Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-38f8-fpgx-rq7p | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-11-06T18:32:50Z | 2025-11-10T21:30:32Z |
| ghsa-x33c-7c2v-mrj9 | Apollo Router Affected by an Access Control Bypass on Polymorphic Types | 2025-11-06T15:47:05Z | 2025-11-06T23:13:08Z |
| ghsa-g8jh-vg5j-4h3f | Apollo Router Improperly Enforces Renamed Access Control Directives | 2025-11-06T15:45:34Z | 2025-11-07T20:31:54Z |
| ghsa-52c5-vh7f-26fx | Cross-Site Scripting (XSS) vulnerability through unescaped HTML attribute values | 2025-11-06T15:44:35Z | 2025-11-06T15:44:36Z |
| ghsa-w2jf-268q-mrvh | OpenTofu affected denials of service in "tofu init" with maliciously-crafted module package responses | 2025-11-06T15:44:04Z | 2025-11-06T15:44:04Z |
| ghsa-j5h3-g7ch-42qf | Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files… | 2025-11-06T15:31:02Z | 2025-11-06T15:31:02Z |
| ghsa-chqh-jw54-v96h | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2025-11-06T15:31:02Z | 2025-11-06T15:31:02Z |
| ghsa-954p-ff4g-qrwj | IBM Business Automation Workflow containers 24.0.0 through 24.0.0-IF006, 24.0.1 through 24.0.1-IF00… | 2025-11-06T15:31:02Z | 2025-11-06T15:31:02Z |
| ghsa-47fj-h8p3-32hr | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2025-11-06T15:31:02Z | 2025-11-06T15:31:02Z |
| ghsa-w832-gg5g-x44m | Open redirect endpoint in Datasette | 2025-11-06T15:13:33Z | 2025-11-07T21:56:19Z |
| ghsa-pwhc-rpq9-4c8w | containerd affected by a local privilege escalation via wide permissions on CRI directory | 2025-11-06T15:12:08Z | 2025-11-06T23:12:26Z |
| ghsa-wwqf-mr46-f48r | The Hubbub Lite – Fast, free social sharing and follow buttons plugin for WordPress is vulnerable t… | 2025-11-06T09:30:27Z | 2025-11-06T09:30:27Z |
| ghsa-c6mq-jmqr-fj42 | The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to unauthor… | 2025-11-06T09:30:27Z | 2025-11-06T09:30:27Z |
| ghsa-8pxf-65qh-4qrc | Improper Validation of Specified Quantity in Input vulnerability in TCP Communication Function on M… | 2025-11-06T09:30:27Z | 2025-11-06T09:30:27Z |
| ghsa-59gw-wcgq-689r | The Strong Testimonials plugin for WordPress is vulnerable to arbitrary shortcode execution in all … | 2025-11-06T09:30:27Z | 2025-11-06T09:30:27Z |
| ghsa-w98m-8w6g-8h8h | Rejected reason: Not used | 2025-11-06T06:31:00Z | 2025-11-06T06:31:00Z |
| ghsa-rrj6-v2g6-p956 | Cross-site scripting vulnerability exists in GROWI prior to v7.2.10. If a malicious user creates a … | 2025-11-06T06:31:00Z | 2025-11-06T06:31:00Z |
| ghsa-rqm6-jmg2-pgr4 | The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Server-Si… | 2025-11-06T06:31:00Z | 2025-11-06T06:31:00Z |
| ghsa-c6v2-f464-375q | The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to limited f… | 2025-11-06T06:31:00Z | 2025-11-06T06:31:00Z |
| ghsa-89rw-3v7g-7694 | A improper restriction of operations within the bounds of a memory buffer exists in AsIO3.sys drive… | 2025-11-06T06:31:00Z | 2025-11-06T06:31:00Z |
| ghsa-6jrq-cfpr-p7h7 | The Easy Digital Downloads plugin for WordPress is vulnerable to Order Manipulation in all versions… | 2025-11-06T06:31:00Z | 2025-11-06T06:31:00Z |
