Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-q7xf-93c3-w2p7 | The Easy Email Subscription plugin for WordPress is vulnerable to SQL Injection via the 'uid' param… | 2025-11-06T03:30:25Z | 2025-11-06T03:30:25Z |
| ghsa-mcg2-rcmm-mhww | Improper handling of the authentication token in the Amazon WorkSpaces client for Linux, versions 2… | 2025-11-06T00:30:26Z | 2025-11-10T21:30:32Z |
| ghsa-8gg4-hx7q-h82p | Improper authentication in the API authentication middleware of HCL DevOps Loop allows authenticati… | 2025-11-06T00:30:26Z | 2025-11-06T00:30:26Z |
| ghsa-rw7h-fw9j-wrgx | A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affe… | 2025-11-05T21:31:02Z | 2025-11-05T21:31:02Z |
| ghsa-rvq5-4f2h-pm6w | PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 contains an unauthenticated remote code execution vuln… | 2025-11-05T21:31:02Z | 2025-11-05T21:31:02Z |
| ghsa-h5hr-wq48-rq9c | OSSN (Open Source Social Network) 8.6 is vulnerable to SQL Injection in /action/rtcomments/status v… | 2025-11-05T21:31:02Z | 2025-11-07T00:30:28Z |
| ghsa-fwcq-rjr3-7rr9 | GOG Galaxy 2.0.0.2 suffers from Missing SSL Certificate Validation. An attacker who controls the lo… | 2025-11-05T21:31:02Z | 2025-11-07T00:30:28Z |
| ghsa-7gqw-xrp6-92rg | ** exclusively-hosted-service ** A Stored Cross-Site Scripting (XSS) vulnerability in the chat func… | 2025-11-05T21:31:02Z | 2025-11-05T21:31:02Z |
| ghsa-3q32-2fc9-c758 | A vulnerability in the XiaozhangBang Voluntary Like System V8.8 allows remote attackers to manipula… | 2025-11-05T21:31:02Z | 2025-11-05T21:31:02Z |
| ghsa-xx43-6j8m-vx2f | Quipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean identifi… | 2025-11-05T21:31:01Z | 2025-11-06T18:32:49Z |
| ghsa-vghq-cm29-427c | HCL iAutomate v6.5.1 and v6.5.2 is susceptible to a sensitive information disclosure. An HTTP GET … | 2025-11-05T21:31:01Z | 2025-11-05T21:31:02Z |
| ghsa-v698-c6j4-6m42 | A Stored Cross-Site Scripting (XSS) vulnerability in the chat functionality of the SelfBest platfor… | 2025-11-05T21:31:01Z | 2025-11-06T18:32:50Z |
| ghsa-rc63-xm4j-4f8h | A reflected cross-site scripting (XSS) vulnerability exists in the authentication endpoints of mult… | 2025-11-05T21:31:01Z | 2025-11-05T21:31:02Z |
| ghsa-qfqc-4pqq-rfmh | An arbitrary code execution vulnerability exists in multiple WSO2 products due to insufficient rest… | 2025-11-05T21:31:01Z | 2025-11-05T21:31:01Z |
| ghsa-9jrh-6qjc-j6p4 | Quipux 4.0.1 through e1774ac allows authenticated users to conduct SQL injection attacks via busque… | 2025-11-05T21:31:01Z | 2025-11-05T21:31:02Z |
| ghsa-96ff-3rwm-724g | A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS … | 2025-11-05T21:31:01Z | 2025-11-05T21:31:01Z |
| ghsa-8f5r-v3mh-q89r | Cross Site Scripting vulnerability in Quipux 4.0.1 through e1774ac allows anexos/anexos_nuevo.php a… | 2025-11-05T21:31:01Z | 2025-11-06T18:32:49Z |
| ghsa-4x6x-rggp-ff9q | A reflected cross-site scripting (XSS) vulnerability exists in the management console of multiple W… | 2025-11-05T21:31:01Z | 2025-11-05T21:31:02Z |
| ghsa-4h7f-6q5m-3p6f | A DOM-based Cross-Site Scripting (XSS) vulnerability in the SelfBest platform 2023.3 allows attacke… | 2025-11-05T21:31:01Z | 2025-11-06T18:32:50Z |
| ghsa-2vg5-px79-v62f | This issue was addressed by restricting options offered on a locked device. This issue is fixed in … | 2025-11-05T21:31:01Z | 2025-11-05T21:31:02Z |
| ghsa-wwqv-p2pp-99h5 | LangGraph Checkpoint affected by RCE in "json" mode of JsonPlusSerializer | 2025-11-05T19:52:50Z | 2025-11-07T21:55:55Z |
| ghsa-x4qj-2f4q-r4rx | Parse Server Vulnerable to Server-Side Request Forgery (SSRF) in File Upload via URI Format | 2025-11-05T19:52:27Z | 2025-11-07T20:31:43Z |
| ghsa-cpf4-pmr4-w6cx | IDOR Vulnerabilities in ZITADEL's Organization API allows Cross-Tenant Data Tempering | 2025-11-05T19:52:01Z | 2025-11-07T21:55:43Z |
