Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-q6x7-qqgq-h832 | The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions … | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-mrqj-5x6c-fvcx | The The Events Calendar plugin for WordPress is vulnerable to blind SQL Injection via the 's' param… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-hvcm-6j9r-922f | Rejected reason: Not used | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-gx3m-376p-9g95 | Rejected reason: Not used | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-fx86-2vc6-jxpq | Out-of-bounds write in handling opcode in fingerprint trustlet prior to SMR Nov-2025 Release 1 allo… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-fwpv-8w5r-6h2x | The SMS for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the … | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-ch23-x532-vgwg | The ElementInvader Addons for Elementor WordPress plugin before 1.4.1 allows unauthenticated user t… | 2025-11-05T06:30:25Z | 2025-11-05T21:31:01Z |
| ghsa-c798-f247-mv6f | Out-of-bounds write in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attacke… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-9r3j-gc74-fvx7 | Insecure default configuration in USB connection mode prior to SMR Nov-2025 Release 1 allows privil… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-93gj-8p48-h7f8 | The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restrictio… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-8jg3-f28x-33h3 | The FunnelKit WordPress plugin before 3.12.0.1 does not sanitize user input before echoing it back… | 2025-11-05T06:30:25Z | 2025-11-05T21:31:01Z |
| ghsa-8652-4qrv-r8hp | Rejected reason: Not used | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-6p65-2966-2gj7 | Rejected reason: Not used | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-57cg-g95j-25q3 | Out-of-bounds read in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attacker… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-49q4-53vc-m8p9 | The MelAbu WP Download Counter Button WordPress plugin through 1.8.6.7 does not validate the path o… | 2025-11-05T06:30:25Z | 2025-11-05T21:31:01Z |
| ghsa-4245-33hh-r4j6 | Rejected reason: Not used | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-99pj-8225-q39g | The Features plugin for WordPress is vulnerable to unauthorized modification of data due to a missi… | 2025-11-05T03:30:24Z | 2025-11-05T03:30:24Z |
| ghsa-6wgh-rvcx-89g9 | The Everest Forms (Pro) plugin for WordPress is vulnerable to PHP Object Injection in all versions … | 2025-11-05T03:30:24Z | 2025-11-05T03:30:24Z |
| ghsa-jc85-fpwf-qm7x | expr-eval does not restrict functions passed to the evaluate function | 2025-11-05T03:30:23Z | 2025-11-10T19:06:03Z |
| ghsa-xmpw-v77r-v8qg | CVE-2025-59595 is an internally discovered denial of service vulnerability in versions of Secure A… | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ghsa-v5rq-p42m-gh9q | Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer overflow while processing a … | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ghsa-r879-mf96-p9qf | CVE-2025-59596 is a denial-of-service vulnerability in Secure Access Windows client versions 12.0 … | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ghsa-ph8v-q2pj-5pg4 | Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the upda… | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ghsa-h64p-rwjv-9xcw | A maliciously crafted project file may cause a heap-based buffer overflow in Fuji Electric Monito… | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ghsa-xh2h-xr83-rv32 | An issue was discovered in the Secure Boot component in Samsung Mobile Processor and Wearable Proce… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:33Z |