| ghsa-xr75-qffj-f7pp | Rejected reason: Not used | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ghsa-jfgq-q79f-mg46 | Rejected reason: Not used | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ghsa-j46x-7r2f-39jj | Rejected reason: Not used | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ghsa-hxmw-gjp6-v3hg | Rejected reason: Not used | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ghsa-cgph-cwx2-p8cf | Rejected reason: Not used | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ghsa-9rw2-959c-gw2m | Rejected reason: Not used | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ghsa-5f59-4f8w-6g47 | Rejected reason: Not used | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ghsa-4rhv-r8jc-m23p | The Easy Email Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in all… | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ghsa-25h8-7qpw-h33r | Rejected reason: Not used | 2025-11-06T06:30:59Z | 2025-11-06T06:30:59Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-54718 | N/A | WordPress Yogi - Health Beauty & Yoga theme <= 2.9.2 -… |
NooTheme |
Yogi - Health Beauty & Yoga |
2025-11-06T15:54:14.634Z | 2025-11-06T19:48:15.891Z |
| cve-2025-54711 | N/A | WordPress Info Cards Plugin <= 1.0.11 - Broken Access … |
bPlugins |
Info Cards |
2025-11-06T15:54:14.029Z | 2025-11-07T20:38:27.602Z |
| cve-2025-53586 | N/A | WordPress WeMusic Theme <= 1.9.1 - PHP Object Injectio… |
NooTheme |
WeMusic |
2025-11-06T15:54:13.387Z | 2025-11-10T19:47:21.249Z |
| cve-2025-53585 | N/A | WordPress WeMusic theme <= 1.9.1 - Cross Site Scriptin… |
NooTheme |
WeMusic |
2025-11-06T15:54:12.787Z | 2025-11-07T19:41:15.613Z |
| cve-2025-53574 | N/A | WordPress Doliconnect Plugin <= 9.3.2 - Cross Site Scr… |
ptibogxiv |
Doliconnect |
2025-11-06T15:54:11.607Z | 2025-11-10T19:47:28.207Z |
| cve-2025-53573 | N/A | WordPress Epic Review Plugin <= 1.0.2 - Cross Site Scr… |
jegtheme |
Epic Review |
2025-11-06T15:54:10.426Z | 2025-11-07T13:21:38.978Z |
| cve-2025-53349 | N/A | WordPress Kalium Theme <= 3.18.3 - Cross Site Scriptin… |
Laborator |
Kalium |
2025-11-06T15:54:06.581Z | 2025-11-10T19:47:34.159Z |
| cve-2025-53324 | N/A | WordPress Gutenify Plugin <= 1.5.7 - Cross Site Script… |
CodeYatri |
Gutenify |
2025-11-06T15:54:05.737Z | 2025-11-10T19:47:40.684Z |
| cve-2025-53316 | N/A | WordPress WP GDPR Cookie Consent plugin <= 1.0.0 - Cro… |
Shahjahan Jewel |
WP GDPR Cookie Consent |
2025-11-06T15:54:04.995Z | 2025-11-10T19:47:48.401Z |
| cve-2025-53286 | N/A | WordPress Dropify Plugin <= 4.6.9 - Cross Site Scripti… |
Jhainey Milevis |
Dropify |
2025-11-06T15:54:04.283Z | 2025-11-10T19:48:00.218Z |
| cve-2025-53283 | N/A | WordPress Drop Uploader for CF7 - Drag&Drop File Uploa… |
borisolhor |
Drop Uploader for CF7 - Drag&Drop File Uploader Addon |
2025-11-06T15:54:03.506Z | 2025-11-07T14:56:14.631Z |
| cve-2025-53252 | N/A | WordPress Zegen Theme <= 1.1.9 - Local File Inclusion … |
zozothemes |
Zegen |
2025-11-06T15:54:02.680Z | 2025-11-10T19:48:53.392Z |
| cve-2025-53246 | N/A | WordPress Backup and Move Plugin <= 0.1 - Broken Acces… |
Gaurav Aggarwal |
Backup and Move |
2025-11-06T15:53:59.915Z | 2025-11-10T19:49:05.718Z |
| cve-2025-53245 | N/A | WordPress WP Logo Changer Plugin <= 1.2 - Cross Site S… |
Afzal Multani |
WP Logo Changer |
2025-11-06T15:53:59.391Z | 2025-11-10T19:49:54.432Z |
| cve-2025-53242 | N/A | WordPress Seil Theme <= 1.7.1 - Deserialization of unt… |
VictorThemes |
Seil |
2025-11-06T15:53:58.962Z | 2025-11-10T19:50:01.019Z |
| cve-2025-53239 | N/A | WordPress User Registration Aide Plugin <= 1.5.3.8 - C… |
bnovotny |
User Registration Aide |
2025-11-06T15:53:58.555Z | 2025-11-10T19:50:09.183Z |
| cve-2025-53214 | N/A | WordPress Sertifier Certificate & Badge Maker plugin <… |
sertifier |
Sertifier Certificate & Badge Maker |
2025-11-06T15:53:58.037Z | 2025-11-10T19:51:37.248Z |
| cve-2025-52773 | N/A | WordPress HieCOR Payment Gateway plugin plugin <= 1.5.… |
hiecor |
HieCOR Payment Gateway Plugin |
2025-11-06T15:53:57.496Z | 2025-11-10T19:51:43.599Z |
| cve-2025-52764 | N/A | WordPress flexoslider plugin <= 1.0004 - Cross Site Sc… |
marielav |
flexoslider |
2025-11-06T15:53:56.937Z | 2025-11-10T19:51:51.375Z |