| ghsa-gr35-vpx2-qxhc | Weblate leaks the IP of project member inviting user to be reviewer in Audit log | 2025-11-05T18:45:59Z | 2025-11-06T23:13:28Z |
| ghsa-vf95-55w6-qmrf | youki container escape and denial of service due to arbitrary write gadgets and procfs write redirects | 2025-11-05T18:45:18Z | 2025-11-06T15:29:58Z |
| ghsa-4g74-7cff-xcv8 | youki container escape via "masked path" abuse due to mount race conditions | 2025-11-05T18:44:18Z | 2025-11-06T15:29:34Z |
| ghsa-cgrx-mc8f-2prm | runc container escape and denial of service due to arbitrary write gadgets and procfs write redirects | 2025-11-05T18:40:40Z | 2025-11-07T12:31:34Z |
| ghsa-fvfq-q238-j7j3 | WSO2 Carbon Mediation vulnerable to XML External Entity (XXE) attacks | 2025-11-05T18:31:31Z | 2025-11-06T15:12:30Z |
| ghsa-fc89-q8rg-m49m | An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validat… | 2025-11-05T18:31:31Z | 2025-11-05T18:31:31Z |
| ghsa-6mv5-ch6p-7g97 | Tonec Internet Download Manager 6.42.41.1 and earlier suffers from Missing SSL Certificate Validati… | 2025-11-05T18:31:31Z | 2025-11-05T21:31:01Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-49905 | N/A | WordPress Range Slider Addon for Gravity Forms plugin … |
PluginsCafe |
Range Slider Addon for Gravity Forms |
2025-11-06T15:53:55.700Z | 2025-11-10T19:52:18.567Z |
| cve-2025-49904 | N/A | WordPress Booking and Rental Manager plugin <= 2.5.3 -… |
magepeopleteam |
Booking and Rental Manager |
2025-11-06T15:53:55.162Z | 2025-11-10T19:52:27.580Z |
| cve-2025-49900 | N/A | WordPress Advanced scrollbar plugin <= 1.1.8 - Privile… |
bPlugins |
Advanced scrollbar |
2025-11-06T15:53:54.586Z | 2025-11-10T19:52:34.186Z |
| cve-2025-49398 | N/A | WordPress Easy Appointments plugin <= 3.12.14 - Conten… |
Easy Appointments |
Easy Appointments |
2025-11-06T15:53:53.979Z | 2025-11-10T19:52:40.016Z |
| cve-2025-49394 | N/A | WordPress Image Gallery block – Create and display pho… |
bPlugins |
Image Gallery block – Create and display photo gallery/photo album. |
2025-11-06T15:53:53.230Z | 2025-11-10T19:52:45.863Z |
| cve-2025-49393 | N/A | WordPress Sign-up Sheets Plugin <= 2.3.2 - PHP Object … |
Fetch Designs |
Sign-up Sheets |
2025-11-06T15:53:52.480Z | 2025-11-10T19:52:51.590Z |
| cve-2025-49390 | N/A | WordPress Cookie Notice & Consent plugin <= 1.6.4 - Cr… |
christophrado |
Cookie Notice & Consent |
2025-11-06T15:53:51.739Z | 2025-11-10T19:52:57.246Z |
| cve-2025-49386 | N/A | WordPress Preserve Code Formatting Plugin <= 4.0.1 - P… |
Scott Reilly |
Preserve Code Formatting |
2025-11-06T15:53:50.934Z | 2025-11-10T19:53:04.290Z |
| cve-2025-49372 | N/A | WordPress HAPPY plugin <= 1.0.7 - Remote Code Executio… |
VillaTheme |
HAPPY |
2025-11-06T15:53:50.181Z | 2025-11-07T19:36:21.511Z |
| cve-2025-48330 | N/A | WordPress Real Time Validation for Gravity Forms <= 1.… |
Daman Jeet |
Real Time Validation for Gravity Forms |
2025-11-06T15:53:48.806Z | 2025-11-10T19:53:10.548Z |
| cve-2025-48290 | N/A | WordPress Kinsley theme <= 3.4.4 - Local File Inclusio… |
bslthemes |
Kinsley |
2025-11-06T15:53:47.362Z | 2025-11-10T19:53:18.019Z |
| cve-2025-48090 | N/A | WordPress Blanka - One Page WordPress Theme Theme < 1.… |
CocoBasic |
Blanka - One Page WordPress Theme |
2025-11-06T15:53:43.727Z | 2025-11-06T16:06:05.906Z |
| cve-2025-48089 | N/A | WordPress Education WordPress Theme | HiStudy theme < … |
Rainbow-Themes |
Education WordPress Theme | HiStudy |
2025-11-06T15:53:43.152Z | 2025-11-10T19:53:23.943Z |
| cve-2025-48086 | N/A | WordPress Ajax Search Lite plugin <= 4.13.3 - PHP Obje… |
wpdreams |
Ajax Search Lite |
2025-11-06T15:53:42.585Z | 2025-11-10T19:53:29.931Z |
| cve-2025-48085 | N/A | WordPress Simple Stripe plugin <= 0.9.17 - Cross Site … |
ZIPANG |
Simple Stripe |
2025-11-06T15:53:41.777Z | 2025-11-10T19:53:36.546Z |