| ghsa-x7cq-fpc4-629v | Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibe… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-x649-8g7w-vfq7 | Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibe… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-q7rw-xpv8-759x | An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 10… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-mc8g-h5jq-wxvm | An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-jpjx-vf8p-rx6j | An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem. Mishandling of … | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-64458 | Potential denial-of-service vulnerability in HttpRespo… |
djangoproject |
Django |
2025-11-05T15:07:17.031Z | 2025-11-05T16:20:57.265Z | |
| cve-2025-47151 | A type confusion vulnerability exists in the lass… |
Entr'ouvert |
Lasso |
2025-11-05T14:57:01.436Z | 2025-11-05T22:35:15.897Z | |
| cve-2025-46404 | A denial of service vulnerability exists in the l… |
Entr'ouvert |
Lasso |
2025-11-05T14:56:59.671Z | 2025-11-05T22:36:18.932Z | |
| cve-2025-46784 | A denial of service vulnerability exists in the l… |
Entr'ouvert |
Lasso |
2025-11-05T14:56:57.782Z | 2025-11-05T22:34:21.323Z | |
| cve-2025-46705 | A denial of service vulnerability exists in the g… |
Entr'ouvert |
Lasso |
2025-11-05T14:56:55.535Z | 2025-11-05T22:36:34.501Z | |
| cve-2025-3125 | 6.7 (v3.1) | Authenticated Arbitrary File Upload in Multiple WSO2 P… |
WSO2 |
WSO2 Identity Server |
2025-11-05T14:49:44.597Z | 2025-11-05T18:59:01.426Z |
| cve-2025-52602 | 4.2 (v3.1) | HCL BigFix Query is affected by a sensitive informatio… |
HCL Software |
BigFix Query |
2025-11-05T14:46:46.537Z | 2025-11-05T18:58:08.387Z |
| cve-2025-11745 | Ad Inserter <= 2.8.7 - Authenticated (Contributor+) St… |
spacetime |
Ad Inserter – Ad Manager & AdSense Ads |
2025-11-05T11:24:40.781Z | 2025-11-05T11:24:40.781Z | |
| cve-2025-12497 | Premium Portfolio Features for Phlox theme <= 2.3.10 -… |
averta |
Premium Portfolio Features for Phlox theme |
2025-11-05T11:24:40.177Z | 2025-11-05T15:03:20.522Z | |
| cve-2025-12192 | The Events Calendar <= 6.15.9 - Sysinfo Key Incorrect … |
stellarwp |
The Events Calendar |
2025-11-05T09:27:40.562Z | 2025-11-05T15:15:28.224Z | |
| cve-2025-12469 | FunnelKit Automations – Email Marketing Automation and… |
amans2k |
FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce |
2025-11-05T09:27:40.199Z | 2025-11-05T15:39:59.784Z | |
| cve-2025-11987 | Visual Link Preview <= 2.2.7 - Authenticated (Contribu… |
brechtvds |
Visual Link Preview |
2025-11-05T09:27:39.799Z | 2025-11-05T15:43:22.991Z | |
| cve-2025-12468 | FunnelKit Automations – Email Marketing Automation and… |
amans2k |
FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce |
2025-11-05T09:27:39.398Z | 2025-11-05T15:43:54.382Z | |
| cve-2025-11820 | Graphina – Elementor Charts and Graphs <= 3.1.8 - Auth… |
iqonicdesign |
Graphina – Charts and Graphs For Elementor |
2025-11-05T09:27:38.778Z | 2025-11-05T15:44:24.788Z | |
| cve-2025-58337 | Apache Doris-MCP-Server: Improper Access Control resul… |
Apache Software Foundation |
Apache Doris-MCP-Server |
2025-11-05T09:26:36.573Z | 2025-11-06T15:55:05.901Z | |
| cve-2025-55108 | 9.5 (v4.0) 10 (v3.1) | BMC Control-M/Agent default configuration does not enf… |
BMC |
Control-M/Agent |
2025-11-05T09:07:29.915Z | 2025-11-06T04:55:31.161Z |
| cve-2025-10622 | 8 (v3.1) | Foreman: os command injection via ct_location and fcct… |
Red Hat |
Red Hat Satellite 6.15 for RHEL 8 |
2025-11-05T07:32:14.390Z | 2025-11-06T21:06:37.850Z |
| cve-2025-12675 | KiotViet Sync <= 1.8.5 - Missing Authorization to Auth… |
mykiot |
KiotViet Sync |
2025-11-05T07:27:56.886Z | 2025-11-05T14:13:37.640Z | |