| cve-2025-49909 | N/A | WordPress Penci Bookmark & Follow plugin < 2.4 - Cross… |
PenciDesign |
Penci Bookmark & Follow |
2025-11-06T15:53:56.279Z | 2025-11-10T19:52:08.438Z |
| cve-2025-49905 | N/A | WordPress Range Slider Addon for Gravity Forms plugin … |
PluginsCafe |
Range Slider Addon for Gravity Forms |
2025-11-06T15:53:55.700Z | 2025-11-10T19:52:18.567Z |
| cve-2025-49904 | N/A | WordPress Booking and Rental Manager plugin <= 2.5.3 -… |
magepeopleteam |
Booking and Rental Manager |
2025-11-06T15:53:55.162Z | 2025-11-10T19:52:27.580Z |
| cve-2025-49900 | N/A | WordPress Advanced scrollbar plugin <= 1.1.8 - Privile… |
bPlugins |
Advanced scrollbar |
2025-11-06T15:53:54.586Z | 2025-11-10T19:52:34.186Z |
| cve-2025-49398 | N/A | WordPress Easy Appointments plugin <= 3.12.14 - Conten… |
Easy Appointments |
Easy Appointments |
2025-11-06T15:53:53.979Z | 2025-11-10T19:52:40.016Z |
| cve-2025-49394 | N/A | WordPress Image Gallery block – Create and display pho… |
bPlugins |
Image Gallery block – Create and display photo gallery/photo album. |
2025-11-06T15:53:53.230Z | 2025-11-10T19:52:45.863Z |
| cve-2025-49393 | N/A | WordPress Sign-up Sheets Plugin <= 2.3.2 - PHP Object … |
Fetch Designs |
Sign-up Sheets |
2025-11-06T15:53:52.480Z | 2025-11-10T19:52:51.590Z |
| cve-2025-49390 | N/A | WordPress Cookie Notice & Consent plugin <= 1.6.4 - Cr… |
christophrado |
Cookie Notice & Consent |
2025-11-06T15:53:51.739Z | 2025-11-10T19:52:57.246Z |
| cve-2025-49386 | N/A | WordPress Preserve Code Formatting Plugin <= 4.0.1 - P… |
Scott Reilly |
Preserve Code Formatting |
2025-11-06T15:53:50.934Z | 2025-11-10T19:53:04.290Z |
| cve-2025-49372 | N/A | WordPress HAPPY plugin <= 1.0.7 - Remote Code Executio… |
VillaTheme |
HAPPY |
2025-11-06T15:53:50.181Z | 2025-11-07T19:36:21.511Z |
| cve-2025-48330 | N/A | WordPress Real Time Validation for Gravity Forms <= 1.… |
Daman Jeet |
Real Time Validation for Gravity Forms |
2025-11-06T15:53:48.806Z | 2025-11-10T19:53:10.548Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-58972 | N/A | WordPress Barcode Scanner with Inventory & Order Manag… |
Dmitry V. (CEO of "UKR Solution") |
Barcode Scanner with Inventory & Order Manager |
2025-11-06T15:54:30.300Z | 2025-11-06T15:54:30.300Z |
| cve-2025-58964 | N/A | WordPress Enzy theme < 1.6.4 - Cross Site Scripting (X… |
skygroup |
Enzy |
2025-11-06T15:54:29.627Z | 2025-11-06T15:54:29.627Z |
| cve-2025-58638 | N/A | WordPress Institutions Directory Plugin <= 1.3.3 - Cro… |
e-plugins |
Institutions Directory |
2025-11-06T15:54:28.161Z | 2025-11-06T15:54:28.161Z |
| cve-2025-58636 | N/A | WordPress WP Gravity Forms Keap/Infusionsoft Plugin <=… |
CRM Perks |
WP Gravity Forms Keap/Infusionsoft |
2025-11-06T15:54:26.970Z | 2025-11-06T15:54:26.970Z |
| cve-2025-58629 | N/A | WordPress Miraculous theme < 2.0.9 - Arbitrary Content… |
kamleshyadav |
Miraculous |
2025-11-06T15:54:25.101Z | 2025-11-06T15:54:25.101Z |
| cve-2025-58627 | N/A | WordPress Miraculous Core Plugin plugin < 2.0.9 - Inse… |
kamleshyadav |
Miraculous Core Plugin |
2025-11-06T15:54:23.943Z | 2025-11-06T15:54:23.943Z |
| cve-2025-58619 | N/A | WordPress Falang multilanguage Plugin <= 1.3.65 - PHP … |
sbouey |
Falang multilanguage |
2025-11-06T15:54:22.879Z | 2025-11-07T16:13:04.283Z |
| cve-2025-58595 | N/A | WordPress All In One Login plugin <= 2.0.8 - Bypass Vu… |
Saad Iqbal |
All In One Login |
2025-11-06T15:54:21.774Z | 2025-11-10T19:47:08.490Z |
| cve-2025-58592 | N/A | WordPress TranslatePress Plugin <= 2.10.2 - Deserializ… |
Cozmoslabs |
TranslatePress |
2025-11-06T15:54:20.550Z | 2025-11-07T15:56:17.602Z |
| cve-2025-58243 | N/A | WordPress imEvent Theme <= 3.4.0 - Broken Access Contr… |