| cve-2025-48083 | N/A | WordPress wpNamedUsers plugin <= 0.5 - Cross Site Requ… |
andriassundskard |
wpNamedUsers |
2025-11-06T15:53:40.546Z | 2025-11-10T19:53:42.815Z |
| cve-2025-48078 | N/A | WordPress Slick Google Map plugin <= 0.3 - Cross Site … |
Norbert |
Slick Google Map |
2025-11-06T15:53:37.443Z | 2025-11-10T19:53:50.504Z |
| cve-2025-48077 | N/A | WordPress Block Country plugin <= 1.0 - Cross Site Req… |
nitinmaurya12 |
Block Country |
2025-11-06T15:53:36.642Z | 2025-11-10T19:53:57.882Z |
| cve-2025-47588 | N/A | WordPress Dynamic Pricing With Discount Rules for WooC… |
acowebs |
Dynamic Pricing With Discount Rules for WooCommerce |
2025-11-06T15:53:35.904Z | 2025-11-10T19:54:06.119Z |
| cve-2025-39468 | N/A | WordPress Modal Survey plugin <= 2.0.2.0.1 - Local Fil… |
pantherius |
Modal Survey |
2025-11-06T15:53:34.539Z | 2025-11-10T19:54:12.439Z |
| cve-2025-39467 | N/A | WordPress Wanderland theme <= 1.7.1 - Local File Inclu… |
Mikado-Themes |
Wanderland |
2025-11-06T15:53:33.195Z | 2025-11-10T19:54:18.577Z |
| cve-2025-39466 | N/A | WordPress Dør theme <= 2.4 - Local File Inclusion Vuln… |
Mikado-Themes |
Dør |
2025-11-06T15:53:30.016Z | 2025-11-10T19:54:24.503Z |
| cve-2025-39465 | N/A | WordPress Advanced Google Maps plugin <= 5.8.4 - Broke… |
flippercode |
Advanced Google Maps |
2025-11-06T15:53:29.145Z | 2025-11-10T20:02:29.234Z |
| cve-2025-39463 | N/A | WordPress Dessau theme < 1.9 - Local File Inclusion vu… |
Select-Themes |
Dessau |
2025-11-06T15:53:23.424Z | 2025-11-10T20:02:35.975Z |
| cve-2025-32222 | N/A | WordPress Widget Logic <= 6.0.5 - Remote Code Executio… |
Widgetlogic.org |
Widget Logic |
2025-11-06T15:53:22.717Z | 2025-11-10T20:02:45.118Z |
| cve-2025-31029 | N/A | WordPress replyMail plugin <= 1.2.0 - Cross Site Reque… |
bingu |
replyMail |
2025-11-06T15:53:19.694Z | 2025-11-10T20:02:50.744Z |
| cve-2025-28953 | N/A | WordPress smart SEO plugin <= 4.0 - SQL Injection Vuln… |
axiomthemes |
smart SEO |
2025-11-06T15:53:18.852Z | 2025-11-10T16:16:55.832Z |
| cve-2025-22288 | N/A | WordPress Smush Image Compression and Optimization plu… |
WPMU DEV - Your All-in-One WordPress Platform |
Smush Image Compression and Optimization |
2025-11-06T15:53:18.126Z | 2025-11-07T20:32:23.564Z |
| cve-2025-12556 | 8.7 (v4.0) 8.8 (v3.1) | IDIS ICM Viewer Argument Injection |
IDIS |
ICM Viewer |
2025-11-06T15:35:58.447Z | 2025-11-06T15:47:08.878Z |
| cve-2025-11956 | 8.9 (v3.1) | XSS in Proliz's OBS |
Proliz Software Ltd. Co. |
OBS (Student Affairs Information System) |
2025-11-06T14:51:51.292Z | 2025-11-06T15:07:43.302Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-53573 | N/A | WordPress Epic Review Plugin <= 1.0.2 - Cross Site Scr… |
jegtheme |
Epic Review |
2025-11-06T15:54:10.426Z | 2025-11-07T13:21:38.978Z |
| cve-2025-53349 | N/A | WordPress Kalium Theme <= 3.18.3 - Cross Site Scriptin… |
Laborator |
Kalium |
2025-11-06T15:54:06.581Z | 2025-11-10T19:47:34.159Z |
| cve-2025-53324 | N/A | WordPress Gutenify Plugin <= 1.5.7 - Cross Site Script… |
CodeYatri |
Gutenify |
2025-11-06T15:54:05.737Z | 2025-11-10T19:47:40.684Z |
| cve-2025-53316 | N/A | WordPress WP GDPR Cookie Consent plugin <= 1.0.0 - Cro… |
Shahjahan Jewel |
WP GDPR Cookie Consent |
2025-11-06T15:54:04.995Z | 2025-11-10T19:47:48.401Z |
| cve-2025-53286 | N/A | WordPress Dropify Plugin <= 4.6.9 - Cross Site Scripti… |
Jhainey Milevis |
Dropify |
2025-11-06T15:54:04.283Z | 2025-11-10T19:48:00.218Z |
| cve-2025-53283 | N/A | WordPress Drop Uploader for CF7 - Drag&Drop File Uploa… |
borisolhor |
Drop Uploader for CF7 - Drag&Drop File Uploader Addon |
2025-11-06T15:54:03.506Z | 2025-11-07T14:56:14.631Z |
| cve-2025-53252 | N/A | WordPress Zegen Theme <= 1.1.9 - Local File Inclusion … |
zozothemes |
Zegen |
2025-11-06T15:54:02.680Z | 2025-11-10T19:48:53.392Z |
