Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-6w33-8qh2-c7jv | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-5884-m867-xg58 | Missing Authorization vulnerability in wpdive Better Elementor Addons allows Exploiting Incorrectly… | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-3wm7-jw5g-v3gq | Missing Authorization vulnerability in Emraan Cheema CubeWP allows Accessing Functionality Not Prop… | 2025-12-30T00:32:59Z | 2025-12-30T00:32:59Z |
| ghsa-ww9v-567h-hcvj | A security flaw has been discovered in code-projects Refugee Food Management System 1.0. Affected b… | 2025-12-30T00:32:58Z | 2025-12-30T00:32:59Z |
| ghsa-qwx9-mmhx-chg8 | Missing Authorization vulnerability in Crocoblock JetBlog allows Exploiting Incorrectly Configured … | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-p3hp-24mv-wr6w | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-m6vw-2qvg-8xgj | Authentication Bypass Using an Alternate Path or Channel vulnerability in Mobile Builder Mobile bui… | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-hfg8-jg35-3hqr | A vulnerability has been found in Campcodes Supplier Management System 1.0. Affected is an unknown … | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-cjpf-7pxx-hqc7 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-94f7-w8j3-ppqr | Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a W… | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-786g-jpf2-55wg | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-30T00:32:58Z | 2025-12-30T00:32:59Z |
| ghsa-4x3m-m7qg-rjvc | A flaw has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function… | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-29xr-58g9-8qfq | Authorization Bypass Through User-Controlled Key vulnerability in Crocoblock JetPopup allows Exploi… | 2025-12-30T00:32:58Z | 2025-12-30T00:32:58Z |
| ghsa-2844-9647-m4rw | Vulnerability in CodexThemes TheGem (Elementor), CodexThemes TheGem (WPBakery).This issue affects T… | 2025-12-30T00:32:58Z | 2025-12-30T00:32:59Z |
| ghsa-cffc-mxrf-mhh4 | Picklescan is vulnerable to RCE via missing detection when calling numpy.f2py.crackfortran.param_eval | 2025-12-29T22:44:26Z | 2025-12-29T22:44:27Z |
| ghsa-jv8r-hv7q-p6vc | phpMyFAQ has Stored XSS in user list via admin-managed display_name | 2025-12-29T22:12:35Z | 2025-12-31T22:13:13Z |
| ghsa-vvxf-wj5w-6gj5 | hemmelig allows SSRF Filter bypass via Secret Request functionality | 2025-12-29T21:31:04Z | 2025-12-29T21:31:04Z |
| ghsa-g3j9-h256-3c38 | A vulnerability was identified in code-projects Student File Management System 1.0. Affected by thi… | 2025-12-29T21:30:26Z | 2025-12-29T21:30:26Z |
| ghsa-wgr2-qr2w-94qw | givanz VvvebJs 1.7.2 suffers from a File Upload vulnerability via save.php. | 2025-12-29T21:30:25Z | 2025-12-29T21:30:25Z |
| ghsa-w5v4-r6mh-235c | A vulnerability in the SSH server of TP-Link TL-WR820N v2.80 allows the use of a weak cryptographic… | 2025-12-29T21:30:25Z | 2025-12-29T21:30:25Z |
| ghsa-w2wc-5vr8-f58p | A vulnerability has been found in SohuTV CacheCloud up to 3.2.0. This affects the function taskQueu… | 2025-12-29T21:30:25Z | 2025-12-29T21:30:25Z |
| ghsa-q38m-7hwc-v39w | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/d… | 2025-12-29T21:30:25Z | 2025-12-31T18:30:23Z |
| ghsa-m3w5-5pmv-9m9q | A vulnerability was determined in SohuTV CacheCloud up to 3.2.0. Affected is the function doQuartzL… | 2025-12-29T21:30:25Z | 2025-12-29T21:30:26Z |
| ghsa-frgf-2qjw-vqvw | A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon on KuWFi 4G LTE AC900 devices … | 2025-12-29T21:30:25Z | 2025-12-31T18:30:23Z |
| ghsa-cj98-23mv-wprf | givanz VvvebJs 1.7.2 is vulnerable to Directory Traversal via scan.php. | 2025-12-29T21:30:25Z | 2025-12-30T18:30:16Z |
| ghsa-c28f-cg8m-7xv9 | A vulnerability was found in SohuTV CacheCloud up to 3.2.0. This impacts the function index of the … | 2025-12-29T21:30:25Z | 2025-12-29T21:30:25Z |
