Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-2g7v-6q7q-7mp6 | A security flaw has been discovered in code-projects/anirbandutta9 Content Management System and Ne… | 2025-12-29T18:30:55Z | 2025-12-29T18:30:55Z |
| ghsa-jrvx-v9w9-54rr | A vulnerability was found in D-Link DIR-600 up to 2.15WWb02. Affected by this vulnerability is an u… | 2025-12-29T18:30:54Z | 2025-12-29T18:30:54Z |
| ghsa-h9cp-8vj7-rfrc | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-29T18:30:54Z | 2025-12-29T18:30:54Z |
| ghsa-cvjw-pf3j-qxvj | A vulnerability was determined in code-projects Assessment Management 1.0. Affected by this issue i… | 2025-12-29T18:30:54Z | 2025-12-29T18:30:54Z |
| ghsa-cj5p-mv79-727v | An issue in Fossorial fosrl/pangolin v.1.6.2 and before allows a remote attacker to escalate privil… | 2025-12-29T18:30:54Z | 2025-12-31T18:30:22Z |
| ghsa-9g2m-6xr2-f659 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-29T18:30:54Z | 2025-12-29T18:30:54Z |
| ghsa-rvmc-jc4r-xjfq | A security vulnerability has been detected in D-Link DWR-M920 up to 1.1.50. The impacted element is… | 2025-12-29T15:30:22Z | 2025-12-29T15:30:22Z |
| ghsa-r6xg-3mr4-3226 | A type confusion in jsish 2.0 allows incorrect control flow during execution of the OP_NEXT opcode.… | 2025-12-29T15:30:22Z | 2025-12-31T18:30:22Z |
| ghsa-x975-56vp-498f | A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. This affects the function sub_423848 … | 2025-12-29T15:30:21Z | 2025-12-29T15:30:22Z |
| ghsa-vjmh-x5rx-92fx | Reflected Cross site scripting (xss) in machsol machpanel 8.0.32 allows attackers to execute arbitr… | 2025-12-29T15:30:21Z | 2025-12-29T18:30:54Z |
| ghsa-pg74-76w3-h2pm | File upload vulnerability in machsol machpanel 8.0.32 allows attacker to gain a webshell. | 2025-12-29T15:30:21Z | 2025-12-31T18:30:22Z |
| ghsa-p244-346v-84c5 | A vulnerability was identified in D-Link DWR-M920 up to 1.1.50. This issue affects the function sub… | 2025-12-29T15:30:21Z | 2025-12-29T15:30:21Z |
| ghsa-fm5v-x688-f2q9 | UxPlay 1.72 contains a double free vulnerability in its RTSP request handling. A specially crafted … | 2025-12-29T15:30:21Z | 2025-12-29T18:30:54Z |
| ghsa-9j2r-7g42-jcwg | A weakness has been identified in D-Link DWR-M920 up to 1.1.50. The affected element is the functio… | 2025-12-29T15:30:21Z | 2025-12-29T15:30:21Z |
| ghsa-6c3p-2cc4-9r7p | DOM-based Cross-Site Scripting (XSS) vulnerability in 201206030 novel V3.5.0 allows remote attacker… | 2025-12-29T15:30:21Z | 2025-12-29T18:30:54Z |
| ghsa-2xwf-xvj5-w274 | A vulnerability was determined in Campcodes Complete Online Beauty Parlor Management System 1.0. Th… | 2025-12-29T15:30:21Z | 2025-12-29T15:30:21Z |
| ghsa-2439-vfhj-mg5g | A security flaw has been discovered in D-Link DWR-M920 up to 1.1.50. Impacted is the function sub_4… | 2025-12-29T15:30:21Z | 2025-12-29T15:30:21Z |
| ghsa-r8g5-cgf2-4m4m | Picklescan missing detection when calling numpy.f2py.crackfortran.getlincoef | 2025-12-29T15:27:59Z | 2025-12-29T15:27:59Z |
| ghsa-hgrh-qx5j-jfwx | Picklescan Bypasses Unsafe Globals Check using pty.spawn | 2025-12-29T15:26:37Z | 2025-12-29T15:26:37Z |
| ghsa-vqmv-47xg-9wpr | Picklescan missing detection when calling pty.spawn | 2025-12-29T15:24:33Z | 2025-12-29T15:24:33Z |
| ghsa-84r2-jw7c-4r5q | Picklescan has Incomplete List of Disallowed Inputs | 2025-12-29T15:24:20Z | 2025-12-29T15:24:20Z |
| ghsa-4675-36f9-wf6r | Picklescan does not block ctypes | 2025-12-29T15:23:49Z | 2025-12-29T15:23:49Z |
| ghsa-m273-6v24-x4m4 | Picklescan vulnerable to Arbitrary File Writing | 2025-12-29T15:22:30Z | 2025-12-29T15:22:30Z |
| ghsa-q882-28j8-f2x8 | A security vulnerability has been detected in code-projects Refugee Food Management System 1.0. Thi… | 2025-12-29T12:30:16Z | 2025-12-29T12:30:16Z |
| ghsa-gr57-9g27-x5wx | A vulnerability was found in GreenCMS up to 2.3. This affects an unknown part of the file /DataCont… | 2025-12-29T12:30:16Z | 2025-12-29T12:30:16Z |
