Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-49q4-53vc-m8p9 | The MelAbu WP Download Counter Button WordPress plugin through 1.8.6.7 does not validate the path o… | 2025-11-05T06:30:25Z | 2025-11-05T21:31:01Z |
| ghsa-4245-33hh-r4j6 | Rejected reason: Not used | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-99pj-8225-q39g | The Features plugin for WordPress is vulnerable to unauthorized modification of data due to a missi… | 2025-11-05T03:30:24Z | 2025-11-05T03:30:24Z |
| ghsa-6wgh-rvcx-89g9 | The Everest Forms (Pro) plugin for WordPress is vulnerable to PHP Object Injection in all versions … | 2025-11-05T03:30:24Z | 2025-11-05T03:30:24Z |
| ghsa-jc85-fpwf-qm7x | expr-eval does not restrict functions passed to the evaluate function | 2025-11-05T03:30:23Z | 2025-11-10T19:06:03Z |
| ghsa-xmpw-v77r-v8qg | CVE-2025-59595 is an internally discovered denial of service vulnerability in versions of Secure A… | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ghsa-v5rq-p42m-gh9q | Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer overflow while processing a … | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ghsa-r879-mf96-p9qf | CVE-2025-59596 is a denial-of-service vulnerability in Secure Access Windows client versions 12.0 … | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ghsa-ph8v-q2pj-5pg4 | Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the upda… | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ghsa-h64p-rwjv-9xcw | A maliciously crafted project file may cause a heap-based buffer overflow in Fuji Electric Monito… | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ghsa-xh2h-xr83-rv32 | An issue was discovered in the Secure Boot component in Samsung Mobile Processor and Wearable Proce… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:33Z |
| ghsa-x7cq-fpc4-629v | Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibe… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-x649-8g7w-vfq7 | Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibe… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-q7rw-xpv8-759x | An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 10… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-mc8g-h5jq-wxvm | An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-jpjx-vf8p-rx6j | An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem. Mishandling of … | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-hqf8-533m-fqgc | NVIDIA NVApp for Windows contains a vulnerability in the installer, where a local attacker can caus… | 2025-11-04T21:31:36Z | 2025-11-04T21:31:36Z |
| ghsa-fm9h-jr58-3cph | NVIDIA RunAI for all platforms contains a vulnerability where a user could cause an improper restri… | 2025-11-04T21:31:36Z | 2025-11-04T21:31:36Z |
| ghsa-9gvj-29qh-j9fx | An issue was discovered in the GPU in Samsung Mobile Processor and Wearable Processor Exynos 1280, … | 2025-11-04T21:31:36Z | 2025-11-05T00:31:33Z |
| ghsa-4qqm-257h-w336 | A reflected cross-site scripted (XSS) vulnerability in the /jsp/gsfr_feditorHTML.jsp endpoint of Zu… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-4hrg-69hg-xq77 | Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes … | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-4c2j-p6fq-fm4p | Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Mulesoft Anypoint… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-3jhf-jgrg-mcw3 | An issue was discovered in the GPU driver in Samsung Mobile Processor Exynos 1480, 2400, 1580, 2500… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:33Z |
| ghsa-cgq7-3vmm-7c3m | Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoi… | 2025-11-04T21:31:35Z | 2025-11-05T00:31:32Z |