| ghsa-5r6q-cg35-jr9q | A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side… | 2025-12-29T21:30:25Z | 2025-12-30T18:30:16Z |
| ghsa-2rqx-6v8j-7xmq | givanz VvvebJs 1.7.2 is vulnerable to Insecure File Upload. | 2025-12-29T21:30:25Z | 2025-12-29T21:30:25Z |
| ghsa-x6h4-24w5-wf3q | A security vulnerability has been detected in code-projects College Notes Uploading System 1.0. Imp… | 2025-12-29T21:30:24Z | 2025-12-29T21:30:24Z |
| ghsa-r87x-jm9x-rwc9 | The PixelYourSite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versi… | 2025-12-29T21:30:24Z | 2025-12-29T21:30:24Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-68499 | 6.5 (v3.1) | WordPress JetTabs plugin <= 2.2.12 - Cross Site Script… |
Crocoblock |
JetTabs |
2025-12-29T23:10:45.157Z | 2025-12-30T18:48:49.402Z |
| cve-2025-15209 | code-projects Refugee Food Management System editfood.… |
code-projects |
Refugee Food Management System |
2025-12-29T23:02:07.628Z | 2025-12-30T15:57:35.799Z | |
| cve-2025-15284 | 8.7 (v4.0) 7.5 (v3.1) | arrayLimit bypass in bracket notation allows DoS via m… |
|
|
2025-12-29T22:56:45.240Z | 2025-12-30T15:57:41.402Z |
| cve-2025-15208 | code-projects Refugee Food Management System editrefug… |
code-projects |
Refugee Food Management System |
2025-12-29T22:32:08.042Z | 2025-12-30T15:57:46.721Z | |
| cve-2025-15207 | Campcodes Supplier Management System view_products.php… |
Campcodes |
Supplier Management System |
2025-12-29T22:02:06.250Z | 2025-12-30T15:57:51.672Z | |
| cve-2025-15206 | Campcodes Supplier Management System add_area.php sql … |
Campcodes |
Supplier Management System |
2025-12-29T21:32:07.186Z | 2025-12-30T15:57:56.776Z | |
| cve-2025-68502 | 4.3 (v3.1) | WordPress JetPopup plugin <= 2.0.20.1 - Insecure Direc… |
Crocoblock |
JetPopup |
2025-12-29T21:16:55.539Z | 2025-12-29T21:16:55.539Z |
| cve-2025-68503 | 6.5 (v3.1) | WordPress JetBlog plugin <= 2.4.7 - Broken Access Cont… |
Crocoblock |
JetBlog |
2025-12-29T21:15:43.312Z | 2025-12-29T21:15:43.312Z |
| cve-2025-68504 | 6.5 (v3.1) | WordPress JetSearch plugin <= 3.5.16 - Cross Site Scri… |
Crocoblock |
JetSearch |
2025-12-29T21:14:40.576Z | 2025-12-30T15:50:12.903Z |
| cve-2025-68562 | 9.9 (v3.1) | WordPress MapSVG plugin <= 8.7.3 - Arbitrary File Uplo… |
RomanCode |
MapSVG |
2025-12-29T21:13:24.913Z | 2025-12-30T15:49:09.276Z |
| cve-2025-68607 | 6.5 (v3.1) | WordPress Custom Field Template plugin <= 2.7.5 - Cros… |
Hiroaki Miyashita |
Custom Field Template |
2025-12-29T21:10:50.618Z | 2025-12-30T15:48:23.658Z |
| cve-2025-68860 | 9.8 (v3.1) | WordPress Mobile builder plugin <= 1.4.2 - Broken Auth… |
Mobile Builder |
Mobile builder |
2025-12-29T21:08:56.358Z | 2025-12-30T15:47:43.775Z |
| cve-2025-15205 | code-projects Student File Management System download.… |
code-projects |
Student File Management System |
2025-12-29T21:02:06.928Z | 2025-12-30T15:58:03.924Z | |
| cve-2025-69205 | In µURU, a Specially Crafted Federation Name Allows Di… |
olell |
uURU |
2025-12-29T20:52:17.516Z | 2025-12-30T15:46:56.380Z | |
| cve-2025-15204 | SohuTV CacheCloud QuartzManageController.java doQuartz… |
SohuTV |
CacheCloud |
2025-12-29T20:32:06.147Z | 2025-12-30T15:58:09.878Z | |
| cve-2025-15203 | SohuTV CacheCloud ResourceController.java index cross … |
SohuTV |
CacheCloud |
2025-12-29T20:02:06.187Z | 2025-12-30T15:58:16.027Z | |
| cve-2025-15202 | SohuTV CacheCloud TaskController.java taskQueueList cr… |
SohuTV |
CacheCloud |
2025-12-29T19:32:06.804Z | 2025-12-30T15:58:21.861Z | |
| cve-2025-14175 | 6 (v4.0) | Weak Algorithm Support in SSH Server on TL-WR820N |
TP-Link Systems Inc. |
TL-WR820N v2.8 |
2025-12-29T19:31:23.473Z | 2025-12-29T19:31:23.473Z |
| cve-2025-69202 | axios-cache-interceptor Vulnerable to Cache Poisoning … |
arthurfiorette |
axios-cache-interceptor |
2025-12-29T19:13:27.880Z | 2025-12-30T22:25:39.052Z | |
| cve-2025-68431 | libheif has Potential Heap Buffer Over-Read |
strukturag |
libheif |
