Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-94c2-8jj7-8pjp | The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a p… | 2025-12-30T06:30:19Z | 2025-12-30T18:30:17Z |
| ghsa-6mxp-7c6p-vwm2 | A weakness has been identified in Tenda AC10U 15.03.06.48/15.03.06.49. Affected by this vulnerabili… | 2025-12-30T06:30:19Z | 2025-12-30T06:30:19Z |
| ghsa-vwcf-px28-cqjr | A vulnerability was identified in Tenda AC23 16.03.07.52. This impacts the function fromSetIpMacBin… | 2025-12-30T03:30:17Z | 2025-12-30T03:30:17Z |
| ghsa-p9pg-8prj-h5rw | A vulnerability was determined in Tenda AC10U 15.03.06.48/15.03.06.49. This affects the function fo… | 2025-12-30T03:30:17Z | 2025-12-30T03:30:17Z |
| ghsa-mg7r-rmfx-wx93 | A security flaw has been discovered in Tenda AC23 16.03.07.52. Affected is the function formSetPPTP… | 2025-12-30T03:30:17Z | 2025-12-30T21:30:32Z |
| ghsa-wwqx-4prm-6ch2 | A vulnerability was detected in code-projects Refugee Food Management System 1.0. This issue affect… | 2025-12-30T03:30:16Z | 2025-12-30T03:30:16Z |
| ghsa-rhh9-qf7p-wfgf | Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar envir… | 2025-12-30T03:30:16Z | 2025-12-31T18:30:23Z |
| ghsa-cf34-5r96-m2mj | A vulnerability was found in Campcodes Park Ticketing System 1.0. The impacted element is the funct… | 2025-12-30T03:30:16Z | 2025-12-30T03:30:16Z |
| ghsa-8x7h-9qhv-w654 | A flaw has been found in code-projects Refugee Food Management System 1.0. Impacted is an unknown f… | 2025-12-30T03:30:16Z | 2025-12-30T03:30:16Z |
| ghsa-6mjf-xww7-46hq | A vulnerability has been found in code-projects Student File Management System 1.0. The affected el… | 2025-12-30T03:30:16Z | 2025-12-30T03:30:16Z |
| ghsa-5x99-r8pc-wjj3 | Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar e… | 2025-12-30T03:30:16Z | 2025-12-31T18:30:23Z |
| ghsa-w5h6-3m3q-q8pm | Missing Authorization vulnerability in Crocoblock JetTabs allows Exploiting Incorrectly Configured … | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-qmf6-23g2-95xp | A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an… | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-hxgr-h468-wf97 | A security vulnerability has been detected in code-projects Refugee Food Management System 1.0. Thi… | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-hh4w-cc4q-rp64 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-gg4j-vv7g-h3f6 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-fjmr-7667-8v4p | Visual Studio Code Go extension has unexpected untrusted code execution | 2025-12-30T00:32:59Z | 2025-12-31T22:05:05Z |
| ghsa-fcr8-c3fr-779m | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-863c-m9f2-hgxh | Insertion of Sensitive Information Into Sent Data vulnerability in weDevs WP Project Manager wedevs… | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-6w33-8qh2-c7jv | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-5884-m867-xg58 | Missing Authorization vulnerability in wpdive Better Elementor Addons allows Exploiting Incorrectly… | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-3wm7-jw5g-v3gq | Missing Authorization vulnerability in Emraan Cheema CubeWP allows Accessing Functionality Not Prop… | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-ww9v-567h-hcvj | A security flaw has been discovered in code-projects Refugee Food Management System 1.0. Affected b… | 2025-12-30T00:32:58Z | 2025-12-30T00:32:59Z |