| ghsa-xjw6-gm63-g5h8 | An issue was discovered in the NPU driver in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480… | 2025-11-04T21:31:34Z | 2025-11-04T21:31:34Z |
| ghsa-v9vj-4829-7862 | An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in th… | 2025-11-04T21:31:34Z | 2025-11-04T21:31:34Z |
| ghsa-rr2v-x53x-8p62 | The Survision LPR Camera system does not enforce password protection by default. This allows access… | 2025-11-04T21:31:34Z | 2025-11-04T21:31:34Z |
| ghsa-jw3q-wg8m-2gvw | An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in th… | 2025-11-04T21:31:34Z | 2025-11-05T00:31:32Z |
| ghsa-75vx-vv5g-q5cq | Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoi… | 2025-11-04T21:31:34Z | 2025-11-05T00:31:32Z |
| ghsa-5pmx-7r6r-wfqq | Kgateway transformation policy template can emit files from the container | 2025-11-04T18:58:22Z | 2025-11-04T18:58:22Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-11956 | 8.9 (v3.1) | XSS in Proliz's OBS |
Proliz Software Ltd. Co. |
OBS (Student Affairs Information System) |
2025-11-06T14:51:51.292Z | 2025-11-06T15:07:43.302Z |
| cve-2025-10955 | 6.1 (v3.1) | HTML Injection in Netcad Software's Netigma |
Netcad Software Inc. |
Netigma |
2025-11-06T14:46:09.596Z | 2025-11-07T08:38:36.099Z |
| cve-2025-37735 | 7 (v3.1) | Improper preservation of permissions in Elastic D… |
Elastic |
Kibana |
2025-11-06T14:27:26.235Z | 2025-11-07T04:56:11.390Z |
| cve-2025-36054 | 6.1 (v3.1) | Cross-site scripting vulnerability affect IBM Business… |
IBM |
Business Automation Workflow containers |
2025-11-06T14:11:49.396Z | 2025-11-06T14:32:53.254Z |
| cve-2025-11268 | Strong Testimonials <= 3.2.16 - Unauthenticated Arbitr… |
wpchill |
Strong Testimonials |
2025-11-06T08:26:27.860Z | 2025-11-06T14:46:59.939Z | |
| cve-2025-12360 | Better Find and Replace <= 1.7.7 - Missing Authorization |
codesolz |
Better Find and Replace – AI-Powered Suggestions |
2025-11-06T07:27:05.431Z | 2025-11-06T14:51:40.221Z | |
| cve-2025-10259 | 5.3 (v3.1) | Denial-of-Service(DoS) Vulnerability in TCP Communicat… |
Mitsubishi Electric Corporation |
MELSEC iQ-F Series FX5U-32MT/ES |
2025-11-06T07:12:24.252Z | 2025-11-06T15:22:22.596Z |
| cve-2025-12471 | Hubbub Lite <= 1.36.0 - Reflected Cross-Site Scripting |
nerdpressteam |
Hubbub Lite – Fast, free social sharing and follow buttons |
2025-11-06T06:45:20.224Z | 2025-11-06T15:28:04.500Z | |
| cve-2025-9338 | 7.3 (v4.0) | A improper restriction of operations within the b… |
ASUS |
Armoury Crate |
2025-11-06T06:02:48.738Z | 2025-11-06T15:37:38.417Z |
| cve-2025-12560 | Blog2Social: Social Media Auto Post & Scheduler <= 8.6… |
pr-gateway |
Blog2Social: Social Media Auto Post & Scheduler |
2025-11-06T05:31:24.932Z | 2025-11-06T15:40:57.868Z | |
| cve-2025-11271 | Easy Digital Download <= 3.5.2 - Insufficient Verifica… |
smub |
Easy Digital Downloads – eCommerce Payments and Subscriptions made easy |
2025-11-06T04:36:22.463Z | 2025-11-06T15:50:35.023Z | |
| cve-2025-12563 | Blog2Social: Social Media Auto Post & Scheduler <= 8.6… |
pr-gateway |
Blog2Social: Social Media Auto Post & Scheduler |
2025-11-06T04:36:21.892Z | 2025-11-06T14:08:53.571Z | |
| cve-2025-61994 | 5.4 (v3.0) 4.8 (v4.0) | Cross-site scripting vulnerability exists in GROW… |
GROWI, Inc. |
GROWI |
2025-11-06T04:14:30.106Z | 2025-11-06T14:09:38.630Z |
| cve-2025-10691 | Easy Email Subscription <= 1.3 - Cross-Site Request Fo… |
yudiz |
Easy Email Subscription |
2025-11-06T03:27:01.882Z | 2025-11-06T17:02:19.997Z | |
| cve-2025-10683 | Easy Email Subscription <= 1.3 - Authenticated (Admin+… |
yudiz |
Easy Email Subscription |
2025-11-06T02:31:05.341Z | 2025-11-06T16:54:25.147Z | |
| cve-2025-64171 | MARIN3R: Cross-Namespace Vulnerability in the Operator |
3scale-sre |
marin3r |
2025-11-06T00:23:48.695Z | 2025-11-06T21:17:02.114Z | |
