Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-w6ph-hrmj-vffx | The FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce plugin f… | 2025-11-05T12:30:19Z | 2025-11-05T12:30:19Z |
| ghsa-m35w-xx8c-6xc7 | Apache Doris-MCP-Server: Improper Access Control results in bypassing a "read-only" mode | 2025-11-05T12:30:19Z | 2025-11-07T16:48:36Z |
| ghsa-f5fh-r4mj-fqj8 | The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Stored Cross-Site … | 2025-11-05T12:30:19Z | 2025-11-05T12:30:19Z |
| ghsa-99fv-75qw-h59w | The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Local File Inc… | 2025-11-05T12:30:19Z | 2025-11-05T12:30:19Z |
| ghsa-5ppg-2735-mfmv | The FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce plugin f… | 2025-11-05T12:30:19Z | 2025-11-05T12:30:19Z |
| ghsa-wjrf-gc3h-428q | The Visual Link Preview plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the p… | 2025-11-05T12:30:18Z | 2025-11-05T12:30:19Z |
| ghsa-8rfp-386c-p2rw | The Graphina – Elementor Charts and Graphs plugin for WordPress is vulnerable to Stored Cross-Site … | 2025-11-05T12:30:18Z | 2025-11-05T12:30:19Z |
| ghsa-7r77-r49w-qf55 | The Events Calendar plugin for WordPress is vulnerable to information disclosure in versions up to,… | 2025-11-05T12:30:18Z | 2025-11-05T12:30:18Z |
| ghsa-p7ww-wjh2-g3gw | The Control-M/Agent is vulnerable to unauthenticated remote code execution, arbitrary file read and… | 2025-11-05T09:30:26Z | 2025-11-05T09:30:26Z |
| ghsa-vcpc-5m37-qv5v | Optical Disc Archive Software provided by Sony Corporation registers a Windows service with an unqu… | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-rjf9-fxg3-f244 | The B Carousel Block – Responsive Image and Content Carousel plugin for WordPress is vulnerable to … | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-qjg9-678q-xgw7 | Multiple Roboticsware products provided by Roboticsware PTE. LTD. register Windows services with un… | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-h8f7-hc62-fwj7 | The KiotViet Sync plugin for WordPress is vulnerable to unauthorized modification of data due to a … | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-f8wq-xr9h-w4f8 | The KiotViet Sync plugin for WordPress is vulnerable to arbitrary file uploads due to missing file … | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-f5h4-c4jw-c4gm | A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticat… | 2025-11-05T09:30:25Z | 2025-11-06T09:30:27Z |
| ghsa-6rw4-g9p6-qw7p | The KiotViet Sync plugin for WordPress is vulnerable to authorizarion bypass in all versions up to,… | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-4whc-73rx-33pq | The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable… | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-48mf-wgq9-gwrv | The KiotViet Sync plugin for WordPress is vulnerable to Sensitive Information Exposure in all versi… | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-2wwx-4xj6-c38h | The File Manager for Google Drive – Integrate Google Drive with WordPress plugin for WordPress is v… | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-7vr5-68r6-mx7p | The Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, I… | 2025-11-05T09:30:24Z | 2025-11-05T09:30:24Z |
| ghsa-52h6-5xm4-pr2j | The WPeMatico RSS Feed Fetcher plugin for WordPress is vulnerable to Server-Side Request Forgery in… | 2025-11-05T09:30:24Z | 2025-11-05T09:30:24Z |
| ghsa-vrx8-mx5x-r6qv | Improper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to c… | 2025-11-05T06:30:26Z | 2025-11-05T06:30:26Z |
| ghsa-v22x-qm55-p7pm | The Ace User Management WordPress plugin through 2.0.3 does not properly validate that a password r… | 2025-11-05T06:30:26Z | 2025-11-05T21:31:01Z |
| ghsa-f39f-cwqh-hrrj | Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows ad… | 2025-11-05T06:30:26Z | 2025-11-05T06:30:26Z |