| ghsa-qwx9-mmhx-chg8 | Missing Authorization vulnerability in Crocoblock JetBlog allows Exploiting Incorrectly Configured … | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-p3hp-24mv-wr6w | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-m6vw-2qvg-8xgj | Authentication Bypass Using an Alternate Path or Channel vulnerability in Mobile Builder Mobile bui… | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-hfg8-jg35-3hqr | A vulnerability has been found in Campcodes Supplier Management System 1.0. Affected is an unknown … | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-cjpf-7pxx-hqc7 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-94f7-w8j3-ppqr | Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a W… | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-786g-jpf2-55wg | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:58Z | 2025-12-30T00:32:59Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-69235 | N/A | Whale browser before 4.35.351.12 allows an attack… |
NAVER |
NAVER Whale browser |
2025-12-30T01:22:57.770Z | 2025-12-31T17:15:35.598Z |
| cve-2025-69234 | N/A | Whale browser before 4.35.351.12 allows an attack… |
NAVER |
NAVER Whale browser |
2025-12-30T01:18:05.718Z | 2025-12-31T17:17:34.260Z |
| cve-2025-15213 | code-projects Student File Management System File Down… |
code-projects |
Student File Management System |
2025-12-30T01:02:07.571Z | 2025-12-30T18:47:10.060Z | |
| cve-2025-69217 | Coturn has unsafe nonce and relay port randomization d… |
coturn |
coturn |
2025-12-30T00:41:18.792Z | 2025-12-30T15:57:25.040Z | |
| cve-2025-15212 | code-projects Refugee Food Management System regfood.p… |
code-projects |
Refugee Food Management System |
2025-12-30T00:32:06.172Z | 2025-12-30T18:47:27.338Z | |
| cve-2025-15211 | code-projects Refugee Food Management System refugee.p… |
code-projects |
Refugee Food Management System |
2025-12-30T00:02:07.439Z | 2025-12-30T18:47:48.669Z | |
| cve-2025-66848 | N/A | JD Cloud NAS routers AX1800 (4.3.1.r4308 and earl… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T17:04:56.353Z |
| cve-2025-66835 | N/A | TrueConf Client 8.5.2 is vulnerable to DLL hijack… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T18:26:04.210Z |
| cve-2025-66834 | N/A | A CSV Formula Injection vulnerability in TrueConf… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T18:34:56.946Z |
| cve-2025-66824 | N/A | A Stored Cross-Site Scripting (XSS) vulnerability… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T18:52:27.447Z |
| cve-2025-66823 | N/A | An HTML Injection vulnerability in TrueConf serve… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T19:41:11.937Z |
| cve-2025-66723 | N/A | inMusic Brands Engine DJ 4.3.0 suffers from Insec… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T20:26:26.850Z |
| cve-2025-65925 | N/A | An issue was discovered in Zeroheight (SaaS) prio… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T16:27:34.310Z |
| cve-2025-65411 | N/A | A NULL pointer dereference in the src/path.c comp… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T17:39:43.714Z |
| cve-2025-65409 | N/A | A divide-by-zero in the encryption/decryption rou… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T17:46:21.953Z |
| cve-2025-61557 | N/A | nixseparatedebuginfod before v0.4.1 is vulnerable… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T16:12:08.097Z |
| cve-2025-56332 | N/A | Authentication Bypass in fosrl/pangolin v1.6.2 an… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T18:00:09.859Z |
| cve-2025-50343 | N/A | An issue was discovered in matio 1.5.28. A heap-b… |
n/a |
n/a |
2025-12-30T00:00:00.000Z | 2025-12-30T19:44:32.448Z |
| cve-2025-23554 | 7.1 (v3.1) | WordPress Off Page SEO plugin <= 3.0.3 - Reflected Cro… |
Jakub Glos |
Off Page SEO |
2025-12-29T23:51:32.627Z | 2025-12-30T18:48:17.168Z |
| cve-2025-23550 | 7.1 (v3.1) | WordPress Product Puller plugin <= 1.5.1 - Reflected C… |
Kemal YAZICI |
Product Puller |
2025-12-29T23:50:08.713Z | 2025-12-30T15:57:24.653Z |