| cve-2025-53246 | N/A | WordPress Backup and Move Plugin <= 0.1 - Broken Acces… |
Gaurav Aggarwal |
Backup and Move |
2025-11-06T15:53:59.915Z | 2025-11-10T19:49:05.718Z |
| cve-2025-53245 | N/A | WordPress WP Logo Changer Plugin <= 1.2 - Cross Site S… |
Afzal Multani |
WP Logo Changer |
2025-11-06T15:53:59.391Z | 2025-11-10T19:49:54.432Z |
| cve-2025-53242 | N/A | WordPress Seil Theme <= 1.7.1 - Deserialization of unt… |
VictorThemes |
Seil |
2025-11-06T15:53:58.962Z | 2025-11-10T19:50:01.019Z |
| cve-2025-53239 | N/A | WordPress User Registration Aide Plugin <= 1.5.3.8 - C… |
bnovotny |
User Registration Aide |
2025-11-06T15:53:58.555Z | 2025-11-10T19:50:09.183Z |
| cve-2025-53214 | N/A | WordPress Sertifier Certificate & Badge Maker plugin <… |
sertifier |
Sertifier Certificate & Badge Maker |
2025-11-06T15:53:58.037Z | 2025-11-10T19:51:37.248Z |
| cve-2025-52773 | N/A | WordPress HieCOR Payment Gateway plugin plugin <= 1.5.… |
hiecor |
HieCOR Payment Gateway Plugin |
2025-11-06T15:53:57.496Z | 2025-11-10T19:51:43.599Z |
| cve-2025-52764 | N/A | WordPress flexoslider plugin <= 1.0004 - Cross Site Sc… |
marielav |
flexoslider |
2025-11-06T15:53:56.937Z | 2025-11-10T19:51:51.375Z |
| cve-2025-49909 | N/A | WordPress Penci Bookmark & Follow plugin < 2.4 - Cross… |
PenciDesign |
Penci Bookmark & Follow |
2025-11-06T15:53:56.279Z | 2025-11-10T19:52:08.438Z |
| cve-2025-49905 | N/A | WordPress Range Slider Addon for Gravity Forms plugin … |
PluginsCafe |
Range Slider Addon for Gravity Forms |
2025-11-06T15:53:55.700Z | 2025-11-10T19:52:18.567Z |
| cve-2025-49904 | N/A | WordPress Booking and Rental Manager plugin <= 2.5.3 -… |
magepeopleteam |
Booking and Rental Manager |
2025-11-06T15:53:55.162Z | 2025-11-10T19:52:27.580Z |
| cve-2025-49900 | N/A | WordPress Advanced scrollbar plugin <= 1.1.8 - Privile… |
bPlugins |
Advanced scrollbar |
2025-11-06T15:53:54.586Z | 2025-11-10T19:52:34.186Z |
| cve-2025-49398 | N/A | WordPress Easy Appointments plugin <= 3.12.14 - Conten… |
Easy Appointments |
Easy Appointments |
2025-11-06T15:53:53.979Z | 2025-11-10T19:52:40.016Z |
| cve-2025-49394 | N/A | WordPress Image Gallery block – Create and display pho… |
bPlugins |
Image Gallery block – Create and display photo gallery/photo album. |
2025-11-06T15:53:53.230Z | 2025-11-10T19:52:45.863Z |
| cve-2025-49393 | N/A | WordPress Sign-up Sheets Plugin <= 2.3.2 - PHP Object … |
Fetch Designs |
Sign-up Sheets |
2025-11-06T15:53:52.480Z | 2025-11-10T19:52:51.590Z |
| cve-2025-49390 | N/A | WordPress Cookie Notice & Consent plugin <= 1.6.4 - Cr… |
christophrado |
Cookie Notice & Consent |
2025-11-06T15:53:51.739Z | 2025-11-10T19:52:57.246Z |
| cve-2025-49386 | N/A | WordPress Preserve Code Formatting Plugin <= 4.0.1 - P… |
Scott Reilly |
Preserve Code Formatting |
2025-11-06T15:53:50.934Z | 2025-11-10T19:53:04.290Z |
| cve-2025-49372 | N/A | WordPress HAPPY plugin <= 1.0.7 - Remote Code Executio… |
VillaTheme |
HAPPY |
2025-11-06T15:53:50.181Z | 2025-11-07T19:36:21.511Z |
| cve-2025-48330 | N/A | WordPress Real Time Validation for Gravity Forms <= 1.… |
Daman Jeet |
Real Time Validation for Gravity Forms |
2025-11-06T15:53:48.806Z | 2025-11-10T19:53:10.548Z |
| cve-2025-48290 | N/A | WordPress Kinsley theme <= 3.4.4 - Local File Inclusio… |
bslthemes |
Kinsley |
2025-11-06T15:53:47.362Z | 2025-11-10T19:53:18.019Z |
| cve-2025-48090 | N/A | WordPress Blanka - One Page WordPress Theme Theme < 1.… |
CocoBasic |
Blanka - One Page WordPress Theme |
2025-11-06T15:53:43.727Z | 2025-11-06T16:06:05.906Z |
| cve-2025-48089 | N/A | WordPress Education WordPress Theme | HiStudy theme < … |
Rainbow-Themes |
Education WordPress Theme | HiStudy |
2025-11-06T15:53:43.152Z | 2025-11-10T19:53:23.943Z |
| cve-2025-48086 | N/A | WordPress Ajax Search Lite plugin <= 4.13.3 - PHP Obje… |
wpdreams |
Ajax Search Lite |
2025-11-06T15:53:42.585Z | 2025-11-10T19:53:29.931Z |
