Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-mcg2-rcmm-mhww | Improper handling of the authentication token in the Amazon WorkSpaces client for Linux, versions 2… | 2025-11-06T00:30:26Z | 2025-11-10T21:30:32Z |
| ghsa-8gg4-hx7q-h82p | Improper authentication in the API authentication middleware of HCL DevOps Loop allows authenticati… | 2025-11-06T00:30:26Z | 2025-11-06T00:30:26Z |
| ghsa-rw7h-fw9j-wrgx | A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affe… | 2025-11-05T21:31:02Z | 2025-11-05T21:31:02Z |
| ghsa-rvq5-4f2h-pm6w | PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 contains an unauthenticated remote code execution vuln… | 2025-11-05T21:31:02Z | 2025-11-05T21:31:02Z |
| ghsa-h5hr-wq48-rq9c | OSSN (Open Source Social Network) 8.6 is vulnerable to SQL Injection in /action/rtcomments/status v… | 2025-11-05T21:31:02Z | 2025-11-07T00:30:28Z |
| ghsa-fwcq-rjr3-7rr9 | GOG Galaxy 2.0.0.2 suffers from Missing SSL Certificate Validation. An attacker who controls the lo… | 2025-11-05T21:31:02Z | 2025-11-07T00:30:28Z |
| ghsa-7gqw-xrp6-92rg | ** exclusively-hosted-service ** A Stored Cross-Site Scripting (XSS) vulnerability in the chat func… | 2025-11-05T21:31:02Z | 2025-11-05T21:31:02Z |
| ghsa-3q32-2fc9-c758 | A vulnerability in the XiaozhangBang Voluntary Like System V8.8 allows remote attackers to manipula… | 2025-11-05T21:31:02Z | 2025-11-05T21:31:02Z |
| ghsa-xx43-6j8m-vx2f | Quipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean identifi… | 2025-11-05T21:31:01Z | 2025-11-06T18:32:49Z |
| ghsa-vghq-cm29-427c | HCL iAutomate v6.5.1 and v6.5.2 is susceptible to a sensitive information disclosure. An HTTP GET … | 2025-11-05T21:31:01Z | 2025-11-05T21:31:02Z |
| ghsa-v698-c6j4-6m42 | A Stored Cross-Site Scripting (XSS) vulnerability in the chat functionality of the SelfBest platfor… | 2025-11-05T21:31:01Z | 2025-11-06T18:32:50Z |
| ghsa-rc63-xm4j-4f8h | A reflected cross-site scripting (XSS) vulnerability exists in the authentication endpoints of mult… | 2025-11-05T21:31:01Z | 2025-11-05T21:31:02Z |
| ghsa-qfqc-4pqq-rfmh | An arbitrary code execution vulnerability exists in multiple WSO2 products due to insufficient rest… | 2025-11-05T21:31:01Z | 2025-11-05T21:31:01Z |
| ghsa-9jrh-6qjc-j6p4 | Quipux 4.0.1 through e1774ac allows authenticated users to conduct SQL injection attacks via busque… | 2025-11-05T21:31:01Z | 2025-11-05T21:31:02Z |
| ghsa-96ff-3rwm-724g | A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS … | 2025-11-05T21:31:01Z | 2025-11-05T21:31:01Z |
| ghsa-8f5r-v3mh-q89r | Cross Site Scripting vulnerability in Quipux 4.0.1 through e1774ac allows anexos/anexos_nuevo.php a… | 2025-11-05T21:31:01Z | 2025-11-06T18:32:49Z |
| ghsa-4x6x-rggp-ff9q | A reflected cross-site scripting (XSS) vulnerability exists in the management console of multiple W… | 2025-11-05T21:31:01Z | 2025-11-05T21:31:02Z |
| ghsa-4h7f-6q5m-3p6f | A DOM-based Cross-Site Scripting (XSS) vulnerability in the SelfBest platform 2023.3 allows attacke… | 2025-11-05T21:31:01Z | 2025-11-06T18:32:50Z |
| ghsa-2vg5-px79-v62f | This issue was addressed by restricting options offered on a locked device. This issue is fixed in … | 2025-11-05T21:31:01Z | 2025-11-05T21:31:02Z |