| cve-2025-12676 | KiotViet Sync <= 1.8.5 - Use of Hard-coded Password to… |
mykiot |
KiotViet Sync |
2025-11-05T07:27:56.492Z | 2025-11-05T14:20:41.378Z | |
| cve-2025-12674 | KiotViet Sync <= 1.8.5 - Unauthenticated Arbitrary Fil… |
mykiot |
KiotViet Sync |
2025-11-05T07:27:56.065Z | 2025-11-05T14:21:06.844Z | |
| cve-2025-12677 | KiotViet Sync <= 1.8.5 - Unauthenticated Webhook Key E… |
mykiot |
KiotViet Sync |
2025-11-05T07:27:55.399Z | 2025-11-05T14:21:40.476Z | |
| cve-2025-12384 | Document Embedder – Embed PDFs, Word, Excel, and Other… |
bplugins |
Document Embedder – Embed PDFs, Word, Excel, and Other Files |
2025-11-05T06:35:02.300Z | 2025-11-05T14:22:37.337Z | |
| cve-2025-12388 | B Carousel Block – Responsive Image and Content Carous… |
bplugins |
Carousel Block – Responsive Image and Content Carousel |
2025-11-05T06:35:01.390Z | 2025-11-05T14:23:30.683Z | |
| cve-2025-11373 | Popup and Slider Builder by Depicter – Add Email colle… |
averta |
Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel |
2025-11-05T06:35:00.978Z | 2025-11-05T14:24:11.253Z | |
| cve-2025-12139 | File Manager for Google Drive – Integrate Google Drive… |
princeahmed |
File Manager for Google Drive – Integrate Google Drive |
2025-11-05T06:35:00.585Z | 2025-11-05T14:35:34.262Z | |
| cve-2025-11917 | WPeMatico RSS Feed Fetcher <= 2.8.11 - Authenticated (… |
etruel |
WPeMatico RSS Feed Fetcher |
2025-11-05T06:34:59.886Z | 2025-11-05T15:45:19.848Z | |
| cve-2025-62225 | 6.7 (v3.0) 8.4 (v4.0) | Optical Disc Archive Software provided by Sony Co… |
Sony Corporation |
Optical Disc Archive Software (for Windows) |
2025-11-05T06:19:44.575Z | 2025-11-05T16:42:44.405Z |
| cve-2025-64151 | 6.7 (v3.0) 8.4 (v4.0) | Multiple Roboticsware products provided by Roboti… |
Roboticsware PTE. LTD. |
FA-Panel6 |
2025-11-05T06:19:25.053Z | 2025-11-05T17:08:42.226Z |
| cve-2025-6027 | N/A | Ace User Management <= 2.0.3 - Subscriber+ Authenticat… |
Unknown |
Ace User Management |
2025-11-05T06:00:07.919Z | 2025-11-05T18:35:20.331Z |
| cve-2025-11072 | N/A | Download Counter Button <= 1.8.6.7 - Unauthenticated A… |
Unknown |
MelAbu WP Download Counter Button |
2025-11-05T06:00:07.091Z | 2025-11-05T18:36:44.703Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-10907 | 8.4 (v3.1) | Authenticated Arbitrary File Upload in Multiple WSO2 P… |
WSO2 |
WSO2 API Manager |
2025-11-05T18:03:49.831Z | 2025-11-05T18:49:44.604Z |
| cve-2025-10713 | 6.5 (v3.1) | XML External Entity (XXE) Vulnerability in Multiple WS… |
WSO2 |
WSO2 Enterprise Integrator |
2025-11-05T17:18:24.719Z | 2025-11-05T18:15:56.913Z |
| cve-2025-63248 | N/A | DWSurvey 6.14.0 is vulnerable to Incorrect Access… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T20:03:23.117Z |
| cve-2025-59716 | N/A | ownCloud Guests before 0.12.5 allows unauthentica… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T20:10:32.262Z |
| cve-2025-57244 | N/A | OpenKM Community Edition 6.3.12 is vulnerable to … |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T19:57:23.140Z |
| cve-2025-46424 | 6.7 (v3.1) | Dell CloudLink, versions prior to 8.2, contain us… |
Dell |
CloudLink |
2025-11-05T16:46:25.707Z | 2025-11-06T04:55:40.938Z |
| cve-2025-46366 | 6.7 (v3.1) | Dell CloudLink, versions prior to 8.1.1, contain … |
Dell |
CloudLink |
2025-11-05T16:50:28.754Z | 2025-11-06T04:55:41.794Z |
| cve-2025-46365 | 5.3 (v3.1) | Dell CloudLink, versions prior 8.1.1, contain a C… |
Dell |
CloudLink |
2025-11-05T16:40:39.934Z | 2025-11-06T04:55:40.128Z |
| cve-2025-46364 | 9.1 (v3.1) | Dell CloudLink, versions prior to 8.1.1, contain … |
Dell |
CloudLin |
2025-11-05T16:36:00.347Z | 2025-11-06T04:55:39.277Z |
| cve-2025-45379 | 8.4 (v3.1) | Dell CloudLink, versions prior to 8.2, contain a … |