| ghsa-fm8g-vxm5-h9qc | A flaw has been found in code-projects Refugee Food Management System 1.0. Affected by this vulnera… | 2025-12-29T12:30:16Z | 2025-12-29T12:30:16Z |
| ghsa-fcm2-vr5g-rj8f | A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an… | 2025-12-29T12:30:16Z | 2025-12-29T12:30:16Z |
| ghsa-cgrf-8qxm-cw5j | A vulnerability was detected in code-projects Refugee Food Management System 1.0. Affected is an un… | 2025-12-29T12:30:16Z | 2025-12-29T12:30:16Z |
| ghsa-7pfj-7xq4-95vf | A vulnerability has been found in code-projects Refugee Food Management System 1.0. Affected by thi… | 2025-12-29T12:30:16Z | 2025-12-29T12:30:16Z |
| ghsa-wgvp-jwxw-3rhx | BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Upload vulnerability, allowing … | 2025-12-29T09:30:24Z | 2025-12-29T09:30:24Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-15169 | BiggiDroid Simple PHP CMS editsite.php sql injection |
BiggiDroid |
Simple PHP CMS |
2025-12-29T03:02:09.145Z | 2025-12-29T16:09:31.243Z | |
| cve-2025-15168 | itsourcecode Student Management System statistical.php… |
itsourcecode |
Student Management System |
2025-12-29T02:32:06.034Z | 2025-12-29T16:50:56.359Z | |
| cve-2025-52691 | 10 (v3.1) | Upload Arbitrary Files |
SmarterTools |
SmarterMail |
2025-12-29T02:15:58.200Z | 2025-12-29T16:47:54.633Z |
| cve-2025-15167 | itsourcecode Online Cake Ordering System detailtransac… |
itsourcecode |
Online Cake Ordering System |
2025-12-29T02:02:07.978Z | 2025-12-29T18:00:29.145Z | |
| cve-2025-15166 | itsourcecode Online Cake Ordering System updatesupplie… |
itsourcecode |
Online Cake Ordering System |
2025-12-29T01:32:07.201Z | 2025-12-29T18:57:13.054Z | |
| cve-2025-15165 | itsourcecode Online Cake Ordering System updatecustome… |
itsourcecode |
Online Cake Ordering System |
2025-12-29T01:02:08.921Z | 2025-12-29T19:29:33.393Z | |
| cve-2025-15067 | 8.5 (v4.0) 7.7 (v3.1) | Unrestricted File Upload and RCE in Innorix WP |
Innorix |
Innorix WP |
2025-12-29T00:59:38.660Z | 2025-12-29T17:31:32.666Z |
| cve-2025-15066 | 6.9 (v4.0) 6.2 (v3.1) | Arbitrary File Download through Path Traversal in Innorix WP |
Innorix |
Innorix WP |
2025-12-29T00:48:56.222Z | 2025-12-29T17:35:49.557Z |
| cve-2025-15164 | Tenda WH450 SafeMacFilter stack-based overflow |
Tenda |
WH450 |
2025-12-29T00:32:07.802Z | 2025-12-29T00:32:07.802Z | |
| cve-2025-15065 | 8.6 (v4.0) 6.3 (v3.1) | Data Exposure in Kings Information & Network KESS Enterprise |
Kings Information & Network Co. |
KESS Enterprise |
2025-12-29T00:09:27.009Z | 2025-12-31T04:45:49.039Z |
| cve-2025-15163 | Tenda WH450 SafeEmailFilter stack-based overflow |
Tenda |
WH450 |
2025-12-29T00:02:07.226Z | 2025-12-29T21:03:37.471Z | |
| cve-2025-68706 | N/A | A stack-based buffer overflow exists in the GoAhe… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-31T16:59:00.763Z |
| cve-2025-67255 | N/A | In NagiosXI 2026R1.0.1 build 1762361101, Dashboar… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-31T16:59:06.948Z |
| cve-2025-67254 | N/A | NagiosXI 2026R1.0.1 build 1762361101 is vulnerabl… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-31T16:59:12.600Z |
| cve-2025-66877 | N/A | Buffer overflow vulnerability in function dcputch… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-30T15:24:13.771Z |
| cve-2025-66869 | N/A | Buffer overflow vulnerability in function strcat … |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-30T15:23:04.733Z |
| cve-2025-66866 | N/A | An issue was discovered in function d_abi_tags in… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-29T16:37:39.973Z |
| cve-2025-66865 | N/A | An issue was discovered in function d_print_comp_… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-30T15:20:39.997Z |
| cve-2025-66864 | N/A | An issue was discovered in function d_print_comp_… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-29T16:40:54.806Z |