| cve-2025-23469 | 7.1 (v3.1) | WordPress Sleekplan plugin <= 0.2.0 - Reflected Cross … |
Sleekplan |
Sleekplan |
2025-12-29T23:48:36.314Z | 2025-12-30T15:56:45.138Z |
| cve-2025-68120 | N/A | Unexpected untrusted code execution in github.com/gola… |
github.com/golang/vscode-go |
github.com/golang/vscode-go |
2025-12-29T23:46:52.451Z | 2025-12-30T16:05:04.576Z |
| cve-2025-23458 | 7.1 (v3.1) | WordPress Ads24 Lite plugin <= 1.0 - Reflected Cross S… |
Rakessh |
Ads24 Lite |
2025-12-29T23:32:44.943Z | 2025-12-30T15:55:57.059Z |
| cve-2025-15210 | code-projects Refugee Food Management System editrefug… |
code-projects |
Refugee Food Management System |
2025-12-29T23:32:06.391Z | 2025-12-30T15:57:30.764Z | |
| cve-2025-68036 | 7.5 (v3.1) | WordPress CubeWP plugin <= 1.1.27 - Broken Access Cont… |
Emraan Cheema |
CubeWP |
2025-12-29T23:26:17.386Z | 2025-12-30T15:54:23.634Z |
| cve-2025-68040 | 6.5 (v3.1) | WordPress WP Project Manager plugin <= 3.0.1 - Sensiti… |
weDevs |
WP Project Manager |
2025-12-29T23:25:11.382Z | 2025-12-30T15:53:32.540Z |
| cve-2023-41656 | 5.4 (v3.1) | WordPress Better Elementor Addons plugin <= 1.3.7 - Br… |
wpdive |
Better Elementor Addons |
2025-12-29T23:22:27.926Z | 2025-12-30T15:52:40.995Z |
| cve-2023-32238 | 5.4 (v3.1) | WordPress TheGem theme < 5.8.1.1 - Broken Access Contr… |
CodexThemes |
TheGem (Elementor) |
2025-12-29T23:18:54.834Z | 2025-12-30T15:51:44.200Z |
| cve-2025-68498 | 6.5 (v3.1) | WordPress JetTabs plugin <= 2.2.12 - Broken Access Con… |
Crocoblock |
JetTabs |
2025-12-29T23:13:35.444Z | 2025-12-30T18:48:36.471Z |
| cve-2025-68499 | 6.5 (v3.1) | WordPress JetTabs plugin <= 2.2.12 - Cross Site Script… |
Crocoblock |
JetTabs |
2025-12-29T23:10:45.157Z | 2025-12-30T18:48:49.402Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-15244 | PHPEMS Purchase Request race condition |
n/a |
PHPEMS |
2025-12-30T10:32:05.640Z | 2025-12-30T16:02:21.268Z | |
| cve-2025-15359 | 9.1 (v3.1) | DVP-12SE11T - Out-of-bound memory write Vulnerability |
Delta Electronics |
DVP-12SE11T |
2025-12-30T09:07:04.319Z | 2025-12-30T15:56:55.535Z |
| cve-2025-15243 | code-projects Simple Stock System login.php sql injection |
code-projects |
Simple Stock System |
2025-12-30T10:02:06.196Z | 2025-12-30T16:01:37.004Z | |
| cve-2025-15242 | PHPEMS Coupon race condition |
n/a |
PHPEMS |
2025-12-30T09:32:07.221Z | 2025-12-30T16:00:48.345Z | |
| cve-2025-15358 | 7.5 (v3.1) | DVP-12SE11T - Denial of Service Vulnerability |
Delta Electronics |
DVP-12SE11T |
2025-12-30T09:04:41.325Z | 2025-12-30T15:57:00.870Z |
| cve-2025-15241 | CloudPanel Community Edition HTTP Header users redirect |
CloudPanel |
Community Edition |
2025-12-30T09:02:07.225Z | 2025-12-30T14:41:02.720Z | |
| cve-2025-15234 | Tenda M3 setInternetLanInfo formSetRemoteInternetLanIn… |
Tenda |
M3 |
2025-12-30T08:32:06.259Z | 2025-12-30T14:41:34.984Z | |
| cve-2025-15103 | 8.1 (v3.1) | DVP-12SE11T - Authentication Bypass via Partial Passwo… |
Delta Electronics |
DVP-12SE11T |
2025-12-30T08:55:49.441Z | 2025-12-30T15:57:07.318Z |
| cve-2025-15102 | 9.1 (v3.1) | DVP-12SE11T - Password Protection Bypass |
Delta Electronics |
DVP-12SE11T |
2025-12-30T08:48:31.567Z | 2025-12-30T15:57:12.209Z |
| cve-2025-15355 | 5.1 (v4.0) 6.1 (v3.1) | NetVision Information|ISOinsight - Reflected Cross-sit… |
NetVision Information |
ISOinsight |
2025-12-30T07:33:23.259Z | 2025-12-30T15:57:18.570Z |
| cve-2025-15233 | Tenda M3 setAdInfoDetail formSetAdInfoDetails heap-bas… |
Tenda |
M3 |
2025-12-30T08:02:06.822Z | 2025-12-30T14:46:51.690Z | |
| cve-2025-15232 | Tenda M3 setAdPushInfo formSetAdPushInfo stack-based o… |
Tenda |
M3 |
2025-12-30T07:32:09.836Z | 2025-12-30T14:48:12.802Z | |