| cve-2025-64164 | DataEase is vulnerable to Oracle JNDI Injection |
dataease |
dataease |
2025-11-06T00:07:58.592Z | 2025-11-06T21:17:41.345Z | |
| cve-2025-63589 | N/A | A reflected XSS vulnerability exists in CMSimple_… |
n/a |
n/a |
2025-11-06T00:00:00.000Z | 2025-11-06T19:12:48.998Z |
| cve-2025-63588 | N/A | An unauthenticated reflected cross-site scripting… |
n/a |
n/a |
2025-11-06T00:00:00.000Z | 2025-11-06T19:10:56.777Z |
| cve-2025-63560 | N/A | An issue in KiloView Dual Channel 4k HDMI & 3G-SD… |
n/a |
n/a |
2025-11-06T00:00:00.000Z | 2025-11-10T17:04:00.611Z |
| cve-2025-63551 | N/A | A Server-Side Request Forgery (SSRF) vulnerabilit… |
n/a |
n/a |
2025-11-06T00:00:00.000Z | 2025-11-07T15:11:56.765Z |
| cve-2025-63307 | N/A | alexusmai laravel-file-manager 3.3.1 is vulnerabl… |
n/a |
n/a |
2025-11-06T00:00:00.000Z | 2025-11-06T19:08:37.837Z |
| cve-2025-60541 | N/A | A Server-Side Request Forgery (SSRF) in the /api/… |
n/a |
n/a |
2025-11-06T00:00:00.000Z | 2025-11-07T15:20:19.324Z |
| cve-2025-59396 | N/A | {'rejectedReasons': [{'lang': 'en', 'value': 'Not a security vulnerability'}], 'providerMetadata': {'orgId': '5d1c2695-1a31-4499-88ae-e847036fd7e3', 'shortName': 'WatchGuard', 'dateUpdated': '2025-11-10T22:50:06.864Z'}, 'x_generator': {'engine': 'cveClient/1.0.15'}} | N/A | N/A | 2025-11-06T00:00:00.000Z | 2025-11-10T22:50:06.864Z |
| cve-2025-59392 | N/A | On Elspec G5 devices through 1.2.2.19, a person w… |
n/a |
n/a |
2025-11-06T00:00:00.000Z | 2025-11-06T16:38:10.176Z |
| cve-2025-27919 | N/A | An issue was discovered in AnyDesk through 9.0.4.… |
n/a |
n/a |
2025-11-06T00:00:00.000Z | 2025-11-06T17:09:39.979Z |
| cve-2025-27918 | N/A | An issue was discovered in AnyDesk before 9.0.0. … |
n/a |
n/a |
2025-11-06T00:00:00.000Z | 2025-11-06T17:08:56.573Z |
| cve-2025-27917 | N/A | An issue was discovered in AnyDesk through 9.0.4.… |
n/a |
n/a |
2025-11-06T00:00:00.000Z | 2025-11-10T20:51:39.798Z |
| cve-2025-27916 | N/A | An issue was discovered in AnyDesk through 9.0.4.… |
n/a |
n/a |
2025-11-06T00:00:00.000Z | 2025-11-10T19:49:52.216Z |
| cve-2025-64163 | DataEase's DB2 is vulnerable to SSRF |
dataease |
dataease |
2025-11-05T23:52:05.196Z | 2025-11-06T21:18:12.403Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-46364 | 9.1 (v3.1) | Dell CloudLink, versions prior to 8.1.1, contain … |
Dell |
CloudLin |
2025-11-05T16:36:00.347Z | 2025-11-06T04:55:39.277Z |
| cve-2025-45379 | 8.4 (v3.1) | Dell CloudLink, versions prior to 8.2, contain a … |
Dell |
CloudLink |
2025-11-05T16:31:57.457Z | 2025-11-06T04:55:38.394Z |
| cve-2025-45378 | 9.1 (v3.1) | Dell CloudLink, versions 8.0 through 8.1.2, conta… |
Dell |
CloudLink |
2025-11-05T16:23:15.673Z | 2025-11-06T04:55:36.592Z |
| cve-2025-43990 | 7.3 (v3.1) | Dell Command Monitor (DCM), versions prior to 10.… |
Dell |
Command Monitor (DCM) |
2025-11-05T17:01:23.986Z | 2025-11-06T04:55:47.809Z |
| cve-2025-30479 | 8.4 (v3.1) | Dell CloudLink, versions prior to 8.2, contain a … |
Dell |
CloudLink |
2025-11-05T16:27:33.266Z | 2025-11-06T04:55:37.459Z |
| cve-2025-20377 | Cisco Unified Intelligence Center API Information Disc… |
Cisco |
Cisco Packaged Contact Center Enterprise |
2025-11-05T16:31:52.595Z | 2025-11-05T20:14:05.911Z | |
| cve-2025-20376 | Cisco Unified Contact Center Express Remote Code Execu… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:38.793Z | 2025-11-06T04:55:44.673Z | |
| cve-2025-20375 | Cisco Unified Contact Center Express Arbitrary File Up… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:43.035Z | 2025-11-06T04:55:45.946Z | |
| cve-2025-20374 | Cisco Unified Contact Center Express Arbitrary File Do… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:23.862Z | 2025-11-05T20:11:12.630Z | |
