 | 2024-06-06T16:27+09:00 |
| jvndb-2022-000079 | Multiple vulnerabilities in the web interfaces of Kyocera Document Solutions MFPs and printers | 2022-11-01T14:51+09:00 | 2024-06-06T17:01+09:00 |
| jvndb-2022-000084 | Multiple vulnerabilities in FUJI SOFT network devices | 2022-10-28T15:12+09:00 | 2024-06-06T16:48+09:00 |
| jvndb-2022-000083 | Multiple vulnerabilities in SHIRASAGI | 2022-10-25T15:10+09:00 | 2024-06-05T16:06+09:00 |
| jvndb-2022-000082 | Multiple vulnerabilities in nadesiko3 | 2022-10-20T16:58+09:00 | 2024-06-05T17:28+09:00 |
| jvndb-2022-002544 | Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service | 2022-10-20T16:18+09:00 | 2024-06-13T13:58+09:00 |
| jvndb-2022-002537 | Stack-based buffer overflow vulnerability in Yokogawa Test & Measurement WTViewerE | 2022-10-19T16:23+09:00 | 2024-06-12T16:54+09:00 |
| jvndb-2022-000081 | Lemon8 App fails to restrict access permissions | 2022-10-19T14:08+09:00 | 2024-06-12T16:39+09:00 |
| jvndb-2022-000080 | Android App "IIJ SmartKey" vulnerable to information disclosure | 2022-10-14T13:57+09:00 | 2024-06-27T13:40+09:00 |
| ID | Description | Updated |
|---|