| cve-2025-15231 | Tenda M3 setVlanInfo formSetRemoteVlanInfo stack-based… |
Tenda |
M3 |
2025-12-30T07:02:06.664Z | 2025-12-30T14:48:44.393Z | |
| cve-2025-15230 | Tenda M3 setVlanPolicyData formSetVlanPolicy heap-base… |
Tenda |
M3 |
2025-12-30T06:32:07.597Z | 2025-12-30T14:50:28.070Z | |
| cve-2025-15229 | Tenda CH22 DhcpListClient fromDhcpListClient denial of… |
Tenda |
CH22 |
2025-12-30T06:02:07.970Z | 2025-12-30T14:51:09.821Z | |
| cve-2025-15222 | Dromara Sa-Token SaSerializerTemplateForJdkUseBase64.j… |
Dromara |
Sa-Token |
2025-12-30T05:32:05.705Z | 2025-12-30T14:56:32.958Z | |
| cve-2025-14313 | N/A | Advance WP Query Search Filter <= 1.0.10 - Reflected X… |
Unknown |
Advance WP Query Search Filter |
2025-12-30T06:00:04.941Z | 2025-12-30T15:59:50.222Z |
| cve-2025-14312 | N/A | Advance WP Query Search Filter <= 1.0.10 - Reflected X… |
Unknown |
Advance WP Query Search Filter |
2025-12-30T06:00:03.998Z | 2025-12-30T15:59:06.324Z |
| cve-2025-15221 | SohuTV CacheCloud AppDataMigrateController.java index … |
SohuTV |
CacheCloud |
2025-12-30T05:02:05.317Z | 2025-12-30T15:08:29.719Z | |
| cve-2025-15220 | SohuTV CacheCloud LoginController.java init cross site… |
SohuTV |
CacheCloud |
2025-12-30T04:32:07.020Z | 2025-12-30T15:23:53.739Z | |
| cve-2025-15219 | SohuTV CacheCloud MachineManageController.java doPodLi… |
SohuTV |
CacheCloud |
2025-12-30T04:02:07.018Z | 2025-12-30T15:37:03.221Z | |
| cve-2025-15218 | Tenda AC10U POST Request Parameter AdvSetLanip fromadv… |
Tenda |
AC10U |
2025-12-30T03:32:08.254Z | 2025-12-30T15:37:55.493Z | |
| cve-2025-15217 | Tenda AC23 HTTP POST Request formSetPPTPUserList buffe… |
Tenda |
AC23 |
2025-12-30T03:02:07.501Z | 2025-12-30T18:45:25.252Z | |
| cve-2025-15216 | Tenda AC23 SetIpMacBind fromSetIpMacBind stack-based o… |
Tenda |
AC23 |
2025-12-30T02:32:08.203Z | 2025-12-30T18:45:52.248Z | |
| cve-2025-15215 | Tenda AC10U HTTP POST Request setPptpUserList formSetP… |
Tenda |
AC10U |
2025-12-30T02:02:08.414Z | 2025-12-30T18:46:13.307Z | |
| cve-2025-69235 | N/A | Whale browser before 4.35.351.12 allows an attack… |
NAVER |
NAVER Whale browser |
2025-12-30T01:22:57.770Z | 2025-12-31T17:15:35.598Z |
| cve-2025-69234 | N/A | Whale browser before 4.35.351.12 allows an attack… |
NAVER |
NAVER Whale browser |
2025-12-30T01:18:05.718Z | 2025-12-31T17:17:34.260Z |
| cve-2025-15214 | Campcodes Park Ticketing System admin_class.php save_p… |
Campcodes |
Park Ticketing System |
2025-12-30T01:32:07.496Z | 2025-12-30T18:46:38.082Z | |
| cve-2025-69217 | Coturn has unsafe nonce and relay port randomization d… |
coturn |
coturn |
2025-12-30T00:41:18.792Z | 2025-12-30T15:57:25.040Z | |
| cve-2025-15213 | code-projects Student File Management System File Down… |
code-projects |
Student File Management System |
2025-12-30T01:02:07.571Z | 2025-12-30T18:47:10.060Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192442 | Malicious code in elf-stats-ember-stockpile-448 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| mal-2025-192441 | Malicious code in elf-stats-cosy-garland-592 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| mal-2025-192440 | Malicious code in elf-stats-candystriped-snowglobe-426 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| mal-2025-192439 | Malicious code in asdfgh3 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T16:25:53Z |