| cve-2025-20358 | Cisco Unified Contact Center Express Editor Authentica… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:23.210Z | 2025-11-06T04:55:43.689Z | |
| cve-2025-20354 | Cisco Unified Contact Center Express Remote Code Execu… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:14.821Z | 2025-11-06T04:55:42.828Z | |
| cve-2025-20343 | Cisco Identity Services Engine Radius Suppression Deni… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:31:05.000Z | 2025-11-05T20:07:12.870Z | |
| cve-2025-20305 | A vulnerability in the web-based management inter… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:32:52.800Z | 2025-11-05T20:19:33.833Z | |
| cve-2025-20304 | Multiple vulnerabilities in the web-based managem… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:33:27.573Z | 2025-11-05T20:20:07.804Z | |
| cve-2025-20303 | Multiple vulnerabilities in the web-based managem… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:32:02.482Z | 2025-11-05T20:17:21.630Z | |
| cve-2025-20289 | Multiple vulnerabilities in the web-based managem… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:32:28.860Z | 2025-11-05T20:18:33.404Z | |
| cve-2025-63601 | N/A | Snipe-IT before version 8.3.3 contains a remote c… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-10T16:40:21.341Z |
| cve-2025-61304 | N/A | OS command injection vulnerability in Dynatrace A… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T19:26:14.228Z |
| cve-2025-60753 | N/A | An issue was discovered in libarchive bsdtar befo… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T15:44:31.278Z |
| cve-2025-57130 | An Incorrect Access Control vulnerability in the … |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T16:20:49.984Z | |
| cve-2025-64459 | Potential SQL injection via _connector keyword argumen… |
djangoproject |
Django |
2025-11-05T15:09:58.239Z | 2025-11-08T12:49:45.129Z | |
| cve-2025-64458 | Potential denial-of-service vulnerability in HttpRespo… |
djangoproject |
Django |
2025-11-05T15:07:17.031Z | 2025-11-05T16:20:57.265Z | |
| cve-2025-61084 | N/A | MDaemon Mail Server 23.5.2 validates SPF, DKIM, a… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T15:13:15.646Z |
| cve-2025-52602 | 4.2 (v3.1) | HCL BigFix Query is affected by a sensitive informatio… |
HCL Software |
BigFix Query |
2025-11-05T14:46:46.537Z | 2025-11-05T18:58:08.387Z |
| cve-2025-47151 | A type confusion vulnerability exists in the lass… |
Entr'ouvert |
Lasso |
2025-11-05T14:57:01.436Z | 2025-11-05T22:35:15.897Z | |
| cve-2025-46784 | A denial of service vulnerability exists in the l… |
Entr'ouvert |
Lasso |
2025-11-05T14:56:57.782Z | 2025-11-05T22:34:21.323Z | |
| cve-2025-46705 | A denial of service vulnerability exists in the g… |
Entr'ouvert |
Lasso |
2025-11-05T14:56:55.535Z | 2025-11-05T22:36:34.501Z | |
| cve-2025-46404 | A denial of service vulnerability exists in the l… |
Entr'ouvert |
Lasso |
2025-11-05T14:56:59.671Z | 2025-11-05T22:36:18.932Z | |
| cve-2025-3125 | 6.7 (v3.1) | Authenticated Arbitrary File Upload in Multiple WSO2 P… |
WSO2 |
WSO2 Identity Server |
2025-11-05T14:49:44.597Z | 2025-11-05T18:59:01.426Z |
| cve-2025-12497 | Premium Portfolio Features for Phlox theme <= 2.3.10 -… |
averta |
Premium Portfolio Features for Phlox theme |