| cve-2025-66863 | N/A | An issue was discovered in function d_discriminat… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-30T15:19:15.437Z |
| cve-2025-66862 | N/A | A buffer overflow vulnerability in function gnu_s… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-30T15:21:46.591Z |
| cve-2025-66861 | N/A | An issue was discovered in function d_unqualified… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-31T16:59:18.214Z |
| cve-2025-65570 | N/A | A type confusion in jsish 2.0 allows incorrect co… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-31T16:59:28.908Z |
| cve-2025-65442 | N/A | DOM-based Cross-Site Scripting (XSS) vulnerabilit… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-29T16:45:57.333Z |
| cve-2025-60458 | N/A | UxPlay 1.72 contains a double free vulnerability … |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-29T16:46:50.304Z |
| cve-2025-57462 | N/A | Stored cross-site scripting (xss) in machsol mach… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-30T14:42:39.714Z |
| cve-2025-57460 | N/A | File upload vulnerability in machsol machpanel 8.… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-31T16:59:34.009Z |
| cve-2025-56333 | N/A | An issue in Fossorial fosrl/pangolin v.1.6.2 and … |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-31T16:59:23.665Z |
| cve-2024-30855 | N/A | DedeCMS v5.7 was discovered to contain a Cross-Si… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-31T16:58:55.120Z |
| cve-2024-27480 | N/A | givanz VvvebJs 1.7.2 is vulnerable to Insecure Fi… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-29T20:27:33.820Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-55063 | 4.8 (v3.1) | Priority - CWE-79 Improper Neutralization of Input Dur… |
Priority |
Web |
2025-12-29T17:19:52.718Z | 2025-12-29T18:00:32.074Z |
| cve-2025-55062 | 4.8 (v3.1) | Priority - CWE-79 Improper Neutralization of Input Dur… |
Priority |
Web |
2025-12-29T17:18:00.526Z | 2025-12-29T18:01:06.869Z |
| cve-2025-55061 | 8.8 (v3.1) | Priority - CWE-434 Unrestricted Upload of File with Da… |
Priority |
Web |
2025-12-29T17:14:36.328Z | 2025-12-29T18:02:34.082Z |
| cve-2025-55060 | 6.1 (v3.1) | Priority - CWE-601: URL Redirection to Untrusted Site … |
Priority |
Web |
2025-12-29T17:11:10.544Z | 2025-12-29T18:03:14.911Z |
| cve-2025-15198 | code-projects College Notes Uploading System login.php… |
code-projects |
College Notes Uploading System |
2025-12-29T17:32:05.041Z | 2025-12-29T18:08:48.753Z | |
| cve-2025-68870 | 7.5 (v3.1) | WordPress CookieHint WP plugin <= 1.0.0 - Local File I… |
reDim GmbH |
CookieHint WP |
2025-12-29T16:09:05.270Z | 2025-12-29T16:50:40.971Z |
| cve-2025-68868 | 6.5 (v3.1) | WordPress Wp Text Slider Widget plugin <= 1.0 - Cross … |
Codeaffairs |
Wp Text Slider Widget |
2025-12-29T16:12:32.664Z | 2025-12-29T16:51:15.274Z |
| cve-2025-66869 | N/A | Buffer overflow vulnerability in function strcat … |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-30T15:23:04.733Z |
| cve-2025-66866 | N/A | An issue was discovered in function d_abi_tags in… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-29T16:37:39.973Z |
| cve-2025-66865 | N/A | An issue was discovered in function d_print_comp_… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-30T15:20:39.997Z |
| cve-2025-66864 | N/A | An issue was discovered in function d_print_comp_… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-29T16:40:54.806Z |
| cve-2025-66863 | N/A | An issue was discovered in function d_discriminat… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-30T15:19:15.437Z |
| cve-2025-66862 | N/A | A buffer overflow vulnerability in function gnu_s… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-30T15:21:46.591Z |
| cve-2025-66861 | N/A | An issue was discovered in function d_unqualified… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-31T16:59:18.214Z |
| cve-2025-53627 | Meshtastic firmware allows forged DMs with no PKC to s… |
meshtastic |
firmware |