2025-12-29T19:09:54.628Z | 2025-12-30T22:26:20.374Z | |
| cve-2025-14728 | 6.8 (v3.1) | Rapid7 Velociraptor Directory Traversal Vulnerability |
Rapid7 |
Velociraptor |
2025-12-29T19:04:27.820Z | 2025-12-30T22:26:47.316Z |
| cve-2025-15201 | SohuTV CacheCloud WebResourceController.java redirectN… |
SohuTV |
CacheCloud |
2025-12-29T19:02:07.207Z | 2025-12-30T22:27:14.236Z | |
| cve-2025-15200 | SohuTV CacheCloud AppClientDataShowController.java doI… |
SohuTV |
CacheCloud |
2025-12-29T18:32:06.529Z | 2025-12-30T22:29:49.105Z | |
| cve-2025-13592 | Advanced Ads <= 2.0.14 - Authenticated (Editor+) Remot… |
monetizemore |
Advanced Ads – Ad Manager & AdSense |
2025-12-29T18:20:50.576Z | 2025-12-30T22:30:07.259Z | |
| cve-2025-14280 | PixelYourSite <= 11.1.5 - Sensitive Information Exposu… |
pixelyoursite |
PixelYourSite – Your smart PIXEL (TAG) & API Manager |
2025-12-29T18:20:49.929Z | 2025-12-30T22:30:31.768Z | |
| cve-2025-15199 | code-projects College Notes Uploading System userprofi… |
code-projects |
College Notes Uploading System |
2025-12-29T18:02:06.000Z | 2025-12-30T22:32:46.863Z | |
| cve-2025-15198 | code-projects College Notes Uploading System login.php… |
code-projects |
College Notes Uploading System |
2025-12-29T17:32:05.041Z | 2025-12-29T18:08:48.753Z | |
| cve-2025-55064 | 4.8 (v3.1) | Priority - CWE-79 Improper Neutralization of Input Dur… |
Priority |
Web |
2025-12-29T17:23:31.236Z | 2025-12-29T18:54:19.110Z |
| cve-2025-68861 | 7.1 (v3.1) | WordPress Plugin Optimizer plugin <= 1.3.7 - Broken Ac… |
Plugin Optimizer |
Plugin Optimizer |
2025-12-29T17:23:08.542Z | 2025-12-29T18:54:46.003Z |
| cve-2025-55063 | 4.8 (v3.1) | Priority - CWE-79 Improper Neutralization of Input Dur… |
Priority |
Web |
2025-12-29T17:19:52.718Z | 2025-12-29T18:00:32.074Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-15219 | SohuTV CacheCloud MachineManageController.java doPodLi… |
SohuTV |
CacheCloud |
2025-12-30T04:02:07.018Z | 2025-12-30T15:37:03.221Z | |
| cve-2025-15218 | Tenda AC10U POST Request Parameter AdvSetLanip fromadv… |
Tenda |
AC10U |
2025-12-30T03:32:08.254Z | 2025-12-30T15:37:55.493Z | |
| cve-2025-15217 | Tenda AC23 HTTP POST Request formSetPPTPUserList buffe… |
Tenda |
AC23 |
2025-12-30T03:02:07.501Z | 2025-12-30T18:45:25.252Z | |
| cve-2025-15216 | Tenda AC23 SetIpMacBind fromSetIpMacBind stack-based o… |
Tenda |
AC23 |
2025-12-30T02:32:08.203Z | 2025-12-30T18:45:52.248Z | |
| cve-2025-15215 | Tenda AC10U HTTP POST Request setPptpUserList formSetP… |
Tenda |
AC10U |
2025-12-30T02:02:08.414Z | 2025-12-30T18:46:13.307Z | |
| cve-2025-69235 | N/A | Whale browser before 4.35.351.12 allows an attack… |
NAVER |
NAVER Whale browser |
2025-12-30T01:22:57.770Z | 2025-12-31T17:15:35.598Z |
| cve-2025-69234 | N/A | Whale browser before 4.35.351.12 allows an attack… |
NAVER |
NAVER Whale browser |
2025-12-30T01:18:05.718Z | 2025-12-31T17:17:34.260Z |
| cve-2025-15214 | Campcodes Park Ticketing System admin_class.php save_p… |
Campcodes |
Park Ticketing System |
2025-12-30T01:32:07.496Z | 2025-12-30T18:46:38.082Z | |
| cve-2025-69217 | Coturn has unsafe nonce and relay port randomization d… |
coturn |
coturn |
2025-12-30T00:41:18.792Z | 2025-12-30T15:57:25.040Z | |
| cve-2025-15213 | code-projects Student File Management System File Down… |
code-projects |
Student File Management System |
2025-12-30T01:02:07.571Z | 2025-12-30T18:47:10.060Z | |
| cve-2025-15212 | code-projects Refugee Food Management System regfood.p… |
code-projects |
Refugee Food Management System |
2025-12-30T00:32:06.172Z | 2025-12-30T18:47:27.338Z | |
| cve-2025-15211 | code-projects Refugee Food Management System refugee.p… |
code-projects |
Refugee Food Management System |
2025-12-30T00:02:07.439Z | 2025-12-30T18:47:48.669Z | |
| cve-2025-68499 | 6.5 (v3.1) | WordPress JetTabs plugin <= 2.2.12 - Cross Site Script… |
Crocoblock |
JetTabs |
2025-12-29T23:10:45.157Z | 2025-12-30T18:48:49.402Z |