| ghsa-x537-qj98-fh4f | Rejected reason: Not used | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-x2gm-m7w7-2jvh | Rejected reason: Not used | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-vm9p-cjxm-7x59 | Improper handling of insufficient permissions or privileges in Samsung Account prior to version 15.… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-v6qv-c42f-74pm | The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnera… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-rr7q-fp5v-74gg | Rejected reason: Not used | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-r4jr-4jcc-p7qg | Improper input validation in Samsung Email prior to version 6.2.06.0 allows local attackers to laun… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-5770 | 6.1 (v3.1) | Reflected Cross-Site Scripting (XSS) in Authentication… |
WSO2 |
WSO2 Identity Server |
2025-11-05T19:02:48.434Z | 2025-11-05T20:13:05.330Z |
| cve-2025-43418 | N/A | This issue was addressed by restricting options o… |
Apple |
iOS and iPadOS |
2025-11-05T18:33:35.485Z | 2025-11-05T18:50:52.441Z |
| cve-2023-43000 | N/A | A use-after-free issue was addressed with improve… |
Apple |
macOS |
2025-11-05T18:33:23.777Z | 2025-11-06T04:55:46.892Z |
| cve-2025-12745 | QuickJS quickjs.c js_array_buffer_slice buffer over-read |
n/a |
QuickJS |
2025-11-05T18:32:07.580Z | 2025-11-05T19:26:04.149Z | |
| cve-2025-11093 | 8.4 (v3.1) | Arbitrary Code Execution with higher privileged users … |
WSO2 |
WSO2 Micro Integrator |
2025-11-05T18:31:17.873Z | 2025-11-05T19:39:15.696Z |
| cve-2025-31954 | 5.4 (v3.1) | HCL iAutomate is susceptible to a sensitive informatio… |
HCL Software |
iAutomate |
2025-11-05T18:23:21.019Z | 2025-11-05T18:46:53.781Z |
| cve-2025-10907 | 8.4 (v3.1) | Authenticated Arbitrary File Upload in Multiple WSO2 P… |
WSO2 |
WSO2 API Manager |
2025-11-05T18:03:49.831Z | 2025-11-05T18:49:44.604Z |
| cve-2025-10713 | 6.5 (v3.1) | XML External Entity (XXE) Vulnerability in Multiple WS… |
WSO2 |
WSO2 Enterprise Integrator |
2025-11-05T17:18:24.719Z | 2025-11-05T18:15:56.913Z |
| cve-2025-43990 | 7.3 (v3.1) | Dell Command Monitor (DCM), versions prior to 10.… |
Dell |
Command Monitor (DCM) |
2025-11-05T17:01:23.986Z | 2025-11-06T04:55:47.809Z |
| cve-2025-46366 | 6.7 (v3.1) | Dell CloudLink, versions prior to 8.1.1, contain … |
Dell |
CloudLink |
2025-11-05T16:50:28.754Z | 2025-11-06T04:55:41.794Z |
| cve-2025-46424 | 6.7 (v3.1) | Dell CloudLink, versions prior to 8.2, contain us… |
Dell |
CloudLink |
2025-11-05T16:46:25.707Z | 2025-11-06T04:55:40.938Z |
| cve-2025-46365 | 5.3 (v3.1) | Dell CloudLink, versions prior 8.1.1, contain a C… |
Dell |
CloudLink |
2025-11-05T16:40:39.934Z | 2025-11-06T04:55:40.128Z |
| cve-2025-46364 | 9.1 (v3.1) | Dell CloudLink, versions prior to 8.1.1, contain … |
Dell |
CloudLin |
2025-11-05T16:36:00.347Z | 2025-11-06T04:55:39.277Z |
| cve-2025-20304 | Multiple vulnerabilities in the web-based managem… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:33:27.573Z | 2025-11-05T20:20:07.804Z | |
| cve-2025-20305 | A vulnerability in the web-based management inter… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:32:52.800Z | 2025-11-05T20:19:33.833Z | |
| cve-2025-20289 | Multiple vulnerabilities in the web-based managem… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:32:28.860Z | 2025-11-05T20:18:33.404Z | |
| cve-2025-20303 | Multiple vulnerabilities in the web-based managem… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:32:02.482Z | 2025-11-05T20:17:21.630Z | |
| cve-2025-45379 | 8.4 (v3.1) | Dell CloudLink, versions prior to 8.2, contain a … |
Dell |
CloudLink |
2025-11-05T16:31:57.457Z | 2025-11-06T04:55:38.394Z |
| cve-2025-20377 | Cisco Unified Intelligence Center API Information Disc… |
Cisco |
Cisco Packaged Contact Center Enterprise |