2025-11-05T11:24:40.177Z | 2025-11-05T15:03:20.522Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-117821 | Malicious code in veyfor (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117820 | Malicious code in vertical_bug_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117819 | Malicious code in verbal_buzzard_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117818 | Malicious code in vera-ubi87-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117817 | Malicious code in vera-tumis18-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117816 | Malicious code in vera-tongseng30-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117815 | Malicious code in vera-tongseng27-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117814 | Malicious code in vera-toge94-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117813 | Malicious code in vera-toge53-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117812 | Malicious code in vera-tempe25-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117811 | Malicious code in vera-telur92-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117810 | Malicious code in vera-tapai80-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117809 | Malicious code in vera-tahutek80-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117808 | Malicious code in vera-tahu38-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117807 | Malicious code in vera-sroto38-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117806 | Malicious code in vera-semur71-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117805 | Malicious code in vera-semur2-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117804 | Malicious code in vera-sambel83-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117803 | Malicious code in vera-ronde27-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117802 | Malicious code in vera-rojak14-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117801 | Malicious code in vera-rendang18-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117800 | Malicious code in vera-rangi31-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117799 | Malicious code in vera-rangi23-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117798 | Malicious code in vera-rangginang39-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117797 | Malicious code in vera-ragi28-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117796 | Malicious code in vera-pisang69-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117795 | Malicious code in vera-pecel38-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117794 | Malicious code in vera-papeda21-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117793 | Malicious code in vera-nasicampur23-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117792 | Malicious code in vera-moci81-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:14900 | Red Hat Security Advisory: python39:3.9 security update | 2025-08-28T17:04:37+00:00 | 2025-11-07T10:53:26+00:00 |
| rhsa-2025:14899 | Red Hat Security Advisory: postgresql:16 security update | 2025-08-28T17:02:28+00:00 | 2025-11-06T22:48:20+00:00 |
| rhsa-2025:14903 | Red Hat Security Advisory: httpd security update | 2025-08-28T16:57:52+00:00 | 2025-11-07T10:53:51+00:00 |
| rhsa-2025:14902 | Red Hat Security Advisory: httpd security update | 2025-08-28T16:54:38+00:00 | 2025-11-07T10:53:51+00:00 |
| rhsa-2025:14901 | Red Hat Security Advisory: httpd security update | 2025-08-28T16:54:28+00:00 | 2025-11-07T10:53:42+00:00 |
| rhsa-2025:14886 | Red Hat Security Advisory: Kiali 2.4.8 for Red Hat OpenShift Service Mesh 3.0 | 2025-08-28T15:21:16+00:00 | 2025-11-08T07:17:50+00:00 |
| rhsa-2025:14878 | Red Hat Security Advisory: postgresql security update | 2025-08-28T13:46:07+00:00 | 2025-11-06T22:48:17+00:00 |
| rhsa-2025:14870 | Red Hat Security Advisory: postgresql security update | 2025-08-28T12:25:57+00:00 | 2025-11-06T22:48:17+00:00 |
| rhsa-2025:14869 | Red Hat Security Advisory: postgresql security update | 2025-08-28T12:14:56+00:00 | 2025-11-06T22:48:16+00:00 |
| rhsa-2025:14862 | Red Hat Security Advisory: postgresql:15 security update | 2025-08-28T10:24:22+00:00 | 2025-11-06T22:48:16+00:00 |