| mal-0000-amazon-inspector-f5d1f93ba15e7b1d | Malicious code in libxmljsololo3 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-f5028d4ab741d3e7 | Malicious code in tnaxmlparserctf (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-e75640235a927670 | Malicious code in libxmlfinal5 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-e42a7ca12612653a | Malicious code in elf-stats-snowy-toolkit-186 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-db451e77f6ef3f56 | Malicious code in elf-stats-cosy-garland-592 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-da6b0fa4bde75a4b | Malicious code in ofjaaah12 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-d41a78ad1712a21f | Malicious code in libxmlfinal4 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-d21d950c23b9d623 | Malicious code in libxmljs2var234 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-cc9a09f98eaaf3f0 | Malicious code in asdfgh3 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-c33a3cb237b9fefd | Malicious code in libxmlfinal3 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-b4a0e883940b56b9 | Malicious code in elf-stats-candystriped-snowglobe-426 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-b00664d7d8c2cad9 | Malicious code in libxmlfinal (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-abe2b5ed5ab13037 | Malicious code in elf-stats-sugarplum-mitten-141 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-9df88087925552af | Malicious code in shop-api-sdk (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-84120b8e19b2fbf4 | Malicious code in tnaparserxml (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-81fa56c3bae542d2 | Malicious code in elf-stats-merry-icicle-449 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-68adb1bbfa456e34 | Malicious code in libxmljsololo4 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-642d01e2e6275f09 | Malicious code in elf-stats-silvered-wishlist-243 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-6137dbf72252f12f | Malicious code in libxmlpupupu (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-5c92b90964b44e6e | Malicious code in libxmljsololo (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-53b4c7fe3473ba68 | Malicious code in libxmljs10 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-5109d6f496cd17ca | Malicious code in gs-uitk-lodash (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-3e519eb1552f6865 | Malicious code in elf-stats-sparkly-snowglobe-243 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-2d94a22bb719650f | Malicious code in libxmlussr (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-2af173f5b0f776ed | Malicious code in libxmlhere (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-2884de8cbf4bfb40 | Malicious code in elf-stats-silvered-mailbag-755 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:17128 | Red Hat Security Advisory: Submariner v0.20.2 security fixes and container updates | 2025-10-01T03:46:30+00:00 | 2025-11-21T19:38:43+00:00 |
| rhsa-2025:17124 | Red Hat Security Advisory: kernel security update | 2025-10-01T00:31:42+00:00 | 2025-11-21T19:27:50+00:00 |
| rhsa-2025:17122 | Red Hat Security Advisory: kernel security update | 2025-10-01T00:28:12+00:00 | 2025-11-21T19:27:49+00:00 |
| rhsa-2025:17123 | Red Hat Security Advisory: kernel-rt security update | 2025-10-01T00:24:54+00:00 | 2025-11-21T19:27:53+00:00 |
| rhsa-2025:17119 | Red Hat Security Advisory: perl-JSON-XS security update | 2025-09-30T21:36:52+00:00 | 2025-11-21T19:27:49+00:00 |
| rhsa-2025:17084 | Red Hat Security Advisory: ipa security update | 2025-09-30T17:33:12+00:00 | 2025-11-21T19:27:43+00:00 |
| rhsa-2025:17109 | Red Hat Security Advisory: kernel-rt security update | 2025-09-30T17:24:19+00:00 | 2025-11-21T19:27:47+00:00 |
| rhsa-2025:17088 | Red Hat Security Advisory: ipa security update | 2025-09-30T17:00:56+00:00 | 2025-11-21T19:27:46+00:00 |
| rhsa-2025:17085 | Red Hat Security Advisory: ipa security update | 2025-09-30T16:53:31+00:00 | 2025-11-21T19:27:44+00:00 |