Jthemes |
imEvent |
2025-11-06T15:54:19.824Z | 2025-11-06T16:15:30.261Z |
| cve-2025-58207 | N/A | WordPress Ai Image Alt Text Generator for WP Plugin <=… |
WP Messiah |
Ai Image Alt Text Generator for WP |
2025-11-06T15:54:19.210Z | 2025-11-06T16:19:34.849Z |
| cve-2025-54737 | N/A | WordPress Jobmonster theme <= 4.7.8 - Cross Site Scrip… |
NooTheme |
Jobmonster |
2025-11-06T15:54:17.806Z | 2025-11-06T16:21:42.168Z |
| cve-2025-54722 | N/A | WordPress WooTour plugin <= 3.6.3 - Cross Site Scripti… |
Ex-Themes |
WooTour |
2025-11-06T15:54:16.991Z | 2025-11-06T16:27:22.618Z |
| cve-2025-54721 | N/A | WordPress Resca theme <= 3.0.2 - Cross Site Scripting … |
ThimPress |
Resca |
2025-11-06T15:54:16.209Z | 2025-11-06T16:30:47.235Z |
| cve-2025-54719 | N/A | WordPress Yogi - Health Beauty & Yoga Theme <= 2.9.2 -… |
NooTheme |
Yogi - Health Beauty & Yoga |
2025-11-06T15:54:15.371Z | 2025-11-06T18:07:10.677Z |
| cve-2025-54718 | N/A | WordPress Yogi - Health Beauty & Yoga theme <= 2.9.2 -… |
NooTheme |
Yogi - Health Beauty & Yoga |
2025-11-06T15:54:14.634Z | 2025-11-06T19:48:15.891Z |
| cve-2025-54711 | N/A | WordPress Info Cards Plugin <= 1.0.11 - Broken Access … |
bPlugins |
Info Cards |
2025-11-06T15:54:14.029Z | 2025-11-07T20:38:27.602Z |
| cve-2025-53586 | N/A | WordPress WeMusic Theme <= 1.9.1 - PHP Object Injectio… |
NooTheme |
WeMusic |
2025-11-06T15:54:13.387Z | 2025-11-10T19:47:21.249Z |
| cve-2025-53585 | N/A | WordPress WeMusic theme <= 1.9.1 - Cross Site Scriptin… |
NooTheme |
WeMusic |
2025-11-06T15:54:12.787Z | 2025-11-07T19:41:15.613Z |
| cve-2025-53574 | N/A | WordPress Doliconnect Plugin <= 9.3.2 - Cross Site Scr… |
ptibogxiv |
Doliconnect |
2025-11-06T15:54:11.607Z | 2025-11-10T19:47:28.207Z |
| cve-2025-53573 | N/A | WordPress Epic Review Plugin <= 1.0.2 - Cross Site Scr… |
jegtheme |
Epic Review |
2025-11-06T15:54:10.426Z | 2025-11-07T13:21:38.978Z |
| cve-2025-53349 | N/A | WordPress Kalium Theme <= 3.18.3 - Cross Site Scriptin… |
Laborator |
Kalium |
2025-11-06T15:54:06.581Z | 2025-11-10T19:47:34.159Z |
| cve-2025-53324 | N/A | WordPress Gutenify Plugin <= 1.5.7 - Cross Site Script… |
CodeYatri |
Gutenify |
2025-11-06T15:54:05.737Z | 2025-11-10T19:47:40.684Z |
| cve-2025-53316 | N/A | WordPress WP GDPR Cookie Consent plugin <= 1.0.0 - Cro… |
Shahjahan Jewel |
WP GDPR Cookie Consent |
2025-11-06T15:54:04.995Z | 2025-11-10T19:47:48.401Z |
| cve-2025-53286 | N/A | WordPress Dropify Plugin <= 4.6.9 - Cross Site Scripti… |
Jhainey Milevis |
Dropify |
2025-11-06T15:54:04.283Z | 2025-11-10T19:48:00.218Z |
| cve-2025-53283 | N/A | WordPress Drop Uploader for CF7 - Drag&Drop File Uploa… |
borisolhor |
Drop Uploader for CF7 - Drag&Drop File Uploader Addon |
2025-11-06T15:54:03.506Z | 2025-11-07T14:56:14.631Z |
| cve-2025-53252 | N/A | WordPress Zegen Theme <= 1.1.9 - Local File Inclusion … |
zozothemes |
Zegen |
2025-11-06T15:54:02.680Z | 2025-11-10T19:48:53.392Z |
| cve-2025-53246 | N/A | WordPress Backup and Move Plugin <= 0.1 - Broken Acces… |
Gaurav Aggarwal |
Backup and Move |
2025-11-06T15:53:59.915Z | 2025-11-10T19:49:05.718Z |
| cve-2025-53245 | N/A | WordPress WP Logo Changer Plugin <= 1.2 - Cross Site S… |
Afzal Multani |
WP Logo Changer |
2025-11-06T15:53:59.391Z | 2025-11-10T19:49:54.432Z |
| cve-2025-53242 | N/A | WordPress Seil Theme <= 1.7.1 - Deserialization of unt… |
VictorThemes |
Seil |