| rhsa-2025:14844 | Red Hat Security Advisory: thunderbird security update | 2025-08-28T08:56:06+00:00 | 2025-11-06T22:48:15+00:00 |
| rhsa-2025:14841 | Red Hat Security Advisory: python3.11 security update | 2025-08-28T08:42:06+00:00 | 2025-11-07T10:53:26+00:00 |
| rhsa-2025:14828 | Red Hat Security Advisory: libarchive security update | 2025-08-28T06:39:16+00:00 | 2025-11-11T16:23:15+00:00 |
| rhsa-2025:14827 | Red Hat Security Advisory: postgresql:16 security update | 2025-08-28T06:29:11+00:00 | 2025-11-06T22:48:14+00:00 |
| rhsa-2025:14826 | Red Hat Security Advisory: postgresql16 security update | 2025-08-28T06:08:31+00:00 | 2025-11-06T22:48:14+00:00 |
| rhsa-2025:14811 | Red Hat Security Advisory: kpatch-patch-5_14_0-427_13_1, kpatch-patch-5_14_0-427_31_1, kpatch-patch-5_14_0-427_44_1, kpatch-patch-5_14_0-427_55_1, and kpatch-patch-5_14_0-427_68_2 security update | 2025-08-28T05:16:31+00:00 | 2025-11-11T09:06:29+00:00 |
| rhsa-2025:14810 | Red Hat Security Advisory: libarchive security update | 2025-08-28T05:11:26+00:00 | 2025-11-11T16:23:11+00:00 |
| rhsa-2025:14808 | Red Hat Security Advisory: libarchive security update | 2025-08-28T04:30:31+00:00 | 2025-11-11T16:23:14+00:00 |
| rhsa-2025:14396 | Red Hat Security Advisory: OpenShift Container Platform 4.15.57 bug fix and security update | 2025-08-27T21:47:05+00:00 | 2025-11-07T18:40:20+00:00 |
| rhsa-2025:14059 | Red Hat Security Advisory: OpenShift Container Platform 4.17.38 bug fix and security update | 2025-08-27T21:46:50+00:00 | 2025-11-07T18:40:20+00:00 |
| rhsa-2025:14397 | Red Hat Security Advisory: OpenShift Container Platform 4.15.57 bug fix and security update | 2025-08-27T19:02:18+00:00 | 2025-11-07T00:15:30+00:00 |
| rhsa-2025:14060 | Red Hat Security Advisory: OpenShift Container Platform 4.17.38 bug fix and security update | 2025-08-27T17:58:19+00:00 | 2025-11-11T15:48:30+00:00 |
| rhsa-2025:14398 | Red Hat Security Advisory: OpenShift Container Platform 4.15.57 security and extras update | 2025-08-27T17:57:53+00:00 | 2025-11-07T00:15:31+00:00 |
| rhsa-2025:14061 | Red Hat Security Advisory: OpenShift Container Platform 4.17.38 security and extras update | 2025-08-27T17:25:43+00:00 | 2025-11-07T00:15:29+00:00 |
| rhsa-2025:14767 | Red Hat Security Advisory: Red Hat Developer Hub 1.6.4 release. | 2025-08-27T15:50:11+00:00 | 2025-11-07T00:16:03+00:00 |
| rhsa-2025:14748 | Red Hat Security Advisory: kernel security update | 2025-08-27T15:33:14+00:00 | 2025-11-08T07:17:06+00:00 |
| rhsa-2025:14750 | Red Hat Security Advisory: fence-agents security update | 2025-08-27T15:17:04+00:00 | 2025-11-11T13:20:50+00:00 |
| rhsa-2025:14749 | Red Hat Security Advisory: kernel-rt security update | 2025-08-27T13:21:39+00:00 | 2025-11-08T07:17:06+00:00 |
| rhsa-2025:14743 | Red Hat Security Advisory: thunderbird security update | 2025-08-27T12:58:54+00:00 | 2025-11-06T22:48:13+00:00 |
| rhsa-2025:14744 | Red Hat Security Advisory: kernel security update | 2025-08-27T12:08:18+00:00 | 2025-11-08T07:17:05+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-38419 | remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38418 | remoteproc: core: Release rproc->clean_table after rproc_attach() fails | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38416 | NFC: nci: uart: Set tty->disc_data only in success path | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38415 | Squashfs: check return result of sb_min_blocksize | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38414 | wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 | 2025-07-02T00:00:00.000Z | 2025-09-03T22:33:00.000Z |
| msrc_cve-2025-38412 | platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks | 2025-07-02T00:00:00.000Z | 2025-09-04T04:58:20.000Z |