2025-11-05T16:31:52.595Z | 2025-11-05T20:14:05.911Z | |
| cve-2025-20375 | Cisco Unified Contact Center Express Arbitrary File Up… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:43.035Z | 2025-11-06T04:55:45.946Z | |
| cve-2025-20376 | Cisco Unified Contact Center Express Remote Code Execu… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:38.793Z | 2025-11-06T04:55:44.673Z | |
| cve-2025-20374 | Cisco Unified Contact Center Express Arbitrary File Do… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:23.862Z | 2025-11-05T20:11:12.630Z | |
| cve-2025-20358 | Cisco Unified Contact Center Express Editor Authentica… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:23.210Z | 2025-11-06T04:55:43.689Z | |
| cve-2025-20354 | Cisco Unified Contact Center Express Remote Code Execu… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:14.821Z | 2025-11-06T04:55:42.828Z | |
| cve-2025-20343 | Cisco Identity Services Engine Radius Suppression Deni… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:31:05.000Z | 2025-11-05T20:07:12.870Z | |
| cve-2025-30479 | 8.4 (v3.1) | Dell CloudLink, versions prior to 8.2, contain a … |
Dell |
CloudLink |
2025-11-05T16:27:33.266Z | 2025-11-06T04:55:37.459Z |
| cve-2025-45378 | 9.1 (v3.1) | Dell CloudLink, versions 8.0 through 8.1.2, conta… |
Dell |
CloudLink |
2025-11-05T16:23:15.673Z | 2025-11-06T04:55:36.592Z |
| cve-2025-64459 | Potential SQL injection via _connector keyword argumen… |
djangoproject |
Django |
2025-11-05T15:09:58.239Z | 2025-11-08T12:49:45.129Z | |
| cve-2025-64458 | Potential denial-of-service vulnerability in HttpRespo… |
djangoproject |
Django |
2025-11-05T15:07:17.031Z | 2025-11-05T16:20:57.265Z | |
| cve-2025-47151 | A type confusion vulnerability exists in the lass… |
Entr'ouvert |
Lasso |
2025-11-05T14:57:01.436Z | 2025-11-05T22:35:15.897Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-62596 | youki container escape and denial of service due to ar… |
youki-dev |
youki |
2025-11-05T23:14:37.167Z | 2025-11-06T16:54:15.942Z | |
| cve-2025-62161 | youki container escape via "masked path" abuse due to … |
youki-dev |
youki |
2025-11-05T23:09:09.014Z | 2025-11-06T21:20:19.865Z | |
| cve-2025-55278 | 8.1 (v3.1) | HCL DevOps Loop is susceptible to an improper authenti… |
HCL Software |
DevOps Loop |
2025-11-05T22:44:17.256Z | 2025-11-06T21:20:55.355Z |
| cve-2025-12779 | 8.8 (v4.0) 8.8 (v3.1) | Improper handling of the authentication token in … |
Amazon |
Amazon WorkSpaces |
2025-11-05T21:20:51.567Z | 2025-11-10T18:52:51.286Z |
| cve-2025-63585 | N/A | OSSN (Open Source Social Network) 8.6 is vulnerab… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-06T21:21:50.790Z |
| cve-2025-60784 | N/A | A vulnerability in the XiaozhangBang Voluntary Li… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T21:01:51.302Z |
| cve-2025-63334 | N/A | PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 cont… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T20:18:30.677Z |
| cve-2025-10853 | 5.2 (v3.1) | Reflected Cross-Site Scripting (XSS) in Management Con… |
WSO2 |
WSO2 Open Banking IAM |
2025-11-05T19:21:32.971Z | 2025-11-05T19:58:21.875Z |
| cve-2025-63418 | N/A | A DOM-based Cross-Site Scripting (XSS) vulnerabil… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-06T16:56:12.356Z |
| cve-2025-63417 | N/A | A Stored Cross-Site Scripting (XSS) vulnerability… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-06T16:58:11.284Z |
| cve-2025-63416 | N/A | ** exclusively-hosted-service ** A Stored Cross-S… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T19:08:09.280Z |
| cve-2025-5770 | 6.1 (v3.1) | Reflected Cross-Site Scripting (XSS) in Authentication… |
WSO2 |
WSO2 Identity Server |
2025-11-05T19:02:48.434Z | 2025-11-05T20:13:05.330Z |
| cve-2025-56232 | N/A | GOG Galaxy 2.0.0.2 suffers from Missing SSL Certi… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-06T21:22:57.293Z |