| cve-2025-48085 | N/A | WordPress Simple Stripe plugin <= 0.9.17 - Cross Site … |
ZIPANG |
Simple Stripe |
2025-11-06T15:53:41.777Z | 2025-11-10T19:53:36.546Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-117761 | Malicious code in valid_tapir_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117760 | Malicious code in valid_gazelle_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117759 | Malicious code in valid_canidae_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117758 | Malicious code in vague_sloth_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117757 | Malicious code in vague_marsupial_z3n (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117756 | Malicious code in utomo-tumis47-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117755 | Malicious code in utomo-tomat100-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117754 | Malicious code in utomo-telurtahu15-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117753 | Malicious code in utomo-telur48-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117752 | Malicious code in utomo-tek42-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117751 | Malicious code in utomo-teh92-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117750 | Malicious code in utomo-taiwan92-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117749 | Malicious code in utomo-tahu23-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117748 | Malicious code in utomo-tahu13-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117747 | Malicious code in utomo-serabi36-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117746 | Malicious code in utomo-semur27-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117745 | Malicious code in utomo-sambel91-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117744 | Malicious code in utomo-ronde72-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117743 | Malicious code in utomo-rendang94-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117742 | Malicious code in utomo-rendang67-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117741 | Malicious code in utomo-rawon39-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117740 | Malicious code in utomo-rangi97-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117739 | Malicious code in utomo-rangi33-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117738 | Malicious code in utomo-pisang13-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117737 | Malicious code in utomo-otak-otak18-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117736 | Malicious code in utomo-otak-otak14-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117735 | Malicious code in utomo-ongol-ongol36-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117734 | Malicious code in utomo-nasiuduk9-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117733 | Malicious code in utomo-nasisayur91-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| mal-2025-117732 | Malicious code in utomo-naget71-miaww (npm) | 2025-11-11T15:19:32Z | 2025-11-11T15:19:32Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:14644 | Red Hat Security Advisory: Insights proxy Container Image | 2025-08-26T15:51:25+00:00 | 2025-11-11T16:23:09+00:00 |
| rhsa-2025:14640 | Red Hat Security Advisory: thunderbird security update | 2025-08-26T15:42:51+00:00 | 2025-11-06T22:48:12+00:00 |
| rhsa-2025:14625 | Red Hat Security Advisory: mod_http2 security update | 2025-08-26T13:26:11+00:00 | 2025-11-06T23:42:09+00:00 |
| rhsa-2025:14618 | Red Hat Security Advisory: gdk-pixbuf2 security update | 2025-08-26T12:45:51+00:00 | 2025-11-07T18:35:45+00:00 |
| rhsa-2025:14599 | Red Hat Security Advisory: kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_52_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 security update | 2025-08-26T10:28:05+00:00 | 2025-11-11T09:06:26+00:00 |