| cve-2025-68498 | 6.5 (v3.1) | WordPress JetTabs plugin <= 2.2.12 - Broken Access Con… |
Crocoblock |
JetTabs |
2025-12-29T23:13:35.444Z | 2025-12-30T18:48:36.471Z |
| cve-2025-68120 | N/A | Unexpected untrusted code execution in github.com/gola… |
github.com/golang/vscode-go |
github.com/golang/vscode-go |
2025-12-29T23:46:52.451Z | 2025-12-30T16:05:04.576Z |
| cve-2025-68040 | 6.5 (v3.1) | WordPress WP Project Manager plugin <= 3.0.1 - Sensiti… |
weDevs |
WP Project Manager |
2025-12-29T23:25:11.382Z | 2025-12-30T15:53:32.540Z |
| cve-2025-68036 | 7.5 (v3.1) | WordPress CubeWP plugin <= 1.1.27 - Broken Access Cont… |
Emraan Cheema |
CubeWP |
2025-12-29T23:26:17.386Z | 2025-12-30T15:54:23.634Z |
| cve-2025-23554 | 7.1 (v3.1) | WordPress Off Page SEO plugin <= 3.0.3 - Reflected Cro… |
Jakub Glos |
Off Page SEO |
2025-12-29T23:51:32.627Z | 2025-12-30T18:48:17.168Z |
| cve-2025-23550 | 7.1 (v3.1) | WordPress Product Puller plugin <= 1.5.1 - Reflected C… |
Kemal YAZICI |
Product Puller |
2025-12-29T23:50:08.713Z | 2025-12-30T15:57:24.653Z |
| cve-2025-23469 | 7.1 (v3.1) | WordPress Sleekplan plugin <= 0.2.0 - Reflected Cross … |
Sleekplan |
Sleekplan |
2025-12-29T23:48:36.314Z | 2025-12-30T15:56:45.138Z |
| cve-2025-23458 | 7.1 (v3.1) | WordPress Ads24 Lite plugin <= 1.0 - Reflected Cross S… |
Rakessh |
Ads24 Lite |
2025-12-29T23:32:44.943Z | 2025-12-30T15:55:57.059Z |
| cve-2025-15210 | code-projects Refugee Food Management System editrefug… |
code-projects |
Refugee Food Management System |
2025-12-29T23:32:06.391Z | 2025-12-30T15:57:30.764Z | |
| cve-2023-41656 | 5.4 (v3.1) | WordPress Better Elementor Addons plugin <= 1.3.7 - Br… |
wpdive |
Better Elementor Addons |
2025-12-29T23:22:27.926Z | 2025-12-30T15:52:40.995Z |
| cve-2023-32238 | 5.4 (v3.1) | WordPress TheGem theme < 5.8.1.1 - Broken Access Contr… |
CodexThemes |
TheGem (Elementor) |
2025-12-29T23:18:54.834Z | 2025-12-30T15:51:44.200Z |
| cve-2025-15284 | 8.7 (v4.0) 7.5 (v3.1) | arrayLimit bypass in bracket notation allows DoS via m… |
|
|
2025-12-29T22:56:45.240Z | 2025-12-30T15:57:41.402Z |
| cve-2025-15209 | code-projects Refugee Food Management System editfood.… |
code-projects |
Refugee Food Management System |
2025-12-29T23:02:07.628Z | 2025-12-30T15:57:35.799Z | |
| cve-2025-15208 | code-projects Refugee Food Management System editrefug… |
code-projects |
Refugee Food Management System |
2025-12-29T22:32:08.042Z | 2025-12-30T15:57:46.721Z | |
| cve-2025-68860 | 9.8 (v3.1) | WordPress Mobile builder plugin <= 1.4.2 - Broken Auth… |
Mobile Builder |
Mobile builder |
2025-12-29T21:08:56.358Z | 2025-12-30T15:47:43.775Z |
| cve-2025-68607 | 6.5 (v3.1) | WordPress Custom Field Template plugin <= 2.7.5 - Cros… |
Hiroaki Miyashita |
Custom Field Template |
2025-12-29T21:10:50.618Z | 2025-12-30T15:48:23.658Z |
| cve-2025-68562 | 9.9 (v3.1) | WordPress MapSVG plugin <= 8.7.3 - Arbitrary File Uplo… |
RomanCode |
MapSVG |
2025-12-29T21:13:24.913Z | 2025-12-30T15:49:09.276Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-0000-amazon-inspector-25e710261901e3db | Malicious code in libxmljsololos (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-16f81b34db67e90a | Malicious code in fadafas3 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-05c16f1e142ae07e | Malicious code in elf-stats-jolly-hammer-980 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-02d94d098b5e5e55 | Malicious code in elf-stats-ember-stockpile-448 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192467 | Malicious code in gxzip (PyPI) | 2025-12-10T22:53:31Z | 2025-12-11T17:12:53Z |
| mal-0000-kam193-8e0dd8700d5267b8 | Malicious code in gxzip (PyPI) | 2025-12-10T22:53:31Z | 2025-12-10T22:53:31Z |
| mal-2025-192437 | Malicious code in netbenchkit (PyPI) | 2025-12-10T18:33:52Z | 2025-12-31T02:45:15Z |
| mal-0000-kam193-2803ab0a8efcb881 | Malicious code in netbenchkit (PyPI) | 2025-12-10T18:33:52Z | 2025-12-10T18:33:52Z |