| msrc_cve-2025-38411 | netfs: Fix double put of request | 2025-07-02T00:00:00.000Z | 2025-09-03T23:21:36.000Z |
| msrc_cve-2025-38410 | drm/msm: Fix a fence leak in submit error path | 2025-07-02T00:00:00.000Z | 2025-09-03T23:28:13.000Z |
| msrc_cve-2025-38409 | drm/msm: Fix another leak in the submit error path | 2025-07-02T00:00:00.000Z | 2025-09-03T22:04:48.000Z |
| msrc_cve-2025-38408 | genirq/irq_sim: Initialize work context pointers properly | 2025-07-02T00:00:00.000Z | 2025-09-03T22:10:26.000Z |
| msrc_cve-2025-38406 | wifi: ath6kl: remove WARN on bad firmware input | 2025-07-02T00:00:00.000Z | 2025-09-03T23:43:12.000Z |
| msrc_cve-2025-38404 | usb: typec: displayport: Fix potential deadlock | 2025-07-02T00:00:00.000Z | 2025-09-04T04:49:40.000Z |
| msrc_cve-2025-38403 | vsock/vmci: Clear the vmci transport packet properly when initializing it | 2025-07-02T00:00:00.000Z | 2025-09-03T22:47:47.000Z |
| msrc_cve-2025-38401 | mtk-sd: Prevent memory corruption from DMA map failure | 2025-07-02T00:00:00.000Z | 2025-09-03T22:17:52.000Z |
| msrc_cve-2025-38399 | scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() | 2025-07-02T00:00:00.000Z | 2025-09-03T22:02:33.000Z |
| msrc_cve-2025-38396 | fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass | 2025-07-02T00:00:00.000Z | 2025-09-03T22:07:59.000Z |
| msrc_cve-2025-38395 | regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods | 2025-07-02T00:00:00.000Z | 2025-09-03T23:15:38.000Z |
| msrc_cve-2025-38393 | NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN | 2025-07-02T00:00:00.000Z | 2025-09-03T22:00:09.000Z |
| msrc_cve-2025-38391 | usb: typec: altmodes/displayport: do not index invalid pin_assignments | 2025-07-02T00:00:00.000Z | 2025-09-04T05:01:31.000Z |
| msrc_cve-2025-38389 | drm/i915/gt: Fix timeline left held on VMA alloc error | 2025-07-02T00:00:00.000Z | 2025-09-04T04:45:13.000Z |
| msrc_cve-2025-38386 | ACPICA: Refuse to evaluate a method if arguments are missing | 2025-07-02T00:00:00.000Z | 2025-09-03T22:42:21.000Z |
| msrc_cve-2025-38385 | net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect | 2025-07-02T00:00:00.000Z | 2025-09-03T22:23:41.000Z |
| msrc_cve-2025-38384 | mtd: spinand: fix memory leak of ECC engine conf | 2025-07-02T00:00:00.000Z | 2025-09-03T22:28:21.000Z |
| msrc_cve-2025-38382 | btrfs: fix iteration of extrefs during log replay | 2025-07-02T00:00:00.000Z | 2025-09-03T22:45:15.000Z |
| msrc_cve-2025-38380 | i2c/designware: Fix an initialization issue | 2025-07-02T00:00:00.000Z | 2025-09-03T23:34:23.000Z |
| msrc_cve-2025-38379 | smb: client: fix warning when reconnecting channel | 2025-07-02T00:00:00.000Z | 2025-09-03T22:56:14.000Z |
| msrc_cve-2025-38377 | rose: fix dangling neighbour pointers in rose_rt_device_down() | 2025-07-02T00:00:00.000Z | 2025-09-04T04:53:15.000Z |
| msrc_cve-2025-38376 | usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume | 2025-07-02T00:00:00.000Z | 2025-09-04T05:14:38.000Z |
| msrc_cve-2025-38375 | virtio-net: ensure the received length does not exceed allocated size | 2025-07-02T00:00:00.000Z | 2025-09-03T22:12:59.000Z |
| msrc_cve-2025-38369 | dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2022-000001 | Canon laser printers and small office multifunctional printers vulnerable to cross-site scripting | 2022-01-19T14:00+09:00 | 2022-01-19T14:00+09:00 |
| jvndb-2022-000005 | PASSWORD MANAGER "MIRUPASS" PW10 / PW20 missing encryption | 2022-01-13T15:26+09:00 | 2022-01-13T15:26+09:00 |
| jvndb-2022-000004 | Label printers "TEPRA" PRO SR5900P / SR-R7900P vulnerable to insufficiently protected credentials | 2022-01-13T15:21+09:00 | 2022-01-13T15:21+09:00 |