| ghsa-wwqv-p2pp-99h5 | LangGraph Checkpoint affected by RCE in "json" mode of JsonPlusSerializer | 2025-11-05T19:52:50Z | 2025-11-07T21:55:55Z |
| ghsa-x4qj-2f4q-r4rx | Parse Server Vulnerable to Server-Side Request Forgery (SSRF) in File Upload via URI Format | 2025-11-05T19:52:27Z | 2025-11-07T20:31:43Z |
| ghsa-cpf4-pmr4-w6cx | IDOR Vulnerabilities in ZITADEL's Organization API allows Cross-Tenant Data Tempering | 2025-11-05T19:52:01Z | 2025-11-07T21:55:43Z |
| ghsa-gr35-vpx2-qxhc | Weblate leaks the IP of project member inviting user to be reviewer in Audit log | 2025-11-05T18:45:59Z | 2025-11-06T23:13:28Z |
| ghsa-vf95-55w6-qmrf | youki container escape and denial of service due to arbitrary write gadgets and procfs write redirects | 2025-11-05T18:45:18Z | 2025-11-06T15:29:58Z |
| ghsa-4g74-7cff-xcv8 | youki container escape via "masked path" abuse due to mount race conditions | 2025-11-05T18:44:18Z | 2025-11-06T15:29:34Z |
| ghsa-cgrx-mc8f-2prm | runc container escape and denial of service due to arbitrary write gadgets and procfs write redirects | 2025-11-05T18:40:40Z | 2025-11-07T12:31:34Z |
| ghsa-fvfq-q238-j7j3 | WSO2 Carbon Mediation vulnerable to XML External Entity (XXE) attacks | 2025-11-05T18:31:31Z | 2025-11-06T15:12:30Z |
| ghsa-fc89-q8rg-m49m | An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validat… | 2025-11-05T18:31:31Z | 2025-11-05T18:31:31Z |
| ghsa-6mv5-ch6p-7g97 | Tonec Internet Download Manager 6.42.41.1 and earlier suffers from Missing SSL Certificate Validati… | 2025-11-05T18:31:31Z | 2025-11-05T21:31:01Z |
| ghsa-x3h8-2mvf-vv78 | A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to… | 2025-11-05T17:48:29Z | 2025-11-05T17:48:29Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-48089 | N/A | WordPress Education WordPress Theme | HiStudy theme < … |
Rainbow-Themes |
Education WordPress Theme | HiStudy |
2025-11-06T15:53:43.152Z | 2025-11-10T19:53:23.943Z |
| cve-2025-48086 | N/A | WordPress Ajax Search Lite plugin <= 4.13.3 - PHP Obje… |
wpdreams |
Ajax Search Lite |
2025-11-06T15:53:42.585Z | 2025-11-10T19:53:29.931Z |
| cve-2025-48085 | N/A | WordPress Simple Stripe plugin <= 0.9.17 - Cross Site … |
ZIPANG |
Simple Stripe |
2025-11-06T15:53:41.777Z | 2025-11-10T19:53:36.546Z |
| cve-2025-48083 | N/A | WordPress wpNamedUsers plugin <= 0.5 - Cross Site Requ… |
andriassundskard |
wpNamedUsers |
2025-11-06T15:53:40.546Z | 2025-11-10T19:53:42.815Z |
| cve-2025-48078 | N/A | WordPress Slick Google Map plugin <= 0.3 - Cross Site … |
Norbert |
Slick Google Map |
2025-11-06T15:53:37.443Z | 2025-11-10T19:53:50.504Z |
| cve-2025-48077 | N/A | WordPress Block Country plugin <= 1.0 - Cross Site Req… |
nitinmaurya12 |
Block Country |
2025-11-06T15:53:36.642Z | 2025-11-10T19:53:57.882Z |
| cve-2025-47588 | N/A | WordPress Dynamic Pricing With Discount Rules for WooC… |
acowebs |
Dynamic Pricing With Discount Rules for WooCommerce |
2025-11-06T15:53:35.904Z | 2025-11-10T19:54:06.119Z |
| cve-2025-39468 | N/A | WordPress Modal Survey plugin <= 2.0.2.0.1 - Local Fil… |
pantherius |
Modal Survey |
2025-11-06T15:53:34.539Z | 2025-11-10T19:54:12.439Z |