| mal-2025-192438 | Malicious code in synium (PyPI) | 2025-12-10T18:29:17Z | 2025-12-31T02:45:16Z |
| mal-0000-kam193-eb09648d942b8841 | Malicious code in synium (PyPI) | 2025-12-10T18:29:17Z | 2025-12-10T18:29:17Z |
| mal-2025-192436 | Malicious code in jsonschema-utf8 (PyPI) | 2025-12-10T17:39:08Z | 2025-12-31T02:45:15Z |
| mal-0000-kam193-bae3458837c96ae1 | Malicious code in jsonschema-utf8 (PyPI) | 2025-12-10T17:39:08Z | 2025-12-10T17:39:08Z |
| mal-2025-192435 | Malicious code in loguru-utf8 (PyPI) | 2025-12-10T17:02:23Z | 2025-12-10T19:38:07Z |
| mal-2025-192434 | Malicious code in @cheqplease/structured-logger (npm) | 2025-12-10T16:58:18Z | 2025-12-12T01:54:52Z |
| mal-2025-192433 | Malicious code in mws-common-ui (npm) | 2025-12-10T13:07:26Z | 2025-12-23T18:26:16Z |
| mal-2025-192431 | Malicious code in ctosec-appsec-wb-xray-adapters (PyPI) | 2025-12-10T08:58:53Z | 2025-12-11T09:27:52Z |
| mal-0000-kam193-eec8ca2ce80b1b74 | Pentesting or research code in ctosec-appsec-wb-xray-adapters (PyPI) | 2025-12-10T08:58:53Z | 2025-12-11T01:44:25Z |
| mal-0000-kam193-061246f4741a2589 | Pentesting or research code in ctosec-appsec-wb-xray-adapters (PyPI) | 2025-12-10T08:58:53Z | 2025-12-11T01:57:28Z |
| mal-2025-192432 | Malicious code in kzip (PyPI) | 2025-12-10T08:56:08Z | 2025-12-11T17:12:53Z |
| mal-2025-192430 | Malicious code in bigpyx (PyPI) | 2025-12-10T08:44:43Z | 2025-12-31T02:45:15Z |
| mal-0000-kam193-4377653ca69c53a9 | Malicious code in bigpyx (PyPI) | 2025-12-10T08:44:43Z | 2025-12-10T08:44:43Z |
| mal-2025-192423 | Malicious code in vue2-amis-custom-widget-pro (npm) | 2025-12-10T04:05:56Z | 2025-12-23T17:25:04Z |
| mal-2025-192429 | Malicious code in yunxohang3 (npm) | 2025-12-10T04:03:49Z | 2025-12-23T18:26:18Z |
| mal-2025-192428 | Malicious code in yunxoahng2 (npm) | 2025-12-10T03:55:40Z | 2025-12-23T18:26:18Z |
| mal-2025-192422 | Malicious code in real-time-tweet-streamer (npm) | 2025-12-10T03:13:39Z | 2025-12-10T21:09:39Z |
| mal-2025-192420 | Malicious code in near-fast-auth-signer (npm) | 2025-12-10T03:05:03Z | 2025-12-10T21:09:38Z |
| mal-2025-192421 | Malicious code in vue2-amis-custom-widget123 (npm) | 2025-12-10T02:40:38Z | 2025-12-10T21:09:40Z |
| mal-2025-192414 | Malicious code in mongo-decimal (npm) | 2025-12-10T01:58:41Z | 2025-12-10T21:09:38Z |
| mal-2025-192413 | Malicious code in modules-runtime (npm) | 2025-12-10T01:58:41Z | 2025-12-10T21:09:38Z |
| mal-2025-192412 | Malicious code in meteor-developer-oauth (npm) | 2025-12-10T01:58:41Z | 2025-12-10T21:09:38Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:16160 | Red Hat Security Advisory: OpenShift Container Platform 4.15.58 bug fix and security update | 2025-09-25T08:35:24+00:00 | 2025-11-29T06:53:14+00:00 |
| rhsa-2025:16161 | Red Hat Security Advisory: OpenShift Container Platform 4.15.58 security and extras update | 2025-09-25T07:53:49+00:00 | 2025-11-29T00:08:56+00:00 |
| rhsa-2025:16165 | Red Hat Security Advisory: OpenShift Container Platform 4.14.57 bug fix and security update | 2025-09-25T04:42:04+00:00 | 2025-11-29T06:53:13+00:00 |
| rhsa-2025:16166 | Red Hat Security Advisory: OpenShift Container Platform 4.14.57 security and extras update | 2025-09-25T04:00:42+00:00 | 2025-11-21T23:04:37+00:00 |
| rhsa-2025:16669 | Red Hat Security Advisory: kernel security update | 2025-09-25T00:40:46+00:00 | 2025-11-21T19:27:20+00:00 |
| rhsa-2025:16667 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.15 security update | 2025-09-25T00:09:21+00:00 | 2025-11-27T17:36:44+00:00 |
| rhsa-2025:16668 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.12 on RHEL 7 security update | 2025-09-25T00:09:06+00:00 | 2025-11-27T17:36:44+00:00 |
| rhsa-2025:16592 | Red Hat Security Advisory: cups security update | 2025-09-24T16:34:55+00:00 | 2025-11-26T15:30:26+00:00 |
| rhsa-2025:16591 | Red Hat Security Advisory: cups security update | 2025-09-24T15:50:17+00:00 | 2025-11-26T15:30:27+00:00 |