| rhsa-2025:17087 | Red Hat Security Advisory: ipa security update | 2025-09-30T16:43:11+00:00 | 2025-11-21T19:27:46+00:00 |
| rhsa-2025:17086 | Red Hat Security Advisory: ipa security update | 2025-09-30T16:28:08+00:00 | 2025-11-21T19:27:45+00:00 |
| rhsa-2025:17054 | Red Hat Security Advisory: cups security update | 2025-09-30T12:23:26+00:00 | 2025-11-21T19:27:42+00:00 |
| rhsa-2025:17049 | Red Hat Security Advisory: cups security update | 2025-09-30T09:57:46+00:00 | 2025-11-21T19:27:41+00:00 |
| rhsa-2025:17043 | Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.7.0 release | 2025-09-30T08:54:44+00:00 | 2025-11-21T19:38:42+00:00 |
| rhsa-2025:17009 | Red Hat Security Advisory: kernel security update | 2025-09-30T00:37:36+00:00 | 2025-11-21T19:27:39+00:00 |
| rhsa-2025:17006 | Red Hat Security Advisory: ncurses security update | 2025-09-30T00:33:42+00:00 | 2025-11-21T19:27:39+00:00 |
| rhsa-2025:16989 | Red Hat Security Advisory: Red Hat Offline Knowledge Portal update | 2025-09-29T17:36:18+00:00 | 2025-11-21T19:38:42+00:00 |
| rhsa-2025:16984 | Red Hat Security Advisory: RHOAI 2.19.3 - Red Hat OpenShift AI | 2025-09-29T17:16:20+00:00 | 2025-11-21T19:38:42+00:00 |
| rhsa-2025:16982 | Red Hat Security Advisory: RHOAI 2.22.2 - Red Hat OpenShift AI | 2025-09-29T17:16:15+00:00 | 2025-11-21T19:38:41+00:00 |
| rhsa-2025:16983 | Red Hat Security Advisory: RHOAI 2.21.1 - Red Hat OpenShift AI | 2025-09-29T17:16:12+00:00 | 2025-11-21T19:38:42+00:00 |
| rhsa-2025:16981 | Red Hat Security Advisory: RHOAI 2.16.3 - Red Hat OpenShift AI | 2025-09-29T17:16:06+00:00 | 2025-11-21T19:38:41+00:00 |
| rhsa-2025:16919 | Red Hat Security Advisory: kernel security update | 2025-09-29T12:19:03+00:00 | 2025-11-25T15:42:31+00:00 |
| rhsa-2025:16920 | Red Hat Security Advisory: kernel-rt security update | 2025-09-29T10:24:03+00:00 | 2025-11-25T15:42:28+00:00 |
| rhsa-2025:16918 | Red Hat Security Advisory: RHACS 4.7.7 bug fix and security update | 2025-09-29T08:02:30+00:00 | 2025-11-21T19:38:40+00:00 |
| rhsa-2025:16904 | Red Hat Security Advisory: kernel security update | 2025-09-29T08:02:17+00:00 | 2025-11-25T21:57:22+00:00 |
| rhsa-2025:16880 | Red Hat Security Advisory: kernel security update | 2025-09-29T05:35:08+00:00 | 2025-11-25T21:57:20+00:00 |
| rhsa-2025:16861 | Red Hat Security Advisory: mysql:8.0 security update | 2025-09-29T01:34:13+00:00 | 2025-11-21T19:27:32+00:00 |
| rhsa-2025:16823 | Red Hat Security Advisory: openssh security update | 2025-09-26T01:05:14+00:00 | 2025-11-21T19:27:30+00:00 |
| rhsa-2025:16747 | Red Hat Security Advisory: Red Hat Developer Hub 1.6.5 release. | 2025-09-25T11:13:18+00:00 | 2025-11-21T19:38:40+00:00 |
| rhsa-2025:16159 | Red Hat Security Advisory: OpenShift Container Platform 4.15.58 bug fix and security update | 2025-09-25T09:09:37+00:00 | 2025-11-21T19:26:38+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-39987 | can: hi311x: populate ndo_change_mtu() to prevent buffer overflow | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:55.000Z |
| msrc_cve-2025-39986 | can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow | 2025-10-02T00:00:00.000Z | 2025-10-16T01:03:16.000Z |
| msrc_cve-2025-39985 | can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow | 2025-10-02T00:00:00.000Z | 2025-10-16T01:01:37.000Z |
| msrc_cve-2025-39982 | Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync | 2025-10-02T00:00:00.000Z | 2025-10-16T01:03:06.000Z |
| msrc_cve-2025-39981 | Bluetooth: MGMT: Fix possible UAFs | 2025-10-02T00:00:00.000Z | 2025-12-07T01:38:18.000Z |
| msrc_cve-2025-39980 | nexthop: Forbid FDB status change while nexthop is in a group | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:38.000Z |