| cve-2025-55343 | N/A | Quipux 4.0.1 through e1774ac allows authenticated… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T19:20:45.969Z |
| cve-2025-55342 | N/A | Quipux 4.0.1 through e1774ac allows enumeration o… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-06T17:01:19.835Z |
| cve-2025-55341 | N/A | Cross Site Scripting vulnerability in Quipux 4.0.… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-06T17:03:33.164Z |
| cve-2025-43418 | N/A | This issue was addressed by restricting options o… |
Apple |
iOS and iPadOS |
2025-11-05T18:33:35.485Z | 2025-11-05T18:50:52.441Z |
| cve-2025-31954 | 5.4 (v3.1) | HCL iAutomate is susceptible to a sensitive informatio… |
HCL Software |
iAutomate |
2025-11-05T18:23:21.019Z | 2025-11-05T18:46:53.781Z |
| cve-2025-12745 | QuickJS quickjs.c js_array_buffer_slice buffer over-read |
n/a |
QuickJS |
2025-11-05T18:32:07.580Z | 2025-11-05T19:26:04.149Z | |
| cve-2025-11093 | 8.4 (v3.1) | Arbitrary Code Execution with higher privileged users … |
WSO2 |
WSO2 Micro Integrator |
2025-11-05T18:31:17.873Z | 2025-11-05T19:39:15.696Z |
| cve-2023-43000 | N/A | A use-after-free issue was addressed with improve… |
Apple |
macOS |
2025-11-05T18:33:23.777Z | 2025-11-06T04:55:46.892Z |
| cve-2025-56231 | N/A | Tonec Internet Download Manager 6.42.41.1 and ear… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T20:24:57.560Z |
| cve-2025-10907 | 8.4 (v3.1) | Authenticated Arbitrary File Upload in Multiple WSO2 P… |
WSO2 |
WSO2 API Manager |
2025-11-05T18:03:49.831Z | 2025-11-05T18:49:44.604Z |
| cve-2025-10713 | 6.5 (v3.1) | XML External Entity (XXE) Vulnerability in Multiple WS… |
WSO2 |
WSO2 Enterprise Integrator |
2025-11-05T17:18:24.719Z | 2025-11-05T18:15:56.913Z |
| cve-2025-63248 | N/A | DWSurvey 6.14.0 is vulnerable to Incorrect Access… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T20:03:23.117Z |
| cve-2025-59716 | N/A | ownCloud Guests before 0.12.5 allows unauthentica… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T20:10:32.262Z |
| cve-2025-57244 | N/A | OpenKM Community Edition 6.3.12 is vulnerable to … |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T19:57:23.140Z |
| cve-2025-46424 | 6.7 (v3.1) | Dell CloudLink, versions prior to 8.2, contain us… |
Dell |
CloudLink |
2025-11-05T16:46:25.707Z | 2025-11-06T04:55:40.938Z |
| cve-2025-46366 | 6.7 (v3.1) | Dell CloudLink, versions prior to 8.1.1, contain … |
Dell |
CloudLink |
2025-11-05T16:50:28.754Z | 2025-11-06T04:55:41.794Z |
| cve-2025-46365 | 5.3 (v3.1) | Dell CloudLink, versions prior 8.1.1, contain a C… |
Dell |
CloudLink |
2025-11-05T16:40:39.934Z | 2025-11-06T04:55:40.128Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-111842 | Malicious code in efficient_gerbil_white-13 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111841 | Malicious code in efficient_duck_emerald-86 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111840 | Malicious code in eerie_snake_brown-35 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111839 | Malicious code in economic_angelfish_peach-22 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111838 | Malicious code in easy_otter_salmon-12 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111837 | Malicious code in easy_jackal_amaranth-91 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111836 | Malicious code in early_lobster_tan-89 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111835 | Malicious code in early_donkey_coral-31 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111834 | Malicious code in eager_marten_harlequin-58 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111833 | Malicious code in dutch_pony_maroon-22 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111832 | Malicious code in dutch_meerkat_amber-65 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111831 | Malicious code in dusty_fox_amber-42 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111830 | Malicious code in dusty_buzzard_rose-65 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111829 | Malicious code in drab_emu_gray-7 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111828 | Malicious code in doubtful_pheasant_brown-87 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111827 | Malicious code in doubtful_barnacle_salmon-19 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111826 | Malicious code in dominant_tarantula_ivory-66 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111825 | Malicious code in dominant_condor_cyan-98 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111824 | Malicious code in domestic_hippopotamus_orange-67 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111823 | Malicious code in divine_clam_amethyst-27 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111822 | Malicious code in diverse_salamander_aquamarine-37 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111821 | Malicious code in distinctive_bonobo_green-36 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111820 | Malicious code in distinct_chickadee_fuchsia-80 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111819 | Malicious code in distant_tahr_silver-1 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111818 | Malicious code in distant_pike_scarlet-59 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111817 | Malicious code in distant_otter_coral-8 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111816 | Malicious code in distant_mite_gold-87 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111815 | Malicious code in distant_earthworm_blush-55 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111814 | Malicious code in disgusted_finch_chocolate-64 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111813 | Malicious code in disgusted_crayfish_salmon-19 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:15019 | Red Hat Security Advisory: python3.9 security update | 2025-09-02T06:08:54+00:00 | 2025-11-07T10:53:28+00:00 |
| rhsa-2025:15016 | Red Hat Security Advisory: kernel security update | 2025-09-02T06:05:19+00:00 | 2025-11-11T08:53:50+00:00 |
| rhsa-2025:15018 | Red Hat Security Advisory: udisks2 security update | 2025-09-02T05:56:29+00:00 | 2025-11-06T23:42:13+00:00 |
| rhsa-2025:15023 | Red Hat Security Advisory: httpd security update | 2025-09-02T05:51:39+00:00 | 2025-11-07T10:53:41+00:00 |
| rhsa-2025:15014 | Red Hat Security Advisory: postgresql:15 security update | 2025-09-02T05:39:29+00:00 | 2025-11-06T22:48:22+00:00 |
| rhsa-2025:15015 | Red Hat Security Advisory: postgresql:16 security update | 2025-09-02T05:24:10+00:00 | 2025-11-06T22:48:21+00:00 |
| rhsa-2025:15020 | Red Hat Security Advisory: udisks2 security update | 2025-09-02T05:14:19+00:00 | 2025-11-06T23:42:12+00:00 |
| rhsa-2025:15006 | Red Hat Security Advisory: postgresql:12 security update | 2025-09-02T05:11:44+00:00 | 2025-11-06T22:48:19+00:00 |
| rhsa-2025:15022 | Red Hat Security Advisory: postgresql:15 security update | 2025-09-02T05:11:05+00:00 | 2025-11-06T22:48:22+00:00 |
| rhsa-2025:15021 | Red Hat Security Advisory: postgresql:13 security update | 2025-09-02T05:07:49+00:00 | 2025-11-06T22:48:22+00:00 |
| rhsa-2025:15008 | Red Hat Security Advisory: kernel security update | 2025-09-02T04:26:50+00:00 | 2025-11-11T12:34:34+00:00 |
| rhsa-2025:15001 | Red Hat Security Advisory: krb5 security update | 2025-09-02T04:13:59+00:00 | 2025-10-30T14:55:38+00:00 |
| rhsa-2025:15010 | Red Hat Security Advisory: python3.11 security update | 2025-09-02T04:10:24+00:00 | 2025-11-07T10:53:28+00:00 |
| rhsa-2025:15013 | Red Hat Security Advisory: postgresql:13 security update | 2025-09-02T04:07:34+00:00 | 2025-11-06T22:48:23+00:00 |