| rhsa-2025:16590 | Red Hat Security Advisory: cups security update | 2025-09-24T15:40:20+00:00 | 2025-11-26T15:30:30+00:00 |
| rhsa-2025:16595 | Red Hat Security Advisory: VolSync v0.13 security fixes and container updates | 2025-09-24T15:33:41+00:00 | 2025-11-29T06:53:11+00:00 |
| rhsa-2025:16589 | Red Hat Security Advisory: thunderbird security update | 2025-09-24T14:11:45+00:00 | 2025-11-21T19:27:12+00:00 |
| rhsa-2025:16583 | Red Hat Security Advisory: kpatch-patch-4_18_0-477_67_1, kpatch-patch-4_18_0-477_81_1, kpatch-patch-4_18_0-477_89_1, and kpatch-patch-4_18_0-477_97_1 security update | 2025-09-24T13:10:55+00:00 | 2025-11-28T17:34:04+00:00 |
| rhsa-2025:16582 | Red Hat Security Advisory: kpatch-patch-4_18_0-553_16_1, kpatch-patch-4_18_0-553_30_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, and kpatch-patch-4_18_0-553_72_1 security update | 2025-09-24T13:06:20+00:00 | 2025-11-28T17:34:03+00:00 |
| rhsa-2025:16580 | Red Hat Security Advisory: kpatch-patch-4_18_0-372_118_1, kpatch-patch-4_18_0-372_131_1, kpatch-patch-4_18_0-372_137_1, and kpatch-patch-4_18_0-372_145_1 security update | 2025-09-24T12:53:25+00:00 | 2025-11-28T17:34:05+00:00 |
| rhsa-2025:16538 | Red Hat Security Advisory: kpatch-patch-5_14_0-570_17_1 security update | 2025-09-24T00:37:28+00:00 | 2025-11-28T17:33:58+00:00 |
| rhsa-2025:16540 | Red Hat Security Advisory: kpatch-patch-5_14_0-427_31_1, kpatch-patch-5_14_0-427_44_1, kpatch-patch-5_14_0-427_55_1, kpatch-patch-5_14_0-427_68_2, and kpatch-patch-5_14_0-427_84_1 security update | 2025-09-24T00:31:03+00:00 | 2025-11-28T17:34:01+00:00 |
| rhsa-2025:16541 | Red Hat Security Advisory: kpatch-patch-5_14_0-70_112_1, kpatch-patch-5_14_0-70_121_1, kpatch-patch-5_14_0-70_124_1, and kpatch-patch-5_14_0-70_132_1 security update | 2025-09-24T00:22:33+00:00 | 2025-11-28T17:34:02+00:00 |
| rhsa-2025:16539 | Red Hat Security Advisory: kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 security update | 2025-09-24T00:22:33+00:00 | 2025-11-28T17:34:06+00:00 |
| rhsa-2025:16514 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Container Release Update | 2025-09-23T21:34:31+00:00 | 2025-11-21T19:27:05+00:00 |
| rhsa-2025:16535 | Red Hat Security Advisory: OpenShift Container Platform 4.19 ztp-site-generate container | 2025-09-23T21:08:55+00:00 | 2025-11-21T23:04:40+00:00 |
| rhsa-2025:16534 | Red Hat Security Advisory: OpenShift Container Platform 4.12 ztp-site-generate container | 2025-09-23T21:08:07+00:00 | 2025-11-29T00:08:57+00:00 |
| rhsa-2025:16530 | Red Hat Security Advisory: OpenShift Container Platform 4.18 ztp-site-generate container | 2025-09-23T21:00:41+00:00 | 2025-11-29T00:09:00+00:00 |
| rhsa-2025:16529 | Red Hat Security Advisory: OpenShift Container Platform 4.17 ztp-site-generate container | 2025-09-23T20:50:52+00:00 | 2025-11-29T00:08:56+00:00 |
| rhsa-2025:16527 | Red Hat Security Advisory: OpenShift Container Platform 4.16 ztp-site-generate container | 2025-09-23T20:37:14+00:00 | 2025-11-29T00:08:56+00:00 |
| rhsa-2025:16526 | Red Hat Security Advisory: OpenShift Container Platform 4.14 ztp-site-generate container | 2025-09-23T19:55:07+00:00 | 2025-11-29T00:08:56+00:00 |
| rhsa-2025:16524 | Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage | 2025-09-23T19:28:34+00:00 | 2025-11-25T10:22:49+00:00 |
| rhsa-2025:16515 | Red Hat Security Advisory: container-tools:rhel8 security update | 2025-09-23T18:32:48+00:00 | 2025-11-21T19:27:07+00:00 |
| rhsa-2025:16487 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update | 2025-09-23T18:04:58+00:00 | 2025-11-21T19:27:05+00:00 |
| rhsa-2025:16488 | Red Hat Security Advisory: podman security update | 2025-09-23T16:48:17+00:00 | 2025-11-21T19:27:05+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-39942 | ksmbd: smbdirect: verify remaining_data_length respects max_fragmented_recv_size | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:17.000Z |
| msrc_cve-2025-39940 | dm-stripe: fix a possible integer overflow | 2025-10-02T00:00:00.000Z | 2025-12-07T01:38:08.000Z |