| rhsa-2025:14592 | Red Hat Security Advisory: aide security update | 2025-08-26T09:51:45+00:00 | 2025-11-06T23:42:09+00:00 |
| rhsa-2025:14594 | Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Jaeger) 3.5.3 release | 2025-08-26T09:43:28+00:00 | 2025-11-11T16:23:09+00:00 |
| rhsa-2025:14585 | Red Hat Security Advisory: gdk-pixbuf2 security update | 2025-08-26T09:06:45+00:00 | 2025-11-07T18:35:45+00:00 |
| rhsa-2025:14574 | Red Hat Security Advisory: gdk-pixbuf2 security update | 2025-08-26T07:36:20+00:00 | 2025-11-07T18:35:43+00:00 |
| rhsa-2025:14576 | Red Hat Security Advisory: gdk-pixbuf2 security update | 2025-08-26T07:32:10+00:00 | 2025-11-07T18:35:45+00:00 |
| rhsa-2025:14575 | Red Hat Security Advisory: gdk-pixbuf2 security update | 2025-08-26T07:30:50+00:00 | 2025-11-07T18:35:45+00:00 |
| rhsa-2025:14573 | Red Hat Security Advisory: aide security update | 2025-08-26T07:28:00+00:00 | 2025-11-06T23:42:08+00:00 |
| rhsa-2025:14560 | Red Hat Security Advisory: python3 security update | 2025-08-26T02:15:04+00:00 | 2025-11-07T10:53:27+00:00 |
| rhsa-2025:14557 | Red Hat Security Advisory: pam security update | 2025-08-26T01:34:29+00:00 | 2025-11-11T16:22:50+00:00 |
| rhsa-2025:14546 | Red Hat Security Advisory: python3.12 security update | 2025-08-26T01:07:29+00:00 | 2025-11-07T10:53:25+00:00 |
| rhsa-2025:14553 | Red Hat Security Advisory: python-cryptography security update | 2025-08-26T00:45:19+00:00 | 2025-11-06T23:05:40+00:00 |
| rhsa-2025:14528 | Red Hat Security Advisory: libarchive security update | 2025-08-25T19:49:08+00:00 | 2025-11-11T16:23:09+00:00 |
| rhsa-2025:14525 | Red Hat Security Advisory: libarchive security update | 2025-08-25T19:18:44+00:00 | 2025-11-11T16:23:09+00:00 |
| rhsa-2025:14510 | Red Hat Security Advisory: kernel security update | 2025-08-25T14:07:23+00:00 | 2025-11-11T12:54:46+00:00 |
| rhsa-2025:14511 | Red Hat Security Advisory: kernel security update | 2025-08-25T14:05:58+00:00 | 2025-11-11T20:31:04+00:00 |
| rhsa-2025:14497 | Red Hat Security Advisory: kpatch-patch-5_14_0-570_17_1 security update | 2025-08-25T12:18:48+00:00 | 2025-11-11T09:06:25+00:00 |
| rhsa-2025:14493 | Red Hat Security Advisory: aide security update | 2025-08-25T11:24:38+00:00 | 2025-11-06T23:42:08+00:00 |
| rhsa-2025:14486 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-08-25T10:39:22+00:00 | 2025-11-06T23:14:44+00:00 |
| rhsa-2025:14484 | Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release | 2025-08-25T09:54:09+00:00 | 2025-11-11T16:24:40+00:00 |
| rhsa-2025:14481 | Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release | 2025-08-25T09:31:18+00:00 | 2025-11-11T16:24:41+00:00 |
| rhsa-2025:14479 | Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release | 2025-08-25T09:29:43+00:00 | 2025-11-11T16:24:39+00:00 |
| rhsa-2025:14476 | Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release | 2025-08-25T09:27:15+00:00 | 2025-11-11T16:24:39+00:00 |
| rhsa-2025:14474 | Red Hat Security Advisory: RHTAS 1.2.1- Red Hat Trusted Artifact Signer Release | 2025-08-25T09:25:48+00:00 | 2025-11-10T12:10:49+00:00 |
| rhsa-2025:14473 | Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release | 2025-08-25T09:25:17+00:00 | 2025-11-11T16:24:39+00:00 |
| rhsa-2025:14472 | Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release | 2025-08-25T09:24:18+00:00 | 2025-11-11T16:24:38+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-38424 | perf: Fix sample vs do_exit() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38422 | net: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38420 | wifi: carl9170: do not ping device which has failed to load firmware | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38419 | remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38418 | remoteproc: core: Release rproc->clean_table after rproc_attach() fails | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38416 | NFC: nci: uart: Set tty->disc_data only in success path | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38415 | Squashfs: check return result of sb_min_blocksize | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38414 | wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 | 2025-07-02T00:00:00.000Z | 2025-09-03T22:33:00.000Z |