2025-12-29T16:18:29.680Z | 2025-12-29T16:52:03.331Z | |
| cve-2025-15197 | code-projects/anirbandutta9 Content Management System/… |
code-projects |
Content Management System |
2025-12-29T17:02:06.458Z | 2025-12-30T15:58:27.509Z | |
| cve-2025-15196 | code-projects Assessment Management login.php sql injection |
code-projects |
Assessment Management |
2025-12-29T16:32:06.461Z | 2025-12-29T16:53:08.767Z | |
| cve-2025-69211 | Nest has a Fastify URL Encoding Middleware Bypass (TOCTOU) |
nestjs |
nest |
2025-12-29T16:01:22.801Z | 2025-12-29T16:50:02.429Z | |
| cve-2025-69206 | Hemmelig has SSRF Filter bypass in Secret Request func… |
HemmeligOrg |
Hemmelig.app |
2025-12-29T15:55:12.761Z | 2025-12-29T16:50:43.152Z | |
| cve-2025-69201 | Tugtainer has RCE in Agent Command Execution Api |
Quenary |
tugtainer |
2025-12-29T15:51:41.461Z | 2025-12-29T16:50:49.919Z | |
| cve-2025-69200 | phpMyFAQ has unauthenticated config backup download vi… |
thorsten |
phpMyFAQ |
2025-12-29T15:24:51.844Z | 2025-12-29T16:14:32.476Z | |
| cve-2025-68951 | phpMyFAQ has stored XSS in admin "List of users" via d… |
thorsten |
phpMyFAQ |
2025-12-29T15:18:58.000Z | 2025-12-29T16:13:54.598Z | |
| cve-2025-68897 | 9.9 (v3.1) | WordPress IF AS Shortcode plugin <= 1.2 - Remote Code … |
Mohammad I. Okfie |
IF AS Shortcode |
2025-12-29T15:55:13.564Z | 2025-12-29T16:50:36.615Z |
| cve-2025-68893 | 4.9 (v3.1) | WordPress WordPress Image shrinker plugin <= 1.1.0 - S… |
HETWORKS |
WordPress Image shrinker |
2025-12-29T15:56:47.504Z | 2025-12-29T16:50:28.337Z |
| cve-2025-68879 | 7.1 (v3.1) | WordPress Content Grid Slider plugin <= 1.5 - Reflecte… |
Councilsoft |
Content Grid Slider |
2025-12-29T15:58:57.851Z | 2025-12-29T16:48:36.247Z |
| cve-2025-68878 | 7.1 (v3.1) | WordPress Advanced Custom CSS plugin <= 1.1.0 - Reflec… |
Prasadkirpekar |
Advanced Custom CSS |
2025-12-29T16:00:20.652Z | 2025-12-29T16:49:10.084Z |
| cve-2025-68877 | 7.5 (v3.1) | WordPress CedCommerce Integration for Good Market plug… |
CedCommerce |
CedCommerce Integration for Good Market |
2025-12-29T16:03:22.206Z | 2025-12-29T16:50:15.997Z |
| cve-2025-68876 | 7.1 (v3.1) | WordPress Invelity SPS connect plugin <= 1.0.8 - Refle… |
INVELITY |
Invelity SPS connect |
2025-12-29T16:05:23.287Z | 2025-12-29T16:50:09.822Z |
| cve-2025-56333 | N/A | An issue in Fossorial fosrl/pangolin v.1.6.2 and … |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-31T16:59:23.665Z |
| cve-2025-15195 | code-projects Assessment Management add-module.php sql… |
code-projects |
Assessment Management |
2025-12-29T16:02:06.204Z | 2025-12-29T16:50:21.963Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192371 | Malicious code in tna_xmlparser (npm) | 2025-12-07T21:23:57Z | 2025-12-10T21:09:40Z |
| mal-2025-192367 | Malicious code in hexdeci (PyPI) | 2025-12-07T17:56:09Z | 2025-12-07T17:56:09Z |
| mal-2025-192366 | Malicious code in react-hook-form-5 (npm) | 2025-12-07T09:31:09Z | 2025-12-10T21:09:39Z |
| mal-2025-192365 | Malicious code in python-tg-bot (PyPI) | 2025-12-07T00:50:39Z | 2025-12-31T02:45:15Z |
| mal-0000-kam193-830f97cae808ec0c | Malicious code in python-tg-bot (PyPI) | 2025-12-07T00:50:39Z | 2025-12-07T00:50:39Z |
| mal-2025-192364 | Malicious code in blank-lib (PyPI) | 2025-12-07T00:40:43Z | 2025-12-07T02:46:06Z |
| mal-2025-192361 | Malicious code in datadog-checks-base (npm) | 2025-12-06T17:35:39Z | 2025-12-10T21:09:36Z |
| mal-2025-192362 | Malicious code in evil-rce2 (PyPI) | 2025-12-06T16:25:44Z | 2025-12-06T16:25:44Z |
| mal-2025-192363 | Malicious code in telco (PyPI) | 2025-12-06T16:24:38Z | 2025-12-09T08:46:16Z |
| mal-2025-192356 | Malicious code in fdir5 (npm) | 2025-12-06T16:23:30Z | 2025-12-10T21:09:37Z |
| mal-2025-192359 | Malicious code in ssf-desktop-api-browser (npm) | 2025-12-06T16:23:25Z | 2025-12-10T21:09:40Z |
| mal-2025-192353 | Malicious code in fdir1 (npm) | 2025-12-06T16:23:24Z | 2025-12-10T21:09:37Z |