| msrc_cve-2025-39978 | octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() | 2025-10-02T00:00:00.000Z | 2025-10-16T01:01:59.000Z |
| msrc_cve-2025-39977 | futex: Prevent use-after-free during requeue-PI | 2025-10-02T00:00:00.000Z | 2025-10-16T01:03:11.000Z |
| msrc_cve-2025-39973 | i40e: add validation for ring_len param | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:16.000Z |
| msrc_cve-2025-39972 | i40e: fix idx validation in i40e_validate_queue_map | 2025-10-02T00:00:00.000Z | 2025-10-16T01:01:53.000Z |
| msrc_cve-2025-39971 | i40e: fix idx validation in config queues msg | 2025-10-02T00:00:00.000Z | 2025-10-16T01:01:48.000Z |
| msrc_cve-2025-39970 | i40e: fix input validation logic for action_meta | 2025-10-02T00:00:00.000Z | 2025-10-16T01:01:31.000Z |
| msrc_cve-2025-39969 | i40e: fix validation of VF state in get resources | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:04.000Z |
| msrc_cve-2025-39968 | i40e: add max boundary check for VF filters | 2025-10-02T00:00:00.000Z | 2025-10-16T01:01:21.000Z |
| msrc_cve-2025-39967 | fbcon: fix integer overflow in fbcon_do_set_font | 2025-10-02T00:00:00.000Z | 2025-10-16T01:01:26.000Z |
| msrc_cve-2025-39965 | xfrm: xfrm_alloc_spi shouldn't use 0 as SPI | 2025-10-02T00:00:00.000Z | 2025-10-15T01:01:28.000Z |
| msrc_cve-2025-39964 | crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg | 2025-10-02T00:00:00.000Z | 2025-10-15T01:01:33.000Z |
| msrc_cve-2025-39961 | iommu/amd/pgtbl: Fix possible race while increase page table level | 2025-10-02T00:00:00.000Z | 2025-10-11T01:01:50.000Z |
| msrc_cve-2025-39958 | iommu/s390: Make attach succeed when the device was surprise removed | 2025-10-02T00:00:00.000Z | 2025-10-10T01:02:11.000Z |
| msrc_cve-2025-39957 | wifi: mac80211: increase scan_ies_len for S1G | 2025-10-02T00:00:00.000Z | 2025-10-10T01:02:23.000Z |
| msrc_cve-2025-39955 | tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). | 2025-10-02T00:00:00.000Z | 2025-10-10T01:02:17.000Z |
| msrc_cve-2025-39953 | cgroup: split cgroup_destroy_wq into 3 workqueues | 2025-10-02T00:00:00.000Z | 2025-10-05T01:03:03.000Z |
| msrc_cve-2025-39952 | wifi: wilc1000: avoid buffer overflow in WID string configuration | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:53.000Z |
| msrc_cve-2025-39951 | um: virtio_uml: Fix use-after-free after put_device in probe | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:32.000Z |
| msrc_cve-2025-39949 | qed: Don't collect too many protection override GRC elements | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:48.000Z |
| msrc_cve-2025-39947 | net/mlx5e: Harden uplink netdev access against device unbind | 2025-10-02T00:00:00.000Z | 2025-10-05T01:03:29.000Z |
| msrc_cve-2025-39946 | tls: make sure to abort the stream if headers are bogus | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:22.000Z |
| msrc_cve-2025-39945 | cnic: Fix use-after-free bugs in cnic_delete_task | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:58.000Z |
| msrc_cve-2025-39944 | octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() | 2025-10-02T00:00:00.000Z | 2025-10-05T01:03:24.000Z |
| msrc_cve-2025-39943 | ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:27.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2022-002451 | Multiple vulnerabilities in SVMPC1 and SVMPC2 | 2022-10-13T17:27+09:00 | 2024-05-30T16:38+09:00 |
| jvndb-2022-000078 | bingo!CMS vulnerable to authentication bypass | 2022-10-11T17:49+09:00 | 2024-05-30T17:57+09:00 |
| jvndb-2022-002448 | Multiple vulnerabilities in Trend Micro Deep Security and Cloud One - Workload Security agents for Windows | 2022-10-11T17:02+09:00 | 2024-06-13T14:30+09:00 |