| cve-2025-39467 | N/A | WordPress Wanderland theme <= 1.7.1 - Local File Inclu… |
Mikado-Themes |
Wanderland |
2025-11-06T15:53:33.195Z | 2025-11-10T19:54:18.577Z |
| cve-2025-39466 | N/A | WordPress Dør theme <= 2.4 - Local File Inclusion Vuln… |
Mikado-Themes |
Dør |
2025-11-06T15:53:30.016Z | 2025-11-10T19:54:24.503Z |
| cve-2025-39465 | N/A | WordPress Advanced Google Maps plugin <= 5.8.4 - Broke… |
flippercode |
Advanced Google Maps |
2025-11-06T15:53:29.145Z | 2025-11-10T20:02:29.234Z |
| cve-2025-39463 | N/A | WordPress Dessau theme < 1.9 - Local File Inclusion vu… |
Select-Themes |
Dessau |
2025-11-06T15:53:23.424Z | 2025-11-10T20:02:35.975Z |
| cve-2025-32222 | N/A | WordPress Widget Logic <= 6.0.5 - Remote Code Executio… |
Widgetlogic.org |
Widget Logic |
2025-11-06T15:53:22.717Z | 2025-11-10T20:02:45.118Z |
| cve-2025-31029 | N/A | WordPress replyMail plugin <= 1.2.0 - Cross Site Reque… |
bingu |
replyMail |
2025-11-06T15:53:19.694Z | 2025-11-10T20:02:50.744Z |
| cve-2025-28953 | N/A | WordPress smart SEO plugin <= 4.0 - SQL Injection Vuln… |
axiomthemes |
smart SEO |
2025-11-06T15:53:18.852Z | 2025-11-10T16:16:55.832Z |
| cve-2025-22288 | N/A | WordPress Smush Image Compression and Optimization plu… |
WPMU DEV - Your All-in-One WordPress Platform |
Smush Image Compression and Optimization |
2025-11-06T15:53:18.126Z | 2025-11-07T20:32:23.564Z |
| cve-2025-12556 | 8.7 (v4.0) 8.8 (v3.1) | IDIS ICM Viewer Argument Injection |
IDIS |
ICM Viewer |
2025-11-06T15:35:58.447Z | 2025-11-06T15:47:08.878Z |
| cve-2025-11956 | 8.9 (v3.1) | XSS in Proliz's OBS |
Proliz Software Ltd. Co. |
OBS (Student Affairs Information System) |
2025-11-06T14:51:51.292Z | 2025-11-06T15:07:43.302Z |
| cve-2025-10955 | 6.1 (v3.1) | HTML Injection in Netcad Software's Netigma |
Netcad Software Inc. |
Netigma |
2025-11-06T14:46:09.596Z | 2025-11-07T08:38:36.099Z |
| cve-2025-37735 | 7 (v3.1) | Improper preservation of permissions in Elastic D… |
Elastic |
Kibana |
2025-11-06T14:27:26.235Z | 2025-11-07T04:56:11.390Z |
| cve-2025-36054 | 6.1 (v3.1) | Cross-site scripting vulnerability affect IBM Business… |
IBM |
Business Automation Workflow containers |
2025-11-06T14:11:49.396Z | 2025-11-06T14:32:53.254Z |
| cve-2025-11268 | Strong Testimonials <= 3.2.16 - Unauthenticated Arbitr… |
wpchill |
Strong Testimonials |
2025-11-06T08:26:27.860Z | 2025-11-06T14:46:59.939Z | |
| cve-2025-12360 | Better Find and Replace <= 1.7.7 - Missing Authorization |
codesolz |
Better Find and Replace – AI-Powered Suggestions |
2025-11-06T07:27:05.431Z | 2025-11-06T14:51:40.221Z | |
| cve-2025-10259 | 5.3 (v3.1) | Denial-of-Service(DoS) Vulnerability in TCP Communicat… |
Mitsubishi Electric Corporation |
MELSEC iQ-F Series FX5U-32MT/ES |
2025-11-06T07:12:24.252Z | 2025-11-06T15:22:22.596Z |
| cve-2025-12471 | Hubbub Lite <= 1.36.0 - Reflected Cross-Site Scripting |
nerdpressteam |
Hubbub Lite – Fast, free social sharing and follow buttons |
2025-11-06T06:45:20.224Z | 2025-11-06T15:28:04.500Z | |
| cve-2025-9338 | 7.3 (v4.0) | A improper restriction of operations within the b… |
ASUS |
Armoury Crate |
2025-11-06T06:02:48.738Z | 2025-11-06T15:37:38.417Z |
| cve-2025-12560 | Blog2Social: Social Media Auto Post & Scheduler <= 8.6… |