| rhsa-2025:15007 | Red Hat Security Advisory: python3.12 security update | 2025-09-02T04:02:44+00:00 | 2025-11-07T10:53:28+00:00 |
| rhsa-2025:15017 | Red Hat Security Advisory: udisks2 security update | 2025-09-02T03:59:39+00:00 | 2025-11-06T23:42:12+00:00 |
| rhsa-2025:15004 | Red Hat Security Advisory: krb5 security update | 2025-09-02T03:57:04+00:00 | 2025-10-30T14:55:40+00:00 |
| rhsa-2025:15012 | Red Hat Security Advisory: postgresql:12 security update | 2025-09-02T03:49:14+00:00 | 2025-11-06T22:48:19+00:00 |
| rhsa-2025:14997 | Red Hat Security Advisory: httpd security update | 2025-09-02T03:43:39+00:00 | 2025-11-07T10:53:51+00:00 |
| rhsa-2025:14984 | Red Hat Security Advisory: python3.12 security update | 2025-09-02T03:04:29+00:00 | 2025-11-07T10:53:27+00:00 |
| rhsa-2025:15024 | Red Hat Security Advisory: libarchive security update | 2025-09-02T03:02:59+00:00 | 2025-10-30T06:43:58+00:00 |
| rhsa-2025:15000 | Red Hat Security Advisory: krb5 security update | 2025-09-02T03:01:09+00:00 | 2025-10-30T14:55:37+00:00 |
| rhsa-2025:15002 | Red Hat Security Advisory: krb5 security update | 2025-09-02T03:00:09+00:00 | 2025-10-30T14:55:42+00:00 |
| rhsa-2025:15003 | Red Hat Security Advisory: krb5 security update | 2025-09-02T02:59:04+00:00 | 2025-10-30T14:55:39+00:00 |
| rhsa-2025:14998 | Red Hat Security Advisory: httpd security update | 2025-09-02T02:58:29+00:00 | 2025-11-06T23:42:11+00:00 |
| rhsa-2025:15009 | Red Hat Security Advisory: kernel-rt security update | 2025-09-02T02:56:44+00:00 | 2025-11-11T09:06:31+00:00 |
| rhsa-2025:14988 | Red Hat Security Advisory: glib2 security update | 2025-09-02T02:53:04+00:00 | 2025-11-06T22:45:13+00:00 |
| rhsa-2025:14999 | Red Hat Security Advisory: resource-agents security update | 2025-09-02T02:49:59+00:00 | 2025-11-11T13:20:51+00:00 |
| rhsa-2025:14987 | Red Hat Security Advisory: kernel security update | 2025-09-02T02:38:39+00:00 | 2025-11-11T08:53:50+00:00 |
| rhsa-2025:14989 | Red Hat Security Advisory: glib2 security update | 2025-09-02T02:11:24+00:00 | 2025-11-06T22:45:14+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-48924 | Apache Commons Lang, Apache Commons Lang: ClassUtils.getClass(...) can throw a StackOverflowError on very long inputs | 2025-07-02T00:00:00.000Z | 2025-09-03T22:42:41.000Z |
| msrc_cve-2025-4878 | Libssh: use of uninitialized variable in privatekey_from_file() | 2025-07-02T00:00:00.000Z | 2025-09-04T04:13:58.000Z |
| msrc_cve-2025-48367 | Redis DoS Vulnerability due to bad connection error handling | 2025-07-02T00:00:00.000Z | 2025-07-29T00:00:00.000Z |
| msrc_cve-2025-4674 | Unexpected command execution in untrusted VCS repositories in cmd/go | 2025-07-02T00:00:00.000Z | 2025-09-03T21:59:38.000Z |
| msrc_cve-2025-45768 | pyjwt v2.10.1 was discovered to contain weak encryption. NOTE: this is disputed by the Supplier because the key length is chosen by the application that uses the library (admittedly, library users may benefit from a minimum value and a mechanism for opting in to strict enforcement). | 2025-07-02T00:00:00.000Z | 2025-09-04T03:30:36.000Z |
| msrc_cve-2025-45582 | GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file, specified via a relative pathname that begins with the symlink name and ends with that critical file's name. Here, the extraction follows the symlink and overwrites the critical file. This bypasses the protection mechanism of "Member name contains '..'" that would occur for a single TAR archive that attempted to specify the critical file via a ../ approach. For example, the first archive can contain "x -> ../../../../../home/victim/.ssh" and the second archive can contain x/authorized_keys. This can affect server applications that automatically extract any number of user-supplied TAR archives, and were relying on the blocking of traversal. This can also affect software installation processes in wh | 2025-07-02T00:00:00.000Z | 2025-09-03T22:05:01.000Z |