| jvndb-2022-000077 | The installer of Sony Content Transfer may insecurely load Dynamic Link Libraries | 2022-10-11T15:08+09:00 | 2024-06-12T12:12+09:00 |
| jvndb-2022-000076 | Growi vulnerable to improper access control | 2022-10-07T14:30+09:00 | 2024-06-12T12:04+09:00 |
| jvndb-2022-000075 | IPFire WebUI vulnerable to cross-site scripting | 2022-10-06T13:05+09:00 | 2024-06-12T14:28+09:00 |
| jvndb-2022-002444 | Multiple vulnerabilities in Buffalo network devices | 2022-10-05T17:44+09:00 | 2022-10-13T16:28+09:00 |
| jvndb-2022-002443 | Privilege Escalation Vulnerability in Hitachi Storage Plug-in for VMware vCenter | 2022-10-05T17:28+09:00 | 2022-10-05T17:28+09:00 |
| jvndb-2022-000074 | BookStack vulnerable to cross-site scripting | 2022-09-30T14:48+09:00 | 2024-06-12T14:07+09:00 |
| jvndb-2022-002367 | OpenAM (OpenAM Consortium Edition) vulnerable to open redirect | 2022-09-16T15:30+09:00 | 2024-06-13T11:39+09:00 |
| jvndb-2022-000073 | Multiple vulnerabilities in EC-CUBE | 2022-09-15T16:30+09:00 | 2024-06-13T11:09+09:00 |
| jvndb-2022-000072 | EC-CUBE plugin "Product Image Bulk Upload Plugin" vulnerable to insufficient verification in uploading files | 2022-09-15T16:13+09:00 | 2024-06-13T11:03+09:00 |
| jvndb-2022-000071 | Multiple vulnerabilities in Trend Micro Apex One and Trend Micro Apex One as a Service | 2022-09-14T18:15+09:00 | 2024-06-13T11:34+09:00 |
| jvndb-2022-002364 | DoS Vulnerability in uCosminexus TP1/Client/J and Cosminexus Service Coordinator | 2022-09-14T11:34+09:00 | 2022-09-14T11:34+09:00 |
| jvndb-2022-000070 | Movable Type plugin A-Form vulnerable to cross-site scripting | 2022-09-09T15:01+09:00 | 2024-06-13T13:49+09:00 |
| jvndb-2022-000068 | SYNCK GRAPHICA Mailform Pro CGI vulnerable to information disclosure | 2022-09-05T15:22+09:00 | 2024-06-13T16:00+09:00 |
| jvndb-2022-002346 | Multiple vulnerabilities in Contec FLEXLAN FX3000 and FX2000 series | 2022-09-02T18:08+09:00 | 2022-09-02T18:08+09:00 |
| jvndb-2022-000069 | PowerCMS XMLRPC API vulnerable to command injection | 2022-09-02T15:49+09:00 | 2024-06-13T11:44+09:00 |
| jvndb-2022-000066 | Multiple vulnerabilities in CentreCOM AR260S V2 | 2022-08-29T17:37+09:00 | 2024-06-13T16:21+09:00 |
| jvndb-2022-000067 | Installer of Ricoh Device Software Manager may insecurely load Dynamic Link Libraries | 2022-08-29T15:57+09:00 | 2024-06-13T13:53+09:00 |
| jvndb-2022-000064 | Movable Type XMLRPC API vulnerable to command injection | 2022-08-24T15:58+09:00 | 2024-06-13T18:11+09:00 |
| jvndb-2022-000065 | Multiple vulnerabilities in Exment | 2022-08-24T14:23+09:00 | 2024-06-14T11:09+09:00 |
| jvndb-2022-002339 | Multiple vulnerabilities in PukiWiki | 2022-08-24T14:17+09:00 | 2024-06-14T11:55+09:00 |
| jvndb-2022-002338 | PLANEX MZK-DP150N contains hidden administrative functionality | 2022-08-23T15:02+09:00 | 2024-06-14T14:06+09:00 |
| jvndb-2022-000063 | PukiWiki vulnerable to cross-site scripting | 2022-08-23T14:40+09:00 | 2024-06-14T12:00+09:00 |
| jvndb-2022-002337 | UNIMO Technology digital video recorders vulnerable to missing authentication for critical functions | 2022-08-23T14:31+09:00 | 2024-06-14T10:24+09:00 |
| jvndb-2022-002295 | Multiple vulnerabilities in Trend Micro Security | 2022-08-19T11:42+09:00 | 2022-08-19T11:42+09:00 |
| jvndb-2022-002265 | Trend Micro Endpoint security products for enterprises vulnerable to Link Following Local Privilege Escalation | 2022-08-18T15:45+09:00 | 2024-06-14T17:11+09:00 |
| jvndb-2022-000062 | Kaitai Struct: compiler vulnerable to denial-of-service (DoS) | 2022-08-04T15:14+09:00 | 2022-08-04T15:14+09:00 |
| jvndb-2022-002112 | CONTEC SolarView Compact vulnerable to insufficient verification in uploading files | 2022-08-03T17:40+09:00 | 2024-06-14T15:21+09:00 |
| ID | Description | Updated |
|---|