pr-gateway |
Blog2Social: Social Media Auto Post & Scheduler |
2025-11-06T05:31:24.932Z | 2025-11-06T15:40:57.868Z | |
| cve-2025-11271 | Easy Digital Download <= 3.5.2 - Insufficient Verifica… |
smub |
Easy Digital Downloads – eCommerce Payments and Subscriptions made easy |
2025-11-06T04:36:22.463Z | 2025-11-06T15:50:35.023Z | |
| cve-2025-12563 | Blog2Social: Social Media Auto Post & Scheduler <= 8.6… |
pr-gateway |
Blog2Social: Social Media Auto Post & Scheduler |
2025-11-06T04:36:21.892Z | 2025-11-06T14:08:53.571Z | |
| cve-2025-61994 | 5.4 (v3.0) 4.8 (v4.0) | Cross-site scripting vulnerability exists in GROW… |
GROWI, Inc. |
GROWI |
2025-11-06T04:14:30.106Z | 2025-11-06T14:09:38.630Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-53214 | N/A | WordPress Sertifier Certificate & Badge Maker plugin <… |
sertifier |
Sertifier Certificate & Badge Maker |
2025-11-06T15:53:58.037Z | 2025-11-10T19:51:37.248Z |
| cve-2025-52773 | N/A | WordPress HieCOR Payment Gateway plugin plugin <= 1.5.… |
hiecor |
HieCOR Payment Gateway Plugin |
2025-11-06T15:53:57.496Z | 2025-11-10T19:51:43.599Z |
| cve-2025-52764 | N/A | WordPress flexoslider plugin <= 1.0004 - Cross Site Sc… |
marielav |
flexoslider |
2025-11-06T15:53:56.937Z | 2025-11-10T19:51:51.375Z |
| cve-2025-49909 | N/A | WordPress Penci Bookmark & Follow plugin < 2.4 - Cross… |
PenciDesign |
Penci Bookmark & Follow |
2025-11-06T15:53:56.279Z | 2025-11-10T19:52:08.438Z |
| cve-2025-49905 | N/A | WordPress Range Slider Addon for Gravity Forms plugin … |
PluginsCafe |
Range Slider Addon for Gravity Forms |
2025-11-06T15:53:55.700Z | 2025-11-10T19:52:18.567Z |
| cve-2025-49904 | N/A | WordPress Booking and Rental Manager plugin <= 2.5.3 -… |
magepeopleteam |
Booking and Rental Manager |
2025-11-06T15:53:55.162Z | 2025-11-10T19:52:27.580Z |
| cve-2025-49900 | N/A | WordPress Advanced scrollbar plugin <= 1.1.8 - Privile… |
bPlugins |
Advanced scrollbar |
2025-11-06T15:53:54.586Z | 2025-11-10T19:52:34.186Z |
| cve-2025-49398 | N/A | WordPress Easy Appointments plugin <= 3.12.14 - Conten… |
Easy Appointments |
Easy Appointments |
2025-11-06T15:53:53.979Z | 2025-11-10T19:52:40.016Z |
| cve-2025-49394 | N/A | WordPress Image Gallery block – Create and display pho… |
bPlugins |
Image Gallery block – Create and display photo gallery/photo album. |
2025-11-06T15:53:53.230Z | 2025-11-10T19:52:45.863Z |
| cve-2025-49393 | N/A | WordPress Sign-up Sheets Plugin <= 2.3.2 - PHP Object … |
Fetch Designs |
Sign-up Sheets |
2025-11-06T15:53:52.480Z | 2025-11-10T19:52:51.590Z |
| cve-2025-49390 | N/A | WordPress Cookie Notice & Consent plugin <= 1.6.4 - Cr… |
christophrado |
Cookie Notice & Consent |
2025-11-06T15:53:51.739Z | 2025-11-10T19:52:57.246Z |
| cve-2025-49386 | N/A | WordPress Preserve Code Formatting Plugin <= 4.0.1 - P… |
Scott Reilly |
Preserve Code Formatting |
2025-11-06T15:53:50.934Z | 2025-11-10T19:53:04.290Z |
| cve-2025-49372 | N/A | WordPress HAPPY plugin <= 1.0.7 - Remote Code Executio… |
VillaTheme |
HAPPY |
2025-11-06T15:53:50.181Z | 2025-11-07T19:36:21.511Z |
| cve-2025-48330 | N/A | WordPress Real Time Validation for Gravity Forms <= 1.… |
Daman Jeet |
Real Time Validation for Gravity Forms |