Dell |
CloudLink |
2025-11-05T16:31:57.457Z | 2025-11-06T04:55:38.394Z |
| cve-2025-45378 | 9.1 (v3.1) | Dell CloudLink, versions 8.0 through 8.1.2, conta… |
Dell |
CloudLink |
2025-11-05T16:23:15.673Z | 2025-11-06T04:55:36.592Z |
| cve-2025-43990 | 7.3 (v3.1) | Dell Command Monitor (DCM), versions prior to 10.… |
Dell |
Command Monitor (DCM) |
2025-11-05T17:01:23.986Z | 2025-11-06T04:55:47.809Z |
| cve-2025-30479 | 8.4 (v3.1) | Dell CloudLink, versions prior to 8.2, contain a … |
Dell |
CloudLink |
2025-11-05T16:27:33.266Z | 2025-11-06T04:55:37.459Z |
| cve-2025-20377 | Cisco Unified Intelligence Center API Information Disc… |
Cisco |
Cisco Packaged Contact Center Enterprise |
2025-11-05T16:31:52.595Z | 2025-11-05T20:14:05.911Z | |
| cve-2025-20376 | Cisco Unified Contact Center Express Remote Code Execu… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:38.793Z | 2025-11-06T04:55:44.673Z | |
| cve-2025-20375 | Cisco Unified Contact Center Express Arbitrary File Up… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:43.035Z | 2025-11-06T04:55:45.946Z | |
| cve-2025-20374 | Cisco Unified Contact Center Express Arbitrary File Do… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:23.862Z | 2025-11-05T20:11:12.630Z | |
| cve-2025-20358 | Cisco Unified Contact Center Express Editor Authentica… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:23.210Z | 2025-11-06T04:55:43.689Z | |
| cve-2025-20354 | Cisco Unified Contact Center Express Remote Code Execu… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:14.821Z | 2025-11-06T04:55:42.828Z | |
| cve-2025-20343 | Cisco Identity Services Engine Radius Suppression Deni… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:31:05.000Z | 2025-11-05T20:07:12.870Z | |
| cve-2025-20305 | A vulnerability in the web-based management inter… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:32:52.800Z | 2025-11-05T20:19:33.833Z | |
| cve-2025-20304 | Multiple vulnerabilities in the web-based managem… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:33:27.573Z | 2025-11-05T20:20:07.804Z | |
| cve-2025-20303 | Multiple vulnerabilities in the web-based managem… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:32:02.482Z | 2025-11-05T20:17:21.630Z | |
| cve-2025-20289 | Multiple vulnerabilities in the web-based managem… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:32:28.860Z | 2025-11-05T20:18:33.404Z | |
| cve-2025-63601 | N/A | Snipe-IT before version 8.3.3 contains a remote c… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-10T16:40:21.341Z |
| cve-2025-61304 | N/A | OS command injection vulnerability in Dynatrace A… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T19:26:14.228Z |
| cve-2025-60753 | N/A | An issue was discovered in libarchive bsdtar befo… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T15:44:31.278Z |
| cve-2025-57130 | An Incorrect Access Control vulnerability in the … |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T16:20:49.984Z | |
| cve-2025-64459 | Potential SQL injection via _connector keyword argumen… |
djangoproject |
Django |
2025-11-05T15:09:58.239Z | 2025-11-08T12:49:45.129Z | |
| cve-2025-64458 | Potential denial-of-service vulnerability in HttpRespo… |
djangoproject |
Django |