2025-11-06T15:53:58.962Z | 2025-11-10T19:50:01.019Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-117791 | Malicious code in vera-kue46-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117790 | Malicious code in vera-klanting12-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117789 | Malicious code in vera-kacang67-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117788 | Malicious code in vera-jus97-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117787 | Malicious code in vera-jengkol1-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117786 | Malicious code in vera-gudeg98-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117785 | Malicious code in vera-gudeg11-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117784 | Malicious code in vera-gorengan87-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117783 | Malicious code in vera-gorengan31-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117782 | Malicious code in vera-gembus87-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117781 | Malicious code in vera-esdoger15-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117780 | Malicious code in vera-empal91-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117779 | Malicious code in vera-empal34-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117778 | Malicious code in vera-bubursumsum58-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117777 | Malicious code in vera-brongkos22-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117776 | Malicious code in vera-brengkes55-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117775 | Malicious code in vast_swallow_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117774 | Malicious code in vast_skink_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117773 | Malicious code in varying_leopard_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117772 | Malicious code in varying_gayal_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117771 | Malicious code in varying_camel_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117770 | Malicious code in various_macaw_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117769 | Malicious code in various_bedbug_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117768 | Malicious code in varied_mosquito_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117767 | Malicious code in varied_galliform_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117766 | Malicious code in valuable_swordfish_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117765 | Malicious code in valuable_gibbon_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117764 | Malicious code in valuable_constrictor_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117763 | Malicious code in valuable_bandicoot_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117762 | Malicious code in valuable_anteater_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:14746 | Red Hat Security Advisory: kernel-rt security update | 2025-08-27T11:42:30+00:00 | 2025-11-08T07:17:05+00:00 |
| rhsa-2025:14742 | Red Hat Security Advisory: kernel security update | 2025-08-27T10:41:33+00:00 | 2025-11-11T08:53:48+00:00 |
| rhsa-2025:14692 | Red Hat Security Advisory: kernel security update | 2025-08-27T08:37:13+00:00 | 2025-11-11T08:53:47+00:00 |
| rhsa-2025:14696 | Red Hat Security Advisory: kernel security update | 2025-08-27T08:27:23+00:00 | 2025-11-11T08:53:47+00:00 |
| rhsa-2025:14691 | Red Hat Security Advisory: kernel-rt security update | 2025-08-27T00:10:17+00:00 | 2025-11-11T08:53:46+00:00 |
| rhsa-2025:14686 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update | 2025-08-26T21:02:47+00:00 | 2025-11-07T03:32:40+00:00 |
| rhsa-2025:14683 | Red Hat Security Advisory: gdk-pixbuf2 security update | 2025-08-26T20:39:47+00:00 | 2025-11-07T18:35:47+00:00 |
| rhsa-2025:14647 | Red Hat Security Advisory: gdk-pixbuf2 security update | 2025-08-26T16:55:16+00:00 | 2025-11-07T18:35:47+00:00 |