2025-11-06T15:53:48.806Z | 2025-11-10T19:53:10.548Z |
| cve-2025-48290 | N/A | WordPress Kinsley theme <= 3.4.4 - Local File Inclusio… |
bslthemes |
Kinsley |
2025-11-06T15:53:47.362Z | 2025-11-10T19:53:18.019Z |
| cve-2025-48090 | N/A | WordPress Blanka - One Page WordPress Theme Theme < 1.… |
CocoBasic |
Blanka - One Page WordPress Theme |
2025-11-06T15:53:43.727Z | 2025-11-06T16:06:05.906Z |
| cve-2025-48089 | N/A | WordPress Education WordPress Theme | HiStudy theme < … |
Rainbow-Themes |
Education WordPress Theme | HiStudy |
2025-11-06T15:53:43.152Z | 2025-11-10T19:53:23.943Z |
| cve-2025-48086 | N/A | WordPress Ajax Search Lite plugin <= 4.13.3 - PHP Obje… |
wpdreams |
Ajax Search Lite |
2025-11-06T15:53:42.585Z | 2025-11-10T19:53:29.931Z |
| cve-2025-48085 | N/A | WordPress Simple Stripe plugin <= 0.9.17 - Cross Site … |
ZIPANG |
Simple Stripe |
2025-11-06T15:53:41.777Z | 2025-11-10T19:53:36.546Z |
| cve-2025-48083 | N/A | WordPress wpNamedUsers plugin <= 0.5 - Cross Site Requ… |
andriassundskard |
wpNamedUsers |
2025-11-06T15:53:40.546Z | 2025-11-10T19:53:42.815Z |
| cve-2025-48078 | N/A | WordPress Slick Google Map plugin <= 0.3 - Cross Site … |
Norbert |
Slick Google Map |
2025-11-06T15:53:37.443Z | 2025-11-10T19:53:50.504Z |
| cve-2025-48077 | N/A | WordPress Block Country plugin <= 1.0 - Cross Site Req… |
nitinmaurya12 |
Block Country |
2025-11-06T15:53:36.642Z | 2025-11-10T19:53:57.882Z |
| cve-2025-47588 | N/A | WordPress Dynamic Pricing With Discount Rules for WooC… |
acowebs |
Dynamic Pricing With Discount Rules for WooCommerce |
2025-11-06T15:53:35.904Z | 2025-11-10T19:54:06.119Z |
| cve-2025-39468 | N/A | WordPress Modal Survey plugin <= 2.0.2.0.1 - Local Fil… |
pantherius |
Modal Survey |
2025-11-06T15:53:34.539Z | 2025-11-10T19:54:12.439Z |
| cve-2025-39467 | N/A | WordPress Wanderland theme <= 1.7.1 - Local File Inclu… |
Mikado-Themes |
Wanderland |
2025-11-06T15:53:33.195Z | 2025-11-10T19:54:18.577Z |
| cve-2025-39466 | N/A | WordPress Dør theme <= 2.4 - Local File Inclusion Vuln… |
Mikado-Themes |
Dør |
2025-11-06T15:53:30.016Z | 2025-11-10T19:54:24.503Z |
| cve-2025-39465 | N/A | WordPress Advanced Google Maps plugin <= 5.8.4 - Broke… |
flippercode |
Advanced Google Maps |
2025-11-06T15:53:29.145Z | 2025-11-10T20:02:29.234Z |
| cve-2025-39463 | N/A | WordPress Dessau theme < 1.9 - Local File Inclusion vu… |
Select-Themes |
Dessau |
2025-11-06T15:53:23.424Z | 2025-11-10T20:02:35.975Z |
| cve-2025-32222 | N/A | WordPress Widget Logic <= 6.0.5 - Remote Code Executio… |
Widgetlogic.org |
Widget Logic |
2025-11-06T15:53:22.717Z | 2025-11-10T20:02:45.118Z |
| cve-2025-31029 | N/A | WordPress replyMail plugin <= 1.2.0 - Cross Site Reque… |
bingu |
replyMail |