2025-11-05T15:07:17.031Z | 2025-11-05T16:20:57.265Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-111812 | Malicious code in disappointed_ant_peach-21 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111811 | Malicious code in disabled_mink_violet-71 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111810 | Malicious code in dirty_marsupial_peach-23 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111809 | Malicious code in diplomatic_leopard_coral-88 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111808 | Malicious code in diplomatic_caribou_beige-67 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111807 | Malicious code in different_koi_brown-96 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111806 | Malicious code in devoted_quail_turquoise-63 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111805 | Malicious code in developing_constrictor_rose-97 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111804 | Malicious code in developed_swordfish_green-62 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111803 | Malicious code in determined_earwig_tomato-65 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111802 | Malicious code in desirable_swan_bronze-46 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111801 | Malicious code in desirable_coyote_green-60 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111800 | Malicious code in depressed_dove_green-14 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111799 | Malicious code in democratic_wildebeest_peach-54 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111798 | Malicious code in democratic_lynx_bronze-58 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111797 | Malicious code in democratic_elk_black-53 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111796 | Malicious code in democratic_bobolink_blue-27 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111795 | Malicious code in democratic_beetle_chocolate-22 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111794 | Malicious code in democratic_aphid_rose-89 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111793 | Malicious code in delightful_roundworm_blush-95 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111792 | Malicious code in delicate_porcupine_azure-34 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111791 | Malicious code in defensive_camel_white-43 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111790 | Malicious code in decisive_tarantula_scarlet-22 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111789 | Malicious code in decent_panther_chocolate-63 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111788 | Malicious code in deaf_swordfish_amaranth-66 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111787 | Malicious code in dark_quail_apricot-38 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111786 | Malicious code in dark_chinchilla_indigo-29 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111785 | Malicious code in dark_chickadee_chocolate-80 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111784 | Malicious code in damp_wolverine_white-89 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| mal-2025-111783 | Malicious code in damp_spoonbill_coral-60 (npm) | 2025-11-11T07:47:12Z | 2025-11-11T07:47:12Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:14987 | Red Hat Security Advisory: kernel security update | 2025-09-02T02:38:39+00:00 | 2025-11-11T08:53:50+00:00 |
| rhsa-2025:14989 | Red Hat Security Advisory: glib2 security update | 2025-09-02T02:11:24+00:00 | 2025-11-06T22:45:14+00:00 |
| rhsa-2025:14991 | Red Hat Security Advisory: glib2 security update | 2025-09-02T02:10:04+00:00 | 2025-11-06T22:45:14+00:00 |
| rhsa-2025:14983 | Red Hat Security Advisory: mod_http2 security update | 2025-09-02T02:01:29+00:00 | 2025-11-06T23:42:11+00:00 |
| rhsa-2025:14985 | Red Hat Security Advisory: kernel security update | 2025-09-02T01:50:49+00:00 | 2025-11-11T09:06:27+00:00 |
| rhsa-2025:14990 | Red Hat Security Advisory: glib2 security update | 2025-09-02T01:42:29+00:00 | 2025-11-06T22:45:14+00:00 |
| rhsa-2025:14982 | Red Hat Security Advisory: aide security update | 2025-09-02T01:34:19+00:00 | 2025-11-06T23:42:11+00:00 |