| msrc_cve-2025-40913 | Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow | 2025-07-02T00:00:00.000Z | 2025-09-04T03:33:01.000Z |
| msrc_cve-2025-40777 | A possible assertion failure when 'stale-answer-client-timeout' is set to '0' | 2025-07-02T00:00:00.000Z | 2025-09-04T03:14:11.000Z |
| msrc_cve-2025-4056 | Glib: glib crash after long command line | 2025-07-02T00:00:00.000Z | 2025-09-04T02:50:16.000Z |
| msrc_cve-2025-38498 | do_change_type(): refuse to operate on unmounted/not ours mounts | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38497 | usb: gadget: configfs: Fix OOB read on empty string write | 2025-07-02T00:00:00.000Z | 2025-09-04T01:37:54.000Z |
| msrc_cve-2025-38496 | dm-bufio: fix sched in atomic context | 2025-07-02T00:00:00.000Z | 2025-09-04T01:25:57.000Z |
| msrc_cve-2025-38495 | HID: core: ensure the allocated report buffer can contain the reserved report ID | 2025-07-02T00:00:00.000Z | 2025-09-04T01:14:07.000Z |
| msrc_cve-2025-38494 | HID: core: do not bypass hid_hw_raw_request | 2025-07-02T00:00:00.000Z | 2025-09-04T01:11:10.000Z |
| msrc_cve-2025-38493 | tracing/osnoise: Fix crash in timerlat_dump_stack() | 2025-07-02T00:00:00.000Z | 2025-09-04T01:44:20.000Z |
| msrc_cve-2025-38491 | mptcp: make fallback action and fallback decision atomic | 2025-07-02T00:00:00.000Z | 2025-09-04T01:40:32.000Z |
| msrc_cve-2025-38490 | net: libwx: remove duplicate page_pool_put_full_page() | 2025-07-02T00:00:00.000Z | 2025-09-04T01:00:10.000Z |
| msrc_cve-2025-38487 | soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled | 2025-07-02T00:00:00.000Z | 2025-09-04T01:31:48.000Z |
| msrc_cve-2025-38485 | iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush | 2025-07-02T00:00:00.000Z | 2025-09-04T01:34:28.000Z |
| msrc_cve-2025-38483 | comedi: das16m1: Fix bit shift out of bounds | 2025-07-02T00:00:00.000Z | 2025-09-04T00:56:25.000Z |
| msrc_cve-2025-38482 | comedi: das6402: Fix bit shift out of bounds | 2025-07-02T00:00:00.000Z | 2025-09-04T01:35:21.000Z |
| msrc_cve-2025-38481 | comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large | 2025-07-02T00:00:00.000Z | 2025-09-04T01:21:50.000Z |
| msrc_cve-2025-38480 | comedi: Fix use of uninitialized data in insn_rw_emulate_bits() | 2025-07-02T00:00:00.000Z | 2025-09-04T00:53:14.000Z |
| msrc_cve-2025-38478 | comedi: Fix initialization of data for instructions that write to subdevice | 2025-07-02T00:00:00.000Z | 2025-09-04T00:48:20.000Z |
| msrc_cve-2025-38477 | net/sched: sch_qfq: Fix race condition on qfq_aggregate | 2025-07-02T00:00:00.000Z | 2025-09-04T01:03:51.000Z |
| msrc_cve-2025-38476 | rpl: Fix use-after-free in rpl_do_srh_inline(). | 2025-07-02T00:00:00.000Z | 2025-09-04T01:18:01.000Z |
| msrc_cve-2025-38474 | usb: net: sierra: check for no status endpoint | 2025-07-02T00:00:00.000Z | 2025-09-04T01:53:52.000Z |
| msrc_cve-2025-38472 | netfilter: nf_conntrack: fix crash due to removal of uninitialised entry | 2025-07-02T00:00:00.000Z | 2025-09-04T00:44:01.000Z |
| msrc_cve-2025-38471 | tls: always refresh the queue when reading sock | 2025-07-02T00:00:00.000Z | 2025-09-04T01:48:57.000Z |
| msrc_cve-2025-38470 | net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime | 2025-07-02T00:00:00.000Z | 2025-09-04T01:27:51.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2022-000043 | SHIRASAGI vulnerable to cross-site scripting | 2022-06-09T13:31+09:00 | 2024-06-18T11:13+09:00 |
| jvndb-2022-001948 | Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service | 2022-06-03T12:17+09:00 | 2024-06-18T16:30+09:00 |
| jvndb-2022-000042 | T&D Data Server and THERMO RECORDER DATA SERVER contain a directory traversal vulnerability. | 2022-06-01T16:12+09:00 | 2024-06-18T10:34+09:00 |