2025-11-06T15:53:19.694Z | 2025-11-10T20:02:50.744Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-131049 | Malicious code in vida-takokak99-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131048 | Malicious code in vida-tahutek49-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131047 | Malicious code in vida-semur36-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131046 | Malicious code in vida-sambel95-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131045 | Malicious code in vida-rangi85-wekto (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131044 | Malicious code in vida-rangginang61-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131043 | Malicious code in vida-ragi100-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131042 | Malicious code in vida-peyek16-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131041 | Malicious code in vida-papeda99-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131040 | Malicious code in vida-nasicampur84-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131039 | Malicious code in vida-mieayam2-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131038 | Malicious code in vida-mie56-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131037 | Malicious code in vida-mendoan58-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131036 | Malicious code in vida-mangut5-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131035 | Malicious code in vida-mangga46-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131034 | Malicious code in vida-lontong2-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131033 | Malicious code in vida-liwet12-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131032 | Malicious code in vida-lepet31-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131031 | Malicious code in vida-lapis33-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131030 | Malicious code in vida-kue42-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131029 | Malicious code in vida-kue16-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131028 | Malicious code in vida-kripik32-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131027 | Malicious code in vida-klentik91-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131026 | Malicious code in vida-ketan55-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131025 | Malicious code in vida-kepok4-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131024 | Malicious code in vida-kentang40-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131023 | Malicious code in vida-kemplang66-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131022 | Malicious code in vida-jengkol16-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131021 | Malicious code in vida-ikan4-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| mal-2025-131020 | Malicious code in vida-gorengan30-riris (npm) | 2025-11-11T20:46:25Z | 2025-11-11T20:46:25Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:14470 | Red Hat Security Advisory: RHTAS 1.2.1 - Red Hat Trusted Artifact Signer Release | 2025-08-25T09:22:38+00:00 | 2025-11-11T16:24:38+00:00 |
| rhsa-2025:14442 | Red Hat Security Advisory: firefox security update | 2025-08-25T08:06:37+00:00 | 2025-11-06T22:48:09+00:00 |
| rhsa-2025:14438 | Red Hat Security Advisory: kernel security update | 2025-08-25T08:06:12+00:00 | 2025-11-11T12:54:45+00:00 |
| rhsa-2025:14439 | Red Hat Security Advisory: kernel-rt security update | 2025-08-25T07:56:32+00:00 | 2025-11-08T07:17:08+00:00 |
| rhsa-2025:14433 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-08-25T06:05:57+00:00 | 2025-11-06T23:14:44+00:00 |