| msrc_cve-2025-38412 | platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks | 2025-07-02T00:00:00.000Z | 2025-09-04T04:58:20.000Z |
| msrc_cve-2025-38411 | netfs: Fix double put of request | 2025-07-02T00:00:00.000Z | 2025-09-03T23:21:36.000Z |
| msrc_cve-2025-38410 | drm/msm: Fix a fence leak in submit error path | 2025-07-02T00:00:00.000Z | 2025-09-03T23:28:13.000Z |
| msrc_cve-2025-38409 | drm/msm: Fix another leak in the submit error path | 2025-07-02T00:00:00.000Z | 2025-09-03T22:04:48.000Z |
| msrc_cve-2025-38408 | genirq/irq_sim: Initialize work context pointers properly | 2025-07-02T00:00:00.000Z | 2025-09-03T22:10:26.000Z |
| msrc_cve-2025-38406 | wifi: ath6kl: remove WARN on bad firmware input | 2025-07-02T00:00:00.000Z | 2025-09-03T23:43:12.000Z |
| msrc_cve-2025-38404 | usb: typec: displayport: Fix potential deadlock | 2025-07-02T00:00:00.000Z | 2025-09-04T04:49:40.000Z |
| msrc_cve-2025-38403 | vsock/vmci: Clear the vmci transport packet properly when initializing it | 2025-07-02T00:00:00.000Z | 2025-09-03T22:47:47.000Z |
| msrc_cve-2025-38401 | mtk-sd: Prevent memory corruption from DMA map failure | 2025-07-02T00:00:00.000Z | 2025-09-03T22:17:52.000Z |
| msrc_cve-2025-38399 | scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() | 2025-07-02T00:00:00.000Z | 2025-09-03T22:02:33.000Z |
| msrc_cve-2025-38396 | fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass | 2025-07-02T00:00:00.000Z | 2025-09-03T22:07:59.000Z |
| msrc_cve-2025-38395 | regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods | 2025-07-02T00:00:00.000Z | 2025-09-03T23:15:38.000Z |
| msrc_cve-2025-38393 | NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN | 2025-07-02T00:00:00.000Z | 2025-09-03T22:00:09.000Z |
| msrc_cve-2025-38391 | usb: typec: altmodes/displayport: do not index invalid pin_assignments | 2025-07-02T00:00:00.000Z | 2025-09-04T05:01:31.000Z |
| msrc_cve-2025-38389 | drm/i915/gt: Fix timeline left held on VMA alloc error | 2025-07-02T00:00:00.000Z | 2025-09-04T04:45:13.000Z |
| msrc_cve-2025-38386 | ACPICA: Refuse to evaluate a method if arguments are missing | 2025-07-02T00:00:00.000Z | 2025-09-03T22:42:21.000Z |
| msrc_cve-2025-38385 | net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect | 2025-07-02T00:00:00.000Z | 2025-09-03T22:23:41.000Z |
| msrc_cve-2025-38384 | mtd: spinand: fix memory leak of ECC engine conf | 2025-07-02T00:00:00.000Z | 2025-09-03T22:28:21.000Z |
| msrc_cve-2025-38382 | btrfs: fix iteration of extrefs during log replay | 2025-07-02T00:00:00.000Z | 2025-09-03T22:45:15.000Z |
| msrc_cve-2025-38380 | i2c/designware: Fix an initialization issue | 2025-07-02T00:00:00.000Z | 2025-09-03T23:34:23.000Z |
| msrc_cve-2025-38379 | smb: client: fix warning when reconnecting channel | 2025-07-02T00:00:00.000Z | 2025-09-03T22:56:14.000Z |
| msrc_cve-2025-38377 | rose: fix dangling neighbour pointers in rose_rt_device_down() | 2025-07-02T00:00:00.000Z | 2025-09-04T04:53:15.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2021-000076 | Plone vulnerable to open redirect | 2021-08-12T14:05+09:00 | 2021-08-12T14:05+09:00 |
| jvndb-2021-000075 | WordPress Plugin "Quiz And Survey Master" vulnerable to cross-site scripting | 2021-08-10T14:40+09:00 | 2021-08-10T14:40+09:00 |
| jvndb-2021-002077 | Multiple vulnerabilities in multiple Trend Micro Endpoint security products for enterprises | 2021-08-04T11:15+09:00 | 2021-08-04T11:15+09:00 |