| msrc_cve-2025-39938 | ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:11.000Z |
| msrc_cve-2025-39937 | net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:37.000Z |
| msrc_cve-2025-39934 | drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:01.000Z |
| msrc_cve-2025-39933 | smb: client: let recv_done verify data_offset, data_length and remaining_data_length | 2025-10-02T00:00:00.000Z | 2025-10-05T01:03:08.000Z |
| msrc_cve-2025-39932 | smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work) | 2025-10-02T00:00:00.000Z | 2025-12-07T01:37:57.000Z |
| msrc_cve-2025-39931 | crypto: af_alg - Set merge to zero early in af_alg_sendmsg | 2025-10-02T00:00:00.000Z | 2025-10-05T01:03:19.000Z |
| msrc_cve-2025-39929 | smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:06.000Z |
| msrc_cve-2025-39927 | ceph: fix race condition validating r_parent before applying state | 2025-10-02T00:00:00.000Z | 2025-12-12T01:01:37.000Z |
| msrc_cve-2025-39925 | can: j1939: implement NETDEV_UNREGISTER notification handler | 2025-10-02T00:00:00.000Z | 2025-12-16T01:37:16.000Z |
| msrc_cve-2025-39923 | dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:11.000Z |
| msrc_cve-2025-39920 | pcmcia: Add error handling for add_interval() in do_validate_mem() | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:50.000Z |
| msrc_cve-2025-39916 | mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters() | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:03.000Z |
| msrc_cve-2025-39914 | tracing: Silence warning when chunk allocation fails in trace_pid_write | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:27.000Z |
| msrc_cve-2025-39913 | tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:55.000Z |
| msrc_cve-2025-39911 | i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:45.000Z |
| msrc_cve-2025-39910 | mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc() | 2025-10-02T00:00:00.000Z | 2025-10-02T01:06:52.000Z |
| msrc_cve-2025-39909 | mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() | 2025-10-02T00:00:00.000Z | 2025-10-02T01:06:47.000Z |
| msrc_cve-2025-39907 | mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer | 2025-10-02T00:00:00.000Z | 2025-10-02T01:08:00.000Z |
| msrc_cve-2025-39905 | net: phylink: add lock for serializing concurrent pl->phydev writes with resolver | 2025-10-02T00:00:00.000Z | 2025-12-15T14:36:33.000Z |
| msrc_cve-2025-39902 | mm/slub: avoid accessing metadata when pointer is invalid in object_err() | 2025-10-02T00:00:00.000Z | 2025-10-02T01:06:58.000Z |
| msrc_cve-2025-39901 | i40e: remove read access to debugfs files | 2025-10-02T00:00:00.000Z | 2025-12-15T14:36:28.000Z |
| msrc_cve-2025-39898 | e1000e: fix heap overflow in e1000_set_eeprom | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:22.000Z |
| msrc_cve-2025-39895 | sched: Fix sched_numa_find_nth_cpu() if mask offline | 2025-10-02T00:00:00.000Z | 2025-10-02T01:06:30.000Z |
| msrc_cve-2025-39891 | wifi: mwifiex: Initialize the chan_stats array to zero | 2025-10-02T00:00:00.000Z | 2025-10-02T01:06:37.000Z |
| msrc_cve-2025-37727 | Elasticsearch Insertion of sensitive information in log file | 2025-10-02T00:00:00.000Z | 2025-10-11T01:03:07.000Z |
| msrc_cve-2025-12464 | Qemu-kvm: stack buffer overflow in e1000 device via short frames in loopback mode | 2025-10-02T00:00:00.000Z | 2025-12-07T01:46:15.000Z |
| msrc_cve-2025-12105 | Libsoup: heap use-after-free in libsoup message queue handling during http/2 read completion | 2025-10-02T00:00:00.000Z | 2025-12-24T01:38:08.000Z |
| msrc_cve-2025-12060 | Keras keras.utils.get_file Utility Path Traversal Vulnerability | 2025-10-02T00:00:00.000Z | 2025-11-01T01:01:19.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2022-002143 | Information Disclosure Vulnerability in Hitachi Automation Director and Hitachi Ops Center Automator | 2022-08-01T17:10+09:00 | 2022-08-01T17:10+09:00 |