| rhsa-2025:14434 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-08-25T06:01:12+00:00 | 2025-11-06T23:14:44+00:00 |
| rhsa-2025:14432 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-08-25T05:54:47+00:00 | 2025-11-06T23:14:44+00:00 |
| rhsa-2025:14423 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-08-25T05:04:27+00:00 | 2025-11-06T23:14:43+00:00 |
| rhsa-2025:14422 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-08-25T04:53:51+00:00 | 2025-11-06T23:14:43+00:00 |
| rhsa-2025:14421 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-08-25T04:52:42+00:00 | 2025-11-06T23:14:43+00:00 |
| rhsa-2025:14420 | Red Hat Security Advisory: kernel security update | 2025-08-25T03:44:06+00:00 | 2025-11-11T12:54:45+00:00 |
| rhsa-2025:14416 | Red Hat Security Advisory: firefox security update | 2025-08-25T02:07:17+00:00 | 2025-11-06T22:48:11+00:00 |
| rhsa-2025:14417 | Red Hat Security Advisory: firefox security update | 2025-08-25T02:07:16+00:00 | 2025-11-06T22:48:07+00:00 |
| rhsa-2025:14418 | Red Hat Security Advisory: kernel security update | 2025-08-25T02:00:17+00:00 | 2025-11-11T09:06:24+00:00 |
| rhsa-2025:14414 | Red Hat Security Advisory: squid security update | 2025-08-25T01:54:36+00:00 | 2025-11-06T23:42:08+00:00 |
| rhsa-2025:14413 | Red Hat Security Advisory: kernel security update | 2025-08-25T01:42:56+00:00 | 2025-11-11T20:31:05+00:00 |
| rhsa-2025:14197 | Red Hat Security Advisory: Red Hat Build of Apache Camel 4.10 for Quarkus 3.20 update is now available (RHBQ 3.20.2.GA) | 2025-08-20T19:33:32+00:00 | 2025-11-07T20:55:52+00:00 |
| rhsa-2025:14186 | Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage | 2025-08-20T16:02:39+00:00 | 2025-11-06T23:14:43+00:00 |
| rhsa-2025:14180 | Red Hat Security Advisory: tomcat security update | 2025-08-20T15:43:40+00:00 | 2025-11-06T23:42:06+00:00 |
| rhsa-2025:14181 | Red Hat Security Advisory: tomcat security update | 2025-08-20T15:41:15+00:00 | 2025-11-06T23:42:07+00:00 |
| rhsa-2025:14183 | Red Hat Security Advisory: tomcat security update | 2025-08-20T15:40:30+00:00 | 2025-11-06T23:42:07+00:00 |
| rhsa-2025:14177 | Red Hat Security Advisory: tomcat security update | 2025-08-20T15:37:48+00:00 | 2025-11-06T23:42:11+00:00 |
| rhsa-2025:14182 | Red Hat Security Advisory: tomcat security update | 2025-08-20T15:36:45+00:00 | 2025-11-06T23:42:07+00:00 |
| rhsa-2025:14179 | Red Hat Security Advisory: tomcat security update | 2025-08-20T15:36:15+00:00 | 2025-11-06T23:42:06+00:00 |
| rhsa-2025:14178 | Red Hat Security Advisory: tomcat9 security update | 2025-08-20T15:33:55+00:00 | 2025-11-06T23:42:06+00:00 |
| rhsa-2025:14142 | Red Hat Security Advisory: libarchive security update | 2025-08-20T09:27:05+00:00 | 2025-11-11T16:23:08+00:00 |
| rhsa-2025:14141 | Red Hat Security Advisory: libarchive security update | 2025-08-20T09:04:49+00:00 | 2025-11-11T16:23:08+00:00 |
| rhsa-2025:14137 | Red Hat Security Advisory: libarchive security update | 2025-08-20T08:29:24+00:00 | 2025-11-11T16:23:07+00:00 |
| rhsa-2025:14135 | Red Hat Security Advisory: libarchive security update | 2025-08-20T08:16:44+00:00 | 2025-11-11T16:23:06+00:00 |