| jvndb-2022-000041 | WordPress Plugin "Modern Events Calendar Lite" vulnerable to cross-site scripting | 2022-06-01T13:39+09:00 | 2024-06-18T10:42+09:00 |
| jvndb-2022-000039 | RevoWorks incomplete filtering of MS Office v4 macros | 2022-05-27T16:09+09:00 | 2024-06-18T16:31+09:00 |
| jvndb-2022-000040 | Mobaoku-Auction & Flea Market App for iOS vulnerable to improper server certificate verification | 2022-05-27T15:48+09:00 | 2024-06-18T11:06+09:00 |
| jvndb-2022-001929 | Multiple vulnerabilities in Fuji Electric V-SFT | 2022-05-27T15:39+09:00 | 2024-06-18T13:44+09:00 |
| jvndb-2022-001931 | Multiple vulnerabilities in Fuji Electric V-SFT, V-Server and V-Server Lite | 2022-05-27T15:37+09:00 | 2024-06-18T16:28+09:00 |
| jvndb-2022-001923 | Multiple vulnerabilities in CONTEC SolarView Compact | 2022-05-27T15:28+09:00 | 2024-06-20T11:34+09:00 |
| jvndb-2022-001809 | Trend Micro Password Manager vulnerable to privilege escalation | 2022-05-24T15:27+09:00 | 2024-06-18T17:52+09:00 |
| jvndb-2022-000038 | WordPress plugin "WP Statistics" vulnerable to cross-site scripting | 2022-05-24T15:00+09:00 | 2024-06-18T15:41+09:00 |
| jvndb-2022-000037 | Spring Security OAuth (spring-security-oauth2) vulnerable to denial-of-service (DoS) | 2022-05-20T17:04+09:00 | 2024-06-20T12:09+09:00 |
| jvndb-2022-000036 | Multiple vulnerabilities in Rakuten Casa | 2022-05-19T15:13+09:00 | 2024-06-18T12:09+09:00 |
| jvndb-2022-000035 | Multiple vulnerabilities in Cybozu Garoon | 2022-05-16T14:25+09:00 | 2024-06-17T16:34+09:00 |
| jvndb-2022-000033 | Strapi vulnerable to cross-site scripting | 2022-05-13T16:45+09:00 | 2024-06-18T11:17+09:00 |
| jvndb-2022-000034 | EC-CUBE plugin "Easy Blog for EC-CUBE4" vulnerable to cross-site request forgery | 2022-05-13T16:31+09:00 | 2024-06-18T12:13+09:00 |
| jvndb-2022-001800 | Installer of Trend Micro HouseCall for Home Networks may insecurely load Dynamic Link Libraries | 2022-05-13T16:24+09:00 | 2022-05-13T16:24+09:00 |
| jvndb-2022-001795 | Command injection vulnerability in QNAP VioStar series NVR | 2022-05-12T18:07+09:00 | 2024-06-20T11:31+09:00 |
| jvndb-2022-000032 | Installer of Trend Micro Password Manager may insecurely load Dynamic Link Libraries | 2022-05-11T15:21+09:00 | 2024-06-18T17:46+09:00 |
| jvndb-2022-000031 | GENEREX RCCMD vulnerable to directory traversal | 2022-05-10T15:47+09:00 | 2024-06-18T15:35+09:00 |
| jvndb-2022-000030 | Multiple vulnerabilities in Operation management interface of FUJITSU Network IPCOM | 2022-05-09T15:02+09:00 | 2024-07-18T16:30+09:00 |
| jvndb-2022-000029 | KOYO Electronics Screen Creator Advance2 vulnerable to authentication bypass | 2022-05-09T14:43+09:00 | 2024-06-19T16:03+09:00 |
| jvndb-2022-000028 | Multiple vulnerabilities in multiple MEIKYO ELECTRIC products | 2022-05-09T14:31+09:00 | 2024-06-19T15:55+09:00 |
| jvndb-2022-000027 | Hammock AssetView missing authentication for critical functions | 2022-04-22T13:53+09:00 | 2024-06-20T12:15+09:00 |
| jvndb-2022-000026 | WordPress Plugin "MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership" vulnerable to cross-site request forgery | 2022-04-15T13:15+09:00 | 2024-06-25T18:04+09:00 |
| jvndb-2022-001526 | Trend Micro Antivirus for Mac vulnerable to privilege escalation | 2022-04-07T16:58+09:00 | 2022-04-07T16:58+09:00 |
| jvndb-2022-001494 | Trend Micro Apex Central and Trend Micro Apex Central as a Service vulnerable to improper check for file contents | 2022-03-31T17:25+09:00 | 2022-03-31T17:25+09:00 |
| jvndb-2022-000024 | Zero-channel BBS Plus vulnerable to cross-site scripting | 2022-03-30T15:36+09:00 | 2024-06-20T17:34+09:00 |
| jvndb-2022-000023 | WordPress Plugin "Advanced Custom Fields" vulnerable to missing authorization | 2022-03-30T15:23+09:00 | 2024-06-21T12:25+09:00 |
| jvndb-2022-000022 | AttacheCase may insecurely load Dynamic Link Libraries | 2022-03-30T14:00+09:00 | 2024-06-21T11:42+09:00 |
| ID | Description | Updated |
|---|