| mal-2025-192352 | Malicious code in enclose-eslint (npm) | 2025-12-06T16:23:24Z | 2025-12-10T21:09:37Z |
| mal-2025-192357 | Malicious code in ido-sdk-web (npm) | 2025-12-06T16:23:22Z | 2025-12-10T21:09:37Z |
| mal-2025-192358 | Malicious code in sharp32 (npm) | 2025-12-06T16:23:20Z | 2025-12-10T21:09:40Z |
| mal-2025-192355 | Malicious code in fdir4 (npm) | 2025-12-06T16:23:20Z | 2025-12-10T21:09:37Z |
| mal-2025-192354 | Malicious code in fdir2 (npm) | 2025-12-06T16:23:19Z | 2025-12-10T21:09:37Z |
| mal-2025-192360 | Malicious code in ssf-desktop-api-openfin (npm) | 2025-12-06T16:23:18Z | 2025-12-10T21:09:40Z |
| mal-2025-192351 | Malicious code in evil-rce (PyPI) | 2025-12-06T14:11:45Z | 2025-12-06T14:11:45Z |
| mal-2025-192350 | Malicious code in express-my-error-handler (npm) | 2025-12-06T13:55:54Z | 2025-12-10T21:09:37Z |
| mal-2025-192349 | Malicious code in qt-main (PyPI) | 2025-12-05T22:52:28Z | 2025-12-31T02:45:15Z |
| mal-0000-kam193-0962da4ec047e65e | Pentesting or research code in qt-main (PyPI) | 2025-12-05T22:52:28Z | 2025-12-05T22:52:28Z |
| mal-2025-192347 | Malicious code in sd-123456 (npm) | 2025-12-05T21:10:10Z | 2025-12-05T21:10:10Z |
| mal-2025-192346 | Malicious code in non-modular-buildable (npm) | 2025-12-05T21:10:10Z | 2025-12-10T03:44:30Z |
| mal-2025-192345 | Malicious code in native-component-list (npm) | 2025-12-05T21:10:10Z | 2025-12-10T03:44:30Z |
| mal-2025-192344 | Malicious code in elf-stats-whimsical-pantry-974 (npm) | 2025-12-05T21:10:10Z | 2025-12-05T21:10:10Z |
| mal-2025-192343 | Malicious code in elf-stats-velvet-train-152 (npm) | 2025-12-05T21:10:10Z | 2025-12-05T21:10:10Z |
| mal-2025-192342 | Malicious code in elf-stats-tinsel-muffin-395 (npm) | 2025-12-05T21:10:10Z | 2025-12-05T21:10:10Z |
| mal-2025-192341 | Malicious code in elf-stats-sparkly-workbench-689 (npm) | 2025-12-05T21:10:10Z | 2025-12-05T21:10:10Z |
| mal-2025-192340 | Malicious code in elf-stats-sparkly-icicle-845 (npm) | 2025-12-05T21:10:10Z | 2025-12-23T21:38:09Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:15680 | Red Hat Security Advisory: OpenShift Container Platform 4.16.48 bug fix and security update | 2025-09-17T11:15:03+00:00 | 2025-11-29T06:53:08+00:00 |
| rhsa-2025:15681 | Red Hat Security Advisory: OpenShift Container Platform 4.16.48 security and extras update | 2025-09-17T10:36:08+00:00 | 2025-11-21T23:04:35+00:00 |
| rhsa-2025:16046 | Red Hat Security Advisory: mysql:8.4 security update | 2025-09-17T08:11:40+00:00 | 2025-11-21T19:26:15+00:00 |
| rhba-2025:15714 | Red Hat Bug Fix Advisory: OpenShift Container Platform 4.18.24 bug fix update | 2025-09-17T07:54:00+00:00 | 2025-11-21T19:38:08+00:00 |
| rhsa-2025:16045 | Red Hat Security Advisory: kpatch-patch-4_18_0-372_118_1, kpatch-patch-4_18_0-372_131_1, kpatch-patch-4_18_0-372_137_1, kpatch-patch-4_18_0-372_145_1, and kpatch-patch-4_18_0-372_158_1 security update | 2025-09-17T07:28:05+00:00 | 2025-11-21T19:26:14+00:00 |
| rhsa-2025:16044 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.1.2 | 2025-09-17T07:00:14+00:00 | 2025-11-21T19:38:35+00:00 |
| rhsa-2025:16040 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.0.5 | 2025-09-17T06:34:26+00:00 | 2025-11-21T19:38:35+00:00 |
| rhsa-2025:16031 | Red Hat Security Advisory: python3.11 security update | 2025-09-17T05:27:10+00:00 | 2025-11-21T19:26:13+00:00 |
| rhsa-2025:16021 | Red Hat Security Advisory: udisks2 security update | 2025-09-16T20:29:49+00:00 | 2025-11-21T19:26:12+00:00 |
| rhsa-2025:16020 | Red Hat Security Advisory: Red Hat Developer Hub 1.7.1 release. | 2025-09-16T20:12:11+00:00 | 2025-11-21T19:38:35+00:00 |
| rhsa-2025:16016 | Red Hat Security Advisory: python3.11 security update | 2025-09-16T19:30:24+00:00 | 2025-11-21T19:26:12+00:00 |
| rhsa-2025:16012 | Red Hat Security Advisory: python3.11 security update | 2025-09-16T18:01:55+00:00 | 2025-11-21T19:26:11+00:00 |