| rhsa-2025:14136 | Red Hat Security Advisory: kernel security update | 2025-08-20T08:10:29+00:00 | 2025-11-11T09:06:28+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-38376 | usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume | 2025-07-02T00:00:00.000Z | 2025-09-04T05:14:38.000Z |
| msrc_cve-2025-38375 | virtio-net: ensure the received length does not exceed allocated size | 2025-07-02T00:00:00.000Z | 2025-09-03T22:12:59.000Z |
| msrc_cve-2025-38369 | dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38368 | misc: tps6594-pfsm: Add NULL pointer check in tps6594_pfsm_probe() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38365 | btrfs: fix a race between renames and directory logging | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38364 | maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() | 2025-07-02T00:00:00.000Z | 2025-09-03T23:08:55.000Z |
| msrc_cve-2025-38363 | drm/tegra: Fix a possible null pointer dereference | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38362 | drm/amd/display: Add null pointer check for get_first_active_display() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38361 | drm/amd/display: Check dce_hwseq before dereferencing it | 2025-07-02T00:00:00.000Z | 2025-09-03T23:05:17.000Z |
| msrc_cve-2025-38359 | s390/mm: Fix in_atomic() handling in do_secure_storage_access() | 2025-07-02T00:00:00.000Z | 2025-09-03T22:35:46.000Z |
| msrc_cve-2025-38354 | drm/msm/gpu: Fix crash when throttling GPU immediately during boot | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38353 | drm/xe: Fix taking invalid lock on wedge | 2025-07-02T00:00:00.000Z | 2025-09-03T23:31:37.000Z |
| msrc_cve-2025-38352 | posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38351 | KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush | 2025-07-02T00:00:00.000Z | 2025-09-04T03:38:46.000Z |
| msrc_cve-2025-38349 | eventpoll: don't decrement ep refcount while still holding the ep mutex | 2025-07-02T00:00:00.000Z | 2025-09-04T03:09:39.000Z |
| msrc_cve-2025-38348 | wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38347 | f2fs: fix to do sanity check on ino and xnid | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38346 | ftrace: Fix UAF when lookup kallsym after ftrace disabled | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38345 | ACPICA: fix acpi operand cache leak in dswstate.c | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38344 | ACPICA: fix acpi parse and parseext cache leaks | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38343 | wifi: mt76: mt7996: drop fragments with multicast or broadcast RA | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38342 | software node: Correct a OOB check in software_node_get_reference_args() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38340 | firmware: cs_dsp: Fix OOB memory read access in KUnit test | 2025-07-02T00:00:00.000Z | 2025-09-04T00:57:21.000Z |
| msrc_cve-2025-38338 | fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38337 | jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38336 | ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38335 | Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT | 2025-07-02T00:00:00.000Z | 2025-09-04T00:19:35.000Z |
| msrc_cve-2025-