| jvndb-2022-000056 | Multiple vulnerabilities in Nintendo Wi-Fi Network Adaptor WAP-001 | 2022-07-29T13:43+09:00 | 2024-06-14T16:27+09:00 |
| jvndb-2022-000061 | "JustSystems JUST Online Update for J-License" starts a program with an unquoted file path | 2022-07-28T13:40+09:00 | 2022-07-28T13:40+09:00 |
| jvndb-2022-000060 | "Hulu" App for iOS vulnerable to improper server certificate verification | 2022-07-28T09:51+09:00 | 2024-06-14T12:25+09:00 |
| jvndb-2022-000059 | "Hulu" App for Android uses a hard-coded API key for an external service | 2022-07-28T09:14+09:00 | 2024-06-14T14:42+09:00 |
| jvndb-2022-000057 | WordPress Plugin "Newsletter" vulnerable to cross-site scripting | 2022-07-25T14:30+09:00 | 2024-06-18T11:21+09:00 |
| jvndb-2022-000058 | Multiple vulnerabilities in untangle | 2022-07-25T14:18+09:00 | 2024-06-17T11:03+09:00 |
| jvndb-2022-000055 | Booked vulnerable to open redirect | 2022-07-22T13:40+09:00 | 2024-06-14T17:43+09:00 |
| jvndb-2022-000054 | Multiple vulnerabilities in Cybozu Office | 2022-07-20T17:28+09:00 | 2024-06-14T14:02+09:00 |
| jvndb-2022-002017 | U-Boot squashfs filesystem implementation vulnerable to heap-based buffer overflow | 2022-07-14T15:59+09:00 | 2024-06-14T17:53+09:00 |
| jvndb-2022-000053 | Django Extract and Trunc functions vulnerable to SQL injection | 2022-07-12T13:47+09:00 | 2024-06-18T11:57+09:00 |
| jvndb-2022-000052 | Passage Drive vulnerable to insufficient data verification | 2022-07-08T13:42+09:00 | 2024-06-14T17:48+09:00 |
| jvndb-2022-000051 | Multiple vulnerabilities in Cybozu Garoon | 2022-07-04T14:17+09:00 | 2024-06-17T16:49+09:00 |
| jvndb-2022-000050 | LiteCart vulnerable to cross-site scripting | 2022-07-04T14:12+09:00 | 2024-06-17T10:39+09:00 |
| jvndb-2022-000049 | HOME SPOT CUBE2 vulnerable to OS command injection | 2022-06-29T13:42+09:00 | 2024-06-17T10:45+09:00 |
| jvndb-2022-000048 | L2Blocker Sensor setup screen vulnerable to authentication bypass | 2022-06-24T14:21+09:00 | 2024-06-18T10:45+09:00 |
| jvndb-2022-000047 | web2py vulnerable to open redirect | 2022-06-23T14:21+09:00 | 2024-06-18T10:48+09:00 |
| jvndb-2022-000046 | Gitlab vulnerable to server-side request forgery | 2022-06-17T12:26+09:00 | 2024-06-20T15:39+09:00 |
| jvndb-2022-001953 | Growi vulnerable to weak password requirements | 2022-06-15T17:47+09:00 | 2022-06-15T17:47+09:00 |
| jvndb-2022-000045 | FreeBSD vulnerable to denial-of-service (DoS) | 2022-06-15T12:28+09:00 | 2024-06-13T16:31+09:00 |
| jvndb-2022-000044 | Cisco Catalyst 2940 Series Switches vulnerable to cross-site scripting | 2022-06-14T13:46+09:00 | 2024-06-18T10:51+09:00 |
| jvndb-2022-000043 | SHIRASAGI vulnerable to cross-site scripting | 2022-06-09T13:31+09:00 | 2024-06-18T11:13+09:00 |
| jvndb-2022-001948 | Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service | 2022-06-03T12:17+09:00 | 2024-06-18T16:30+09:00 |
| jvndb-2022-000042 | T&D Data Server and THERMO RECORDER DATA SERVER contain a directory traversal vulnerability. | 2022-06-01T16:12+09:00 | 2024-06-18T10:34+09:00 |
| jvndb-2022-000041 | WordPress Plugin "Modern Events Calendar Lite" vulnerable to cross-site scripting | 2022-06-01T13:39+09:00 | 2024-06-18T10:42+09:00 |
| jvndb-2022-000039 | RevoWorks incomplete filtering of MS Office v4 macros | 2022-05-27T16:09+09:00 | 2024-06-18T16:31+09:00 |
| jvndb-2022-000040 | Mobaoku-Auction & Flea Market App for iOS vulnerable to improper server certificate verification | 2022-05-27T15:48+09:00 | 2024-06-18T11:06+09:00 |
| jvndb-2022-001929 | Multiple vulnerabilities in Fuji Electric V-SFT | 2022-05-27T15:39+09:00 | 2024-06-18T13:44+09:00 |
| jvndb-2022-001931 | Multiple vulnerabilities in Fuji Electric V-SFT, V-Server and V-Server Lite | 2022-05-27T15:37+09:00 | 2024-06-18T16:28+09:00 |
| jvndb-2022-001923 | Multiple vulnerabilities in CONTEC SolarView Compact | 2022-05-27T15:28+09:00 | 2024-06-20T11:34+09:00 |
| ID | Description | Updated |
|---|