| rhsa-2025:16008 | Red Hat Security Advisory: kpatch-patch-4_18_0-477_107_1, kpatch-patch-4_18_0-477_67_1, kpatch-patch-4_18_0-477_81_1, kpatch-patch-4_18_0-477_89_1, and kpatch-patch-4_18_0-477_97_1 security update | 2025-09-16T17:51:24+00:00 | 2025-11-21T19:26:09+00:00 |
| rhsa-2025:15968 | Red Hat Security Advisory: python3 security update | 2025-09-16T14:49:39+00:00 | 2025-11-21T19:26:09+00:00 |
| rhsa-2025:15956 | Red Hat Security Advisory: udisks2 security update | 2025-09-16T12:41:58+00:00 | 2025-11-21T19:26:07+00:00 |
| rhsa-2025:15932 | Red Hat Security Advisory: kpatch-patch-5_14_0-427_31_1, kpatch-patch-5_14_0-427_44_1, kpatch-patch-5_14_0-427_55_1, kpatch-patch-5_14_0-427_68_2, and kpatch-patch-5_14_0-427_84_1 security update | 2025-09-16T09:07:47+00:00 | 2025-11-21T19:26:05+00:00 |
| rhsa-2025:15933 | Red Hat Security Advisory: kpatch-patch-5_14_0-70_112_1, kpatch-patch-5_14_0-70_121_1, kpatch-patch-5_14_0-70_124_1, kpatch-patch-5_14_0-70_132_1, and kpatch-patch-5_14_0-70_144_1 security update | 2025-09-16T09:06:23+00:00 | 2025-11-21T19:26:07+00:00 |
| rhsa-2025:15931 | Red Hat Security Advisory: kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_134_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 security update | 2025-09-16T09:06:12+00:00 | 2025-11-21T19:26:05+00:00 |
| rhba-2025:15694 | Red Hat Bug Fix Advisory: OpenShift Container Platform 4.19.12 bug fix update | 2025-09-16T08:35:17+00:00 | 2025-11-21T19:38:08+00:00 |
| rhsa-2025:15921 | Red Hat Security Advisory: kpatch-patch-4_18_0-553_16_1, kpatch-patch-4_18_0-553_30_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, and kpatch-patch-4_18_0-553_72_1 security update | 2025-09-16T08:09:12+00:00 | 2025-11-21T19:26:03+00:00 |
| rhsa-2025:15904 | Red Hat Security Advisory: container-tools:rhel8 security update | 2025-09-16T05:56:47+00:00 | 2025-11-28T12:47:35+00:00 |
| rhsa-2025:15900 | Red Hat Security Advisory: podman security update | 2025-09-16T03:57:07+00:00 | 2025-11-21T19:26:02+00:00 |
| rhba-2025:15878 | Red Hat Bug Fix Advisory: linux-firmware bug fix and enhancement update | 2025-09-16T03:51:47+00:00 | 2025-11-21T17:23:50+00:00 |
| rhsa-2025:15901 | Red Hat Security Advisory: podman security update | 2025-09-16T02:22:07+00:00 | 2025-11-21T19:26:03+00:00 |
| rhsa-2025:15887 | Red Hat Security Advisory: opentelemetry-collector security update | 2025-09-16T00:59:56+00:00 | 2025-11-21T19:26:01+00:00 |
| rhsa-2025:15874 | Red Hat Security Advisory: python-cryptography security update | 2025-09-16T00:58:46+00:00 | 2025-11-21T19:26:01+00:00 |
| rhsa-2025:15872 | Red Hat Security Advisory: VolSync v0.12 security fixes and container updates | 2025-09-15T21:56:29+00:00 | 2025-11-29T06:53:07+00:00 |
| rhsa-2025:15847 | Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.23.0 Release. | 2025-09-15T16:27:40+00:00 | 2025-11-27T15:01:01+00:00 |
| rhsa-2025:15828 | Red Hat Security Advisory: updated web-terminal/tooling container image | 2025-09-15T15:14:08+00:00 | 2025-11-25T10:22:22+00:00 |
| rhsa-2025:15827 | Red Hat Security Advisory: updated web-terminal/tooling container image | 2025-09-15T15:13:16+00:00 | 2025-11-25T10:22:21+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-46152 | In PyTorch before 2.7.0, bitwise_right_shift produces incorrect output for certain out-of-bounds values of the "other" argument. | 2025-09-02T00:00:00.000Z | 2025-12-07T01:36:18.000Z |
| msrc_cve-2025-46150 | In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results. | 2025-09-02T00:00:00.000Z | 2025-10-02T01:05:21.000Z |
| msrc_cve-2025-46149 | In PyTorch before 2.7.0, when inductor is used, nn.Fold has an assertion error. | 2025-09-02T00:00:00.000Z | 2025-10-02T01:05:06.000Z |
| msrc_cve-2025-46148 | In PyTorch through 2.6.0, when eager is used, nn.PairwiseDistance(p=2) produces incorrect results. | 2025-09-02T00:00:00.000Z | 2025-09-29T01:01:59.000Z |
| msrc_cve-2025-40928 | JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact | 2025-09-02T00:00:00.000Z | 2025-11-18T01:36:21.000Z |