| rhsa-2025:14646 | Red Hat Security Advisory: gdk-pixbuf2 security update | 2025-08-26T16:50:52+00:00 | 2025-11-07T18:35:46+00:00 |
| rhsa-2025:14644 | Red Hat Security Advisory: Insights proxy Container Image | 2025-08-26T15:51:25+00:00 | 2025-11-11T16:23:09+00:00 |
| rhsa-2025:14640 | Red Hat Security Advisory: thunderbird security update | 2025-08-26T15:42:51+00:00 | 2025-11-06T22:48:12+00:00 |
| rhsa-2025:14625 | Red Hat Security Advisory: mod_http2 security update | 2025-08-26T13:26:11+00:00 | 2025-11-06T23:42:09+00:00 |
| rhsa-2025:14618 | Red Hat Security Advisory: gdk-pixbuf2 security update | 2025-08-26T12:45:51+00:00 | 2025-11-07T18:35:45+00:00 |
| rhsa-2025:14599 | Red Hat Security Advisory: kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_52_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 security update | 2025-08-26T10:28:05+00:00 | 2025-11-11T09:06:26+00:00 |
| rhsa-2025:14592 | Red Hat Security Advisory: aide security update | 2025-08-26T09:51:45+00:00 | 2025-11-06T23:42:09+00:00 |
| rhsa-2025:14594 | Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Jaeger) 3.5.3 release | 2025-08-26T09:43:28+00:00 | 2025-11-11T16:23:09+00:00 |
| rhsa-2025:14585 | Red Hat Security Advisory: gdk-pixbuf2 security update | 2025-08-26T09:06:45+00:00 | 2025-11-07T18:35:45+00:00 |
| rhsa-2025:14574 | Red Hat Security Advisory: gdk-pixbuf2 security update | 2025-08-26T07:36:20+00:00 | 2025-11-07T18:35:43+00:00 |
| rhsa-2025:14576 | Red Hat Security Advisory: gdk-pixbuf2 security update | 2025-08-26T07:32:10+00:00 | 2025-11-07T18:35:45+00:00 |
| rhsa-2025:14575 | Red Hat Security Advisory: gdk-pixbuf2 security update | 2025-08-26T07:30:50+00:00 | 2025-11-07T18:35:45+00:00 |
| rhsa-2025:14573 | Red Hat Security Advisory: aide security update | 2025-08-26T07:28:00+00:00 | 2025-11-06T23:42:08+00:00 |
| rhsa-2025:14560 | Red Hat Security Advisory: python3 security update | 2025-08-26T02:15:04+00:00 | 2025-11-07T10:53:27+00:00 |
| rhsa-2025:14557 | Red Hat Security Advisory: pam security update | 2025-08-26T01:34:29+00:00 | 2025-11-11T16:22:50+00:00 |
| rhsa-2025:14546 | Red Hat Security Advisory: python3.12 security update | 2025-08-26T01:07:29+00:00 | 2025-11-07T10:53:25+00:00 |
| rhsa-2025:14553 | Red Hat Security Advisory: python-cryptography security update | 2025-08-26T00:45:19+00:00 | 2025-11-06T23:05:40+00:00 |
| rhsa-2025:14528 | Red Hat Security Advisory: libarchive security update | 2025-08-25T19:49:08+00:00 | 2025-11-11T16:23:09+00:00 |
| rhsa-2025:14525 | Red Hat Security Advisory: libarchive security update | 2025-08-25T19:18:44+00:00 | 2025-11-11T16:23:09+00:00 |
| rhsa-2025:14510 | Red Hat Security Advisory: kernel security update | 2025-08-25T14:07:23+00:00 | 2025-11-11T12:54:46+00:00 |
| rhsa-2025:14511 | Red Hat Security Advisory: kernel security update | 2025-08-25T14:05:58+00:00 | 2025-11-11T08:53:45+00:00 |
| rhsa-2025:14497 | Red Hat Security Advisory: kpatch-patch-5_14_0-570_17_1 security update | 2025-08-25T12:18:48+00:00 | 2025-11-11T09:06:25+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-38368 | misc: tps6594-pfsm: Add NULL pointer check in tps6594_pfsm_probe() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38365 | btrfs: fix a race between renames and directory logging | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38364 | maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() | 2025-07-02T00:00:00.000Z | 2025-09-03T23:08:55.000Z |
| msrc_cve-2025-38363 | drm/tegra: Fix a possible null pointer dereference | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38362 | drm/amd/display: Add null pointer check for get_first_active_display() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38361 | drm/amd/display: Check dce_hwseq before dereferencing it | 2025-07-02T00:00:00.000Z | 2025-09-03T23:05:17.000Z |