| rhsa-2025:14986 | Red Hat Security Advisory: kernel-rt security update | 2025-09-02T01:30:19+00:00 | 2025-11-11T08:53:50+00:00 |
| rhsa-2025:14981 | Red Hat Security Advisory: aide security update | 2025-09-02T01:30:19+00:00 | 2025-11-06T23:42:11+00:00 |
| rhsa-2025:14980 | Red Hat Security Advisory: aide security update | 2025-09-02T01:27:34+00:00 | 2025-11-06T23:42:11+00:00 |
| rhsa-2025:14911 | Red Hat Security Advisory: Red Hat Build of Apache Camel 4.10.6 for Spring Boot release. | 2025-08-28T18:38:33+00:00 | 2025-11-07T20:55:53+00:00 |
| rhsa-2025:14900 | Red Hat Security Advisory: python39:3.9 security update | 2025-08-28T17:04:37+00:00 | 2025-11-07T10:53:26+00:00 |
| rhsa-2025:14899 | Red Hat Security Advisory: postgresql:16 security update | 2025-08-28T17:02:28+00:00 | 2025-11-06T22:48:20+00:00 |
| rhsa-2025:14903 | Red Hat Security Advisory: httpd security update | 2025-08-28T16:57:52+00:00 | 2025-11-07T10:53:51+00:00 |
| rhsa-2025:14902 | Red Hat Security Advisory: httpd security update | 2025-08-28T16:54:38+00:00 | 2025-11-07T10:53:51+00:00 |
| rhsa-2025:14901 | Red Hat Security Advisory: httpd security update | 2025-08-28T16:54:28+00:00 | 2025-11-07T10:53:42+00:00 |
| rhsa-2025:14886 | Red Hat Security Advisory: Kiali 2.4.8 for Red Hat OpenShift Service Mesh 3.0 | 2025-08-28T15:21:16+00:00 | 2025-11-08T07:17:50+00:00 |
| rhsa-2025:14878 | Red Hat Security Advisory: postgresql security update | 2025-08-28T13:46:07+00:00 | 2025-11-06T22:48:17+00:00 |
| rhsa-2025:14870 | Red Hat Security Advisory: postgresql security update | 2025-08-28T12:25:57+00:00 | 2025-11-06T22:48:17+00:00 |
| rhsa-2025:14869 | Red Hat Security Advisory: postgresql security update | 2025-08-28T12:14:56+00:00 | 2025-11-06T22:48:16+00:00 |
| rhsa-2025:14862 | Red Hat Security Advisory: postgresql:15 security update | 2025-08-28T10:24:22+00:00 | 2025-11-06T22:48:16+00:00 |
| rhsa-2025:14844 | Red Hat Security Advisory: thunderbird security update | 2025-08-28T08:56:06+00:00 | 2025-11-06T22:48:15+00:00 |
| rhsa-2025:14841 | Red Hat Security Advisory: python3.11 security update | 2025-08-28T08:42:06+00:00 | 2025-11-07T10:53:26+00:00 |
| rhsa-2025:14828 | Red Hat Security Advisory: libarchive security update | 2025-08-28T06:39:16+00:00 | 2025-10-30T06:44:00+00:00 |
| rhsa-2025:14827 | Red Hat Security Advisory: postgresql:16 security update | 2025-08-28T06:29:11+00:00 | 2025-11-06T22:48:14+00:00 |
| rhsa-2025:14826 | Red Hat Security Advisory: postgresql16 security update | 2025-08-28T06:08:31+00:00 | 2025-11-06T22:48:14+00:00 |
| rhsa-2025:14811 | Red Hat Security Advisory: kpatch-patch-5_14_0-427_13_1, kpatch-patch-5_14_0-427_31_1, kpatch-patch-5_14_0-427_44_1, kpatch-patch-5_14_0-427_55_1, and kpatch-patch-5_14_0-427_68_2 security update | 2025-08-28T05:16:31+00:00 | 2025-11-11T09:06:29+00:00 |
| rhsa-2025:14810 | Red Hat Security Advisory: libarchive security update | 2025-08-28T05:11:26+00:00 | 2025-10-30T06:44:00+00:00 |
| rhsa-2025:14808 | Red Hat Security Advisory: libarchive security update | 2025-08-28T04:30:31+00:00 | 2025-10-30T06:44:00+00:00 |
| rhsa-2025:14396 | Red Hat Security Advisory: OpenShift Container Platform 4.15.57 bug fix and security update | 2025-08-27T21:47:05+00:00 | 2025-11-07T18:40:20+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-38468 | net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree | 2025-07-02T00:00:00.000Z | 2025-09-04T01:07:05.000Z |
| msrc_cve-2025-38467 | drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling | 2025-07-02T00:00:00.000Z | 2025-09-03T23:18:36.000Z |
| msrc_cve-2025-38466 | perf: Revert to requiring CAP_SYS_ADMIN for uprobes | 2025-07-02T00:00:00.000Z | 2025-09-03T21:49:02.000Z |