| jvndb-2021-000073 | Multiple vulnerabilities in Cybozu Garoon | 2021-08-02T16:42+09:00 | 2022-05-24T15:16+09:00 |
| jvndb-2021-000072 | Minecraft Java Edition vulnerable to directory traversal | 2021-07-21T15:12+09:00 | 2021-07-21T15:12+09:00 |
| jvndb-2021-002005 | Trend Micro InterScan Web Security Virtual Appliance (IWSVA) vulnerable to cross-site scripting | 2021-07-19T16:53+09:00 | 2021-07-19T16:53+09:00 |
| jvndb-2021-000070 | Multiple vulnerabilities in GroupSession | 2021-07-19T15:41+09:00 | 2023-03-08T17:02+09:00 |
| jvndb-2021-000069 | Optical BB unit E-WMTA2.3 vulnerable to cross-site request forgery | 2021-07-14T17:13+09:00 | 2021-07-14T17:13+09:00 |
| jvndb-2021-000068 | Multiple vulnerabilities in Retty App | 2021-07-13T14:34+09:00 | 2023-03-08T17:02+09:00 |
| jvndb-2021-000067 | voidtools "Everything" vulnerable to HTTP header injection | 2021-07-09T14:40+09:00 | 2021-07-09T14:40+09:00 |
| jvndb-2021-000065 | WordPress Plugin "WordPress Meta Data Filter & Taxonomies Filter" vulnerable to cross-site request forgery | 2021-07-08T14:29+09:00 | 2021-07-08T14:29+09:00 |
| jvndb-2021-000066 | WordPress Plugin "Software License Manager" vulnerable to cross-site request forgery | 2021-07-08T13:45+09:00 | 2021-07-08T13:45+09:00 |
| jvndb-2021-001977 | Multiple vulnerabilities in Elecom routers | 2021-07-07T14:03+09:00 | 2021-07-12T16:04+09:00 |
| jvndb-2021-000064 | GU App for Android fails to restrict access permissions | 2021-07-07T13:16+09:00 | 2021-07-07T13:16+09:00 |
| jvndb-2021-001968 | Multiple vulnerabilities in Trend Micro Password Manager | 2021-07-06T16:08+09:00 | 2021-07-06T16:08+09:00 |
| jvndb-2021-000063 | WordPress Plugin "WordPress Email Template Designer - WP HTML Mail" vulnerable to cross-site request forgery | 2021-07-06T14:50+09:00 | 2021-07-06T14:50+09:00 |
| jvndb-2021-000062 | WordPress Plugin "WPCS - WordPress Currency Switcher" vulnerable to cross-site request forgery | 2021-07-06T14:11+09:00 | 2021-07-06T14:11+09:00 |
| jvndb-2021-000061 | A-Stage SCT-40CM01SR and AT-40CM01SR vulnerable to authentication bypass | 2021-07-05T14:28+09:00 | 2021-07-05T14:28+09:00 |
| jvndb-2021-000059 | EC-CUBE fails to restrict access permissions | 2021-07-01T15:49+09:00 | 2021-07-01T15:49+09:00 |
| jvndb-2007-002102 | boastMachine vulnerable to cross-site scripting | 2021-06-30T14:32+09:00 | 2021-06-30T14:32+09:00 |
| jvndb-2021-000058 | IkaIka RSS Reader vulnerable to cross-site scripting | 2021-06-30T14:21+09:00 | 2021-06-30T14:21+09:00 |
| jvndb-2021-000056 | WordPress Plugin "WordPress Popular Posts" vulnerable to cross-site scripting | 2021-06-30T11:36+09:00 | 2021-06-30T11:36+09:00 |
| jvndb-2021-000057 | Multiple cross-site scripting vulnerabilities in EC-CUBE | 2021-06-23T15:15+09:00 | 2021-06-23T15:15+09:00 |
| jvndb-2021-000055 | WordPress plugin "Fudousan plugin" series vulnerable to cross-site scripting | 2021-06-22T15:06+09:00 | 2021-06-22T15:06+09:00 |
| jvndb-2021-000054 | Inkdrop vulnerable to OS command injection | 2021-06-22T15:06+09:00 | 2021-06-22T15:06+09:00 |
| jvndb-2021-000053 | Hitachi Virtual File Platform vulnerable to OS command injection | 2021-06-18T15:45+09:00 | 2021-06-18T15:45+09:00 |
| jvndb-2021-000052 | Hitachi Application Server Help vulnerable cross-site scripting | 2021-06-17T15:11+09:00 | 2021-06-17T15:11+09:00 |
| jvndb-2021-000051 | Multiple cross-site scripting vulnerabilities in multiple EC-CUBE plugins provided by EC-CUBE | 2021-06-16T16:18+09:00 | 2021-06-16T16:18+09:00 |
| jvndb-2021-000049 | Multiple ETUNA EC-CUBE plugins vulnerable to cross-site scripting | 2021-06-15T16:09+09:00 | 2021-06-16T11:52+09:00 |
| jvndb-2021-000050 | Multiple vulnerabilities in GROWI | 2021-06-14T15:10+09:00 | 2021-06-14T15:10+09:00 |
| ID | Description | Updated |
|---|