| msrc_cve-2025-38359 | s390/mm: Fix in_atomic() handling in do_secure_storage_access() | 2025-07-02T00:00:00.000Z | 2025-09-03T22:35:46.000Z |
| msrc_cve-2025-38354 | drm/msm/gpu: Fix crash when throttling GPU immediately during boot | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38353 | drm/xe: Fix taking invalid lock on wedge | 2025-07-02T00:00:00.000Z | 2025-09-03T23:31:37.000Z |
| msrc_cve-2025-38352 | posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38351 | KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush | 2025-07-02T00:00:00.000Z | 2025-09-04T03:38:46.000Z |
| msrc_cve-2025-38349 | eventpoll: don't decrement ep refcount while still holding the ep mutex | 2025-07-02T00:00:00.000Z | 2025-09-04T03:09:39.000Z |
| msrc_cve-2025-38348 | wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38347 | f2fs: fix to do sanity check on ino and xnid | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38346 | ftrace: Fix UAF when lookup kallsym after ftrace disabled | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38345 | ACPICA: fix acpi operand cache leak in dswstate.c | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38344 | ACPICA: fix acpi parse and parseext cache leaks | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38343 | wifi: mt76: mt7996: drop fragments with multicast or broadcast RA | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38342 | software node: Correct a OOB check in software_node_get_reference_args() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38340 | firmware: cs_dsp: Fix OOB memory read access in KUnit test | 2025-07-02T00:00:00.000Z | 2025-09-04T00:57:21.000Z |
| msrc_cve-2025-38338 | fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38337 | jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38336 | ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38335 | Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT | 2025-07-02T00:00:00.000Z | 2025-09-04T00:19:35.000Z |
| msrc_cve-2025-38334 | x86/sgx: Prevent attempts to reclaim poisoned pages | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38333 | f2fs: fix to bail out in get_new_segment() | 2025-07-02T00:00:00.000Z | 2025-08-21T18:00:17.000Z |
| msrc_cve-2025-38332 | scsi: lpfc: Use memcpy() for BIOS version | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38331 | net: ethernet: cortina: Use TOE/TSO on all TCP | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38330 | firmware: cs_dsp: Fix OOB memory read access in KUnit test (ctl cache) | 2025-07-02T00:00:00.000Z | 2025-09-04T02:05:31.000Z |
| msrc_cve-2025-38329 | firmware: cs_dsp: Fix OOB memory read access in KUnit test (wmfw info) | 2025-07-02T00:00:00.000Z | 2025-09-04T01:01:28.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2021-003660 | Authentication Bypass Vulnerability in Hitachi Device Manager | 2021-11-01T15:56+09:00 | 2021-11-01T15:56+09:00 |
| jvndb-2021-000097 | Multiple vulnerabilities in CLUSTERPRO X and EXPRESSCLUSTER X | 2021-10-29T15:22+09:00 | 2022-04-20T14:03+09:00 |
| jvndb-2021-000096 | Android App "Mercari (Merpay) - Marketplace and Mobile Payments App" (Japan version) vulnerable to improper handling of Intent | 2021-10-29T15:11+09:00 | 2021-10-29T15:11+09:00 |
| jvndb-2021-000098 | ESET Cyber Security and ESET Endpoint series vulnerable to denial-of-service (DoS) | 2021-10-29T14:58+09:00 | 2021-10-29T14:58+09:00 |
| jvndb-2021-000095 | Multiple improper restriction of XML external entity reference (XXE) vulnerabilities in Office Server Document Converter | 2021-10-28T15:03+09:00 | 2021-10-28T15:03+09:00 |