| msrc_cve-2025-38465 | netlink: Fix wraparounds of sk->sk_rmem_alloc. | 2025-07-02T00:00:00.000Z | 2025-09-03T22:38:53.000Z |
| msrc_cve-2025-38464 | tipc: Fix use-after-free in tipc_conn_close(). | 2025-07-02T00:00:00.000Z | 2025-09-03T23:24:54.000Z |
| msrc_cve-2025-38463 | tcp: Correct signedness in skb remaining space calculation | 2025-07-02T00:00:00.000Z | 2025-09-03T22:50:41.000Z |
| msrc_cve-2025-38462 | vsock: Fix transport_{g2h,h2g} TOCTOU | 2025-07-02T00:00:00.000Z | 2025-09-03T22:31:00.000Z |
| msrc_cve-2025-38461 | vsock: Fix transport_* TOCTOU | 2025-07-02T00:00:00.000Z | 2025-09-03T22:59:09.000Z |
| msrc_cve-2025-38460 | atm: clip: Fix potential null-ptr-deref in to_atmarpd(). | 2025-07-02T00:00:00.000Z | 2025-09-03T23:36:43.000Z |
| msrc_cve-2025-38459 | atm: clip: Fix infinite recursive call of clip_push(). | 2025-07-02T00:00:00.000Z | 2025-09-03T23:39:50.000Z |
| msrc_cve-2025-38458 | atm: clip: Fix NULL pointer dereference in vcc_sendmsg() | 2025-07-02T00:00:00.000Z | 2025-09-03T21:55:15.000Z |
| msrc_cve-2025-38457 | net/sched: Abort __tc_modify_qdisc if parent class does not exist | 2025-07-02T00:00:00.000Z | 2025-09-03T22:21:10.000Z |
| msrc_cve-2025-38456 | ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() | 2025-07-02T00:00:00.000Z | 2025-09-03T21:57:59.000Z |
| msrc_cve-2025-38449 | drm/gem: Acquire references on GEM handles for framebuffers | 2025-07-02T00:00:00.000Z | 2025-09-03T23:02:28.000Z |
| msrc_cve-2025-38448 | usb: gadget: u_serial: Fix race condition in TTY wakeup | 2025-07-02T00:00:00.000Z | 2025-09-04T05:05:56.000Z |
| msrc_cve-2025-38445 | md/raid1: Fix stack memory use after return in raid1_reshape | 2025-07-02T00:00:00.000Z | 2025-09-03T22:25:33.000Z |
| msrc_cve-2025-38444 | raid10: cleanup memleak at raid10_make_request | 2025-07-02T00:00:00.000Z | 2025-09-04T05:11:05.000Z |
| msrc_cve-2025-38443 | nbd: fix uaf in nbd_genl_connect() error path | 2025-07-02T00:00:00.000Z | 2025-09-03T23:12:00.000Z |
| msrc_cve-2025-38439 | bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT | 2025-07-02T00:00:00.000Z | 2025-09-03T21:53:44.000Z |
| msrc_cve-2025-38438 | ASoC: SOF: Intel: hda: Use devm_kstrdup() to avoid memleak. | 2025-07-02T00:00:00.000Z | 2025-09-03T22:53:23.000Z |
| msrc_cve-2025-38437 | ksmbd: fix potential use-after-free in oplock/lease break ack | 2025-07-02T00:00:00.000Z | 2025-09-03T21:51:00.000Z |
| msrc_cve-2025-38436 | drm/scheduler: signal scheduled fence when kill job | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38430 | nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38429 | bus: mhi: ep: Update read pointer only after buffer is written | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38428 | Input: ims-pcu - check record size in ims_pcu_flash_firmware() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38426 | drm/amdgpu: Add basic validation for RAS header | 2025-07-02T00:00:00.000Z | 2025-09-03T22:15:19.000Z |
| msrc_cve-2025-38425 | i2c: tegra: check msg length in SMBUS block read | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38424 | perf: Fix sample vs do_exit() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38422 | net: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38420 | wifi: carl9170: do not ping device which has failed to load firmware | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2022-001477 | Netcommunity OG410X and OG810X VoIP gateway/Hikari VoIP adapter for business offices vulnerable to OS command injection | 2022-03-23T12:08+09:00 | 2022-03-23T12:08+09:00 |
| jvndb-2022-000021 | Multiple vulnerabilities in KINGSOFT "WPS Office" and "KINGSOFT Internet Security" | 2022-03-16T14:46+09:00 | 2022-03-16T14:46+09:00 |
| jvndb-2022-000020 | Multiple vulnerabilities in pfSense | 2022-03-15T14:58+09:00 | 2024-06-21T11:59+09:00 |