| msrc_cve-2025-40300 | x86/vmscape: Add conditional IBPB mitigation | 2025-09-02T00:00:00.000Z | 2025-09-13T01:04:26.000Z |
| msrc_cve-2025-39886 | bpf: Tell memcg to use allow_spinning=false path in bpf_timer_init() | 2025-09-02T00:00:00.000Z | 2025-12-16T01:38:23.000Z |
| msrc_cve-2025-39885 | ocfs2: fix recursive semaphore deadlock in fiemap call | 2025-09-02T00:00:00.000Z | 2025-09-24T01:01:44.000Z |
| msrc_cve-2025-39883 | mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory | 2025-09-02T00:00:00.000Z | 2025-09-24T01:02:21.000Z |
| msrc_cve-2025-39881 | kernfs: Fix UAF in polling when open file is released | 2025-09-02T00:00:00.000Z | 2025-09-24T01:01:49.000Z |
| msrc_cve-2025-39880 | libceph: fix invalid accesses to ceph_connection_v1_info | 2025-09-02T00:00:00.000Z | 2025-09-24T01:02:31.000Z |
| msrc_cve-2025-39877 | mm/damon/sysfs: fix use-after-free in state_show() | 2025-09-02T00:00:00.000Z | 2025-09-24T01:01:55.000Z |
| msrc_cve-2025-39876 | net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() | 2025-09-02T00:00:00.000Z | 2025-09-24T01:02:26.000Z |
| msrc_cve-2025-39873 | can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB | 2025-09-02T00:00:00.000Z | 2025-09-24T01:02:10.000Z |
| msrc_cve-2025-39869 | dmaengine: ti: edma: Fix memory allocation size for queue_priority_map | 2025-09-02T00:00:00.000Z | 2025-09-24T01:02:15.000Z |
| msrc_cve-2025-39867 | netfilter: nft_set_pipapo: fix null deref for empty set | 2025-09-02T00:00:00.000Z | 2025-09-24T01:02:05.000Z |
| msrc_cve-2025-39866 | fs: writeback: fix use-after-free in __mark_inode_dirty() | 2025-09-02T00:00:00.000Z | 2025-09-21T01:03:07.000Z |
| msrc_cve-2025-39865 | tee: fix NULL pointer dereference in tee_shm_put | 2025-09-02T00:00:00.000Z | 2025-09-21T01:02:21.000Z |
| msrc_cve-2025-39864 | wifi: cfg80211: fix use-after-free in cmp_bss() | 2025-09-02T00:00:00.000Z | 2025-09-21T01:03:02.000Z |
| msrc_cve-2025-39863 | wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work | 2025-09-02T00:00:00.000Z | 2025-12-15T14:36:24.000Z |
| msrc_cve-2025-39862 | wifi: mt76: mt7915: fix list corruption after hardware restart | 2025-09-02T00:00:00.000Z | 2025-12-07T01:51:48.000Z |
| msrc_cve-2025-39861 | Bluetooth: vhci: Prevent use-after-free by removing debugfs files early | 2025-09-02T00:00:00.000Z | 2025-09-21T01:02:57.000Z |
| msrc_cve-2025-39860 | Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() | 2025-09-02T00:00:00.000Z | 2025-09-21T01:02:36.000Z |
| msrc_cve-2025-39859 | ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog | 2025-09-02T00:00:00.000Z | 2025-12-16T01:38:18.000Z |
| msrc_cve-2025-39857 | net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() | 2025-09-02T00:00:00.000Z | 2025-09-21T01:01:49.000Z |
| msrc_cve-2025-39853 | i40e: Fix potential invalid access when MAC list is empty | 2025-09-02T00:00:00.000Z | 2025-09-21T01:01:34.000Z |
| msrc_cve-2025-39851 | vxlan: Fix NPD when refreshing an FDB entry with a nexthop object | 2025-09-02T00:00:00.000Z | 2025-12-16T01:38:13.000Z |
| msrc_cve-2025-39850 | vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects | 2025-09-02T00:00:00.000Z | 2025-12-16T01:38:07.000Z |
| msrc_cve-2025-39849 | wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() | 2025-09-02T00:00:00.000Z | 2025-09-21T01:01:29.000Z |
| msrc_cve-2025-39848 | ax25: properly unshare skbs in ax25_kiss_rcv() | 2025-09-02T00:00:00.000Z | 2025-09-21T01:03:25.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2021-003929 | Multiple vulnerabilities in multiple Yamaha routers | 2021-12-24T10:51+09:00 | 2021-12-24T10:51+09:00 |
| jvndb-2021-000112 | Android Apps developed using Yappli fails to restrict custom URL schemes properly | 2021-12-22T15:07+09:00 | 2021-12-22T15:07+09:00 |
| jvndb-2021-000111 | Multiple vulnerabilities in GroupSession | 2021-12-20T14:53+09:00 | 2021-12-21T14:20+09:00 |