| jvndb-2022-000003 | Jimoty App for Android uses a hard-coded API key for an external service | 2022-01-12T15:37+09:00 | 2022-01-12T15:37+09:00 |
| jvndb-2022-000002 | Multiple vulnerabilities in WordPress Plugin "Quiz And Survey Master" | 2022-01-12T15:33+09:00 | 2022-01-12T15:33+09:00 |
| jvndb-2021-006146 | Multiple vulnerabilities in KONICA MINOLTA MFPs and printing systems | 2021-12-28T11:51+09:00 | 2021-12-28T11:51+09:00 |
| jvndb-2021-006117 | Multiple vulnerabilities in IDEC PLCs | 2021-12-27T16:54+09:00 | 2022-01-11T16:36+09:00 |
| jvndb-2021-006026 | TP-Link TL-WR802N V4(JP) vulnerable to OS command injection | 2021-12-24T15:31+09:00 | 2021-12-24T15:31+09:00 |
| jvndb-2021-005998 | Multiple vulnerabilities in QNAP VioStar NVR | 2021-12-24T10:58+09:00 | 2021-12-24T10:58+09:00 |
| jvndb-2021-003929 | Multiple vulnerabilities in multiple Yamaha routers | 2021-12-24T10:51+09:00 | 2021-12-24T10:51+09:00 |
| jvndb-2021-000112 | Android Apps developed using Yappli fails to restrict custom URL schemes properly | 2021-12-22T15:07+09:00 | 2021-12-22T15:07+09:00 |
| jvndb-2021-000111 | Multiple vulnerabilities in GroupSession | 2021-12-20T14:53+09:00 | 2021-12-21T14:20+09:00 |
| jvndb-2021-000110 | UNIVERGE DT Series vulnerable to missing encryption of sensitive data | 2021-12-17T16:57+09:00 | 2021-12-17T16:57+09:00 |
| jvndb-2021-005174 | Multiple vulnerabilities in Trend Micro Security 2021 family (Consumer) | 2021-12-09T13:43+09:00 | 2021-12-09T13:43+09:00 |
| jvndb-2021-004912 | Multiple vulnerabilities in multiple ELECOM routers | 2021-12-02T17:16+09:00 | 2022-03-30T16:11+09:00 |
| jvndb-2021-000109 | Multiple missing authorization vulnerabilities in WordPress Plugin "Advanced Custom Fields" | 2021-12-02T15:02+09:00 | 2022-02-18T16:18+09:00 |
| jvndb-2021-000108 | Multiple vulnerabilities in multiple ELECOM LAN routers | 2021-11-30T16:23+09:00 | 2022-03-29T16:18+09:00 |
| jvndb-2021-000107 | Wi-Fi STATION SH-52A vulnerable to cross-site scripting | 2021-11-30T14:49+09:00 | 2021-11-30T14:49+09:00 |
| jvndb-2021-004716 | Trend Micro Antivirus for MAC vulnerable to improper access controls | 2021-11-29T13:52+09:00 | 2021-11-29T13:52+09:00 |
| jvndb-2021-000106 | Multiple vulnerabilities in baserCMS | 2021-11-26T14:59+09:00 | 2021-11-26T14:59+09:00 |
| jvndb-2021-000104 | WordPress Plugin "Browser and Operating System Finder" vulnerable to cross-site request forgery | 2021-11-25T14:31+09:00 | 2021-11-25T14:31+09:00 |
| jvndb-2021-000105 | PowerCMS XMLRPC API vulnerable to OS command injection | 2021-11-24T15:47+09:00 | 2024-07-26T15:22+09:00 |
| jvndb-2021-004432 | Multiple Vulnerabilities in JP1/Automatic Operation | 2021-11-22T16:10+09:00 | 2021-11-22T16:10+09:00 |
| jvndb-2021-000103 | WordPress Plugin "Push Notifications for WordPress (Lite)" vulnerable to cross-site request forgery | 2021-11-16T13:42+09:00 | 2021-11-16T13:42+09:00 |
| jvndb-2021-000102 | rwtxt vulnerable to cross-site scripting | 2021-11-16T13:38+09:00 | 2021-11-16T13:38+09:00 |
| jvndb-2021-000101 | Unlimited Sitemap Generator vulnerable to cross-site request forgery | 2021-11-12T15:07+09:00 | 2021-11-12T15:07+09:00 |
| jvndb-2021-003840 | Cross-site Scripting Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2021-11-12T11:41+09:00 | 2021-11-12T11:41+09:00 |
| jvndb-2021-000100 | Multiple vulnerabilities in EC-CUBE 2 series | 2021-11-11T15:09+09:00 | 2021-11-11T15:09+09:00 |
| jvndb-2021-000094 | WordPress Plugin "Booking Package - Appointment Booking Calendar System" vulnerable to cross-site scripting | 2021-11-10T14:26+09:00 | 2021-11-10T14:26+09:00 |
| jvndb-2021-003811 | File Permission Vulnerability in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center | 2021-11-05T15:04+09:00 | 2021-11-05T15:04+09:00 |
| ID | Description | Updated |
|---|