| jvndb-2021-008345 | Installer of Trend Micro Portable Security may insecurely load Dynamic Link Libraries | 2022-03-14T16:43+09:00 | 2022-03-14T16:43+09:00 |
| jvndb-2022-001404 | Installer of Trend Micro Password Manager may insecurely load Dynamic Link Libraries | 2022-03-11T15:55+09:00 | 2022-03-11T15:55+09:00 |
| jvndb-2022-000016 | UNIVERGE WA Series vulnerable to OS command injection | 2022-03-10T14:31+09:00 | 2022-03-10T14:31+09:00 |
| jvndb-2022-001387 | Installer of WPS Office for Windows misconfigures the ACL for the installation directory | 2022-03-09T12:30+09:00 | 2024-06-21T11:37+09:00 |
| jvndb-2022-001384 | Multiple vulnerabilities in OMRON CX-Programmer | 2022-03-08T15:56+09:00 | 2024-06-21T11:32+09:00 |
| jvndb-2022-001383 | Directory Permission Vulnerability in Hitachi Ops Center Viewpoint | 2022-03-07T15:45+09:00 | 2022-03-07T15:45+09:00 |
| jvndb-2022-001382 | File Permission Vulnerability in Hitachi Command Suite | 2022-03-07T15:35+09:00 | 2022-03-07T15:35+09:00 |
| jvndb-2022-000008 | i-FILTER vulnerable to improper check for certificate revocation | 2022-03-04T14:12+09:00 | 2022-03-04T14:12+09:00 |
| jvndb-2022-000019 | pfSense-pkg-WireGuard vulnerable to directory traversal | 2022-03-03T15:08+09:00 | 2024-06-20T16:51+09:00 |
| jvndb-2022-001381 | Multiple vulnerabilities in Trend Micro ServerProtect | 2022-03-03T14:42+09:00 | 2024-06-21T17:58+09:00 |
| jvndb-2022-000018 | MarkText vulnerable to cross-site scripting | 2022-03-03T14:40+09:00 | 2024-06-20T16:46+09:00 |
| jvndb-2022-000017 | Norton Security for Mac improperly processes ICMP packets | 2022-03-03T14:32+09:00 | 2022-03-03T14:32+09:00 |
| jvndb-2022-001380 | Multiples security updates for Trend Micro Endpoint security products for enterprises (March 2022) | 2022-03-02T17:07+09:00 | 2022-03-02T17:07+09:00 |
| jvndb-2022-000015 | EC-CUBE improperly handles HTTP Host header values | 2022-02-22T14:22+09:00 | 2024-06-21T17:39+09:00 |
| jvndb-2022-000013 | EC-CUBE plugin "Mail Magazine Management Plugin" vulnerable to cross-site request forgery | 2022-02-22T14:09+09:00 | 2024-06-21T14:05+09:00 |
| jvndb-2022-000014 | Multiple vulnerabilities in a-blog cms | 2022-02-18T15:55+09:00 | 2022-02-18T15:55+09:00 |
| jvndb-2022-001372 | Trend Micro Antivirus for MAC vulnerable to privilege escalation | 2022-02-18T14:55+09:00 | 2024-06-21T18:04+09:00 |
| jvndb-2022-000012 | Multiple vulnerabilities in phpUploader | 2022-02-17T15:20+09:00 | 2022-02-17T15:20+09:00 |
| jvndb-2022-000011 | HPE Agentless Management registers unquoted service paths | 2022-02-09T15:49+09:00 | 2022-02-09T15:49+09:00 |
| jvndb-2022-001299 | Cross-site Scripting Vulnerability in JP1/IT Desktop Management 2 | 2022-02-08T17:15+09:00 | 2022-02-08T17:15+09:00 |
| jvndb-2022-000009 | CSV+ vulnerable to cross-site scripting | 2022-02-08T16:33+09:00 | 2022-02-08T16:33+09:00 |
| jvndb-2022-000010 | Multiple vulnerabilities in multiple ELECOM LAN routers | 2022-02-08T16:13+09:00 | 2022-02-08T16:13+09:00 |
| jvndb-2016-008013 | Multiple ESET products for macOS vulnerable to improper server certificate verification | 2022-02-07T14:18+09:00 | 2022-02-07T14:18+09:00 |
| jvndb-2022-000007 | Multiple vulnerabilities in TransmitMail | 2022-01-25T15:31+09:00 | 2022-01-25T15:31+09:00 |
| jvndb-2022-001097 | Multiple vulnerabilities in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux | 2022-01-25T13:35+09:00 | 2022-01-25T13:35+09:00 |
| jvndb-2022-001087 | GROWI vulnerable to authorization bypass through user-controlled key | 2022-01-24T14:07+09:00 | 2022-01-24T14:07+09:00 |
| jvndb-2022-000006 | Multiple cross-site scripting vulnerabilities in php_mailform | 2022-01-20T15:42+09:00 | 2022-01-20T15:42+09:00 |
| ID | Description | Updated |
|---|