| jvndb-2021-000110 | UNIVERGE DT Series vulnerable to missing encryption of sensitive data | 2021-12-17T16:57+09:00 | 2021-12-17T16:57+09:00 |
| jvndb-2021-005174 | Multiple vulnerabilities in Trend Micro Security 2021 family (Consumer) | 2021-12-09T13:43+09:00 | 2021-12-09T13:43+09:00 |
| jvndb-2021-004912 | Multiple vulnerabilities in multiple ELECOM routers | 2021-12-02T17:16+09:00 | 2022-03-30T16:11+09:00 |
| jvndb-2021-000109 | Multiple missing authorization vulnerabilities in WordPress Plugin "Advanced Custom Fields" | 2021-12-02T15:02+09:00 | 2022-02-18T16:18+09:00 |
| jvndb-2021-000108 | Multiple vulnerabilities in multiple ELECOM LAN routers | 2021-11-30T16:23+09:00 | 2022-03-29T16:18+09:00 |
| jvndb-2021-000107 | Wi-Fi STATION SH-52A vulnerable to cross-site scripting | 2021-11-30T14:49+09:00 | 2021-11-30T14:49+09:00 |
| jvndb-2021-004716 | Trend Micro Antivirus for MAC vulnerable to improper access controls | 2021-11-29T13:52+09:00 | 2021-11-29T13:52+09:00 |
| jvndb-2021-000106 | Multiple vulnerabilities in baserCMS | 2021-11-26T14:59+09:00 | 2021-11-26T14:59+09:00 |
| jvndb-2021-000104 | WordPress Plugin "Browser and Operating System Finder" vulnerable to cross-site request forgery | 2021-11-25T14:31+09:00 | 2021-11-25T14:31+09:00 |
| jvndb-2021-000105 | PowerCMS XMLRPC API vulnerable to OS command injection | 2021-11-24T15:47+09:00 | 2024-07-26T15:22+09:00 |
| jvndb-2021-004432 | Multiple Vulnerabilities in JP1/Automatic Operation | 2021-11-22T16:10+09:00 | 2021-11-22T16:10+09:00 |
| jvndb-2021-000103 | WordPress Plugin "Push Notifications for WordPress (Lite)" vulnerable to cross-site request forgery | 2021-11-16T13:42+09:00 | 2021-11-16T13:42+09:00 |
| jvndb-2021-000102 | rwtxt vulnerable to cross-site scripting | 2021-11-16T13:38+09:00 | 2021-11-16T13:38+09:00 |
| jvndb-2021-000101 | Unlimited Sitemap Generator vulnerable to cross-site request forgery | 2021-11-12T15:07+09:00 | 2021-11-12T15:07+09:00 |
| jvndb-2021-003840 | Cross-site Scripting Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2021-11-12T11:41+09:00 | 2021-11-12T11:41+09:00 |
| jvndb-2021-000100 | Multiple vulnerabilities in EC-CUBE 2 series | 2021-11-11T15:09+09:00 | 2021-11-11T15:09+09:00 |
| jvndb-2021-000094 | WordPress Plugin "Booking Package - Appointment Booking Calendar System" vulnerable to cross-site scripting | 2021-11-10T14:26+09:00 | 2021-11-10T14:26+09:00 |
| jvndb-2021-003811 | File Permission Vulnerability in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center | 2021-11-05T15:04+09:00 | 2021-11-05T15:04+09:00 |
| jvndb-2021-003660 | Authentication Bypass Vulnerability in Hitachi Device Manager | 2021-11-01T15:56+09:00 | 2021-11-01T15:56+09:00 |
| jvndb-2021-000097 | Multiple vulnerabilities in CLUSTERPRO X and EXPRESSCLUSTER X | 2021-10-29T15:22+09:00 | 2022-04-20T14:03+09:00 |
| jvndb-2021-000096 | Android App "Mercari (Merpay) - Marketplace and Mobile Payments App" (Japan version) vulnerable to improper handling of Intent | 2021-10-29T15:11+09:00 | 2021-10-29T15:11+09:00 |
| jvndb-2021-000098 | ESET Cyber Security and ESET Endpoint series vulnerable to denial-of-service (DoS) | 2021-10-29T14:58+09:00 | 2021-10-29T14:58+09:00 |
| jvndb-2021-000095 | Multiple improper restriction of XML external entity reference (XXE) vulnerabilities in Office Server Document Converter | 2021-10-28T15:03+09:00 | 2021-10-28T15:03+09:00 |
| jvndb-2021-003385 | Trend Micro Endpoint security products for enterprises vulnerable to privilege escalation | 2021-10-26T12:35+09:00 | 2021-10-26T12:35+09:00 |
| jvndb-2021-000093 | Movable Type XMLRPC API vulnerable to OS command injection | 2021-10-20T17:38+09:00 | 2021-12-17T17:36+09:00 |
| jvndb-2021-003080 | OMRON CX-Supervisor vulnerable to out-of-bounds read | 2021-10-18T15:26+09:00 | 2021-11-01T15:37+09:00 |
| jvndb-2021-000091 | 128 Technology Session Smart Router vulnerable to authentication bypass | 2021-10-18T14:58+09:00 | 2021-10-18T14:58+09:00 |
| ID | Description | Updated |
|---|