| jvndb-2021-003385 | Trend Micro Endpoint security products for enterprises vulnerable to privilege escalation | 2021-10-26T12:35+09:00 | 2021-10-26T12:35+09:00 |
| jvndb-2021-000093 | Movable Type XMLRPC API vulnerable to OS command injection | 2021-10-20T17:38+09:00 | 2021-12-17T17:36+09:00 |
| jvndb-2021-003080 | OMRON CX-Supervisor vulnerable to out-of-bounds read | 2021-10-18T15:26+09:00 | 2021-11-01T15:37+09:00 |
| jvndb-2021-000091 | 128 Technology Session Smart Router vulnerable to authentication bypass | 2021-10-18T14:58+09:00 | 2021-10-18T14:58+09:00 |
| jvndb-2021-000090 | Apache HTTP Server vulnerable to directory traversal | 2021-10-11T18:07+09:00 | 2021-10-11T18:07+09:00 |
| jvndb-2021-000089 | Nike App fails to restrict custom URL schemes properly | 2021-10-08T14:32+09:00 | 2021-10-08T14:32+09:00 |
| jvndb-2021-002810 | Information Disclosure Vulnerability in Hitachi Tuning Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2021-10-05T15:37+09:00 | 2021-10-05T15:37+09:00 |
| jvndb-2021-002774 | Trend Micro ServerProtect family vulnerable to authentication bypass | 2021-10-01T14:42+09:00 | 2021-10-01T14:42+09:00 |
| jvndb-2021-000088 | Multiple vulnerabilities in Cybozu Remote Service | 2021-09-30T16:03+09:00 | 2024-04-08T18:09+09:00 |
| jvndb-2021-002752 | Trend Micro HouseCall for Home Networks vulnerable to privilege escalation | 2021-09-30T13:56+09:00 | 2021-09-30T13:56+09:00 |
| jvndb-2021-000085 | SNKRDUNK Market Place App for iOS vulnerable to improper server certificate verification | 2021-09-28T15:18+09:00 | 2021-09-28T15:18+09:00 |
| jvndb-2021-000086 | WordPress Plugin "OG Tags" vulnerable to cross-site request forgery | 2021-09-28T15:11+09:00 | 2021-09-28T15:11+09:00 |
| jvndb-2021-000084 | InBody App vulnerable to information disclosure | 2021-09-28T14:27+09:00 | 2021-09-28T14:27+09:00 |
| jvndb-2021-000081 | Multiple vulnerabilities in Sharp NEC Display Solutions' public displays | 2021-09-17T15:13+09:00 | 2021-09-17T15:13+09:00 |
| jvndb-2021-000083 | EC-CUBE plugin "Order Status Batch Change Plug-in" vulnerable to cross-site scripting | 2021-09-16T14:33+09:00 | 2021-09-16T14:33+09:00 |
| jvndb-2021-000082 | EC-CUBE plugin "List (order management) item change plug-in" vulnerable to cross-site scripting | 2021-09-13T14:24+09:00 | 2021-09-13T14:24+09:00 |
| jvndb-2021-000074 | Multiple vulnerabilities in RevoWorks Browser | 2021-09-10T15:44+09:00 | 2021-09-10T15:44+09:00 |
| jvndb-2021-002342 | Trend Micro Security family vulnerable to improper handling of Directory Junction | 2021-09-03T16:10+09:00 | 2021-09-03T16:10+09:00 |
| jvndb-2021-000080 | baserCMS vulnerable to cross-site scripting | 2021-08-27T13:29+09:00 | 2021-08-27T13:29+09:00 |
| jvndb-2021-000079 | Multiple cross-site scripting vulnerabilities in Movable Type | 2021-08-25T14:54+09:00 | 2021-08-25T14:54+09:00 |
| jvndb-2021-000078 | The installers of multiple Sony products may insecurely load Dynamic Link Libraries | 2021-08-24T14:30+09:00 | 2021-08-24T14:30+09:00 |
| jvndb-2021-002282 | Multiple vulnerabilities in Navigate CMS | 2021-08-20T14:25+09:00 | 2021-08-20T14:25+09:00 |
| jvndb-2021-002279 | Incorrect permission assignment vulnerability in multiple Trend Micro Endpoint security products for enterprises | 2021-08-19T15:01+09:00 | 2021-08-19T15:01+09:00 |
| jvndb-2021-000077 | Huawei EchoLife HG8045Q vulnerable to OS command injection | 2021-08-17T14:24+09:00 | 2021-08-17T14:24+09:00 |
| jvndb-2021-002273 | Multiple vulnerabilities in D-Link router DSL-2750U | 2021-08-17T14:09+09:00 | 2021-08-17T14:09+09:00 |
| ID | Description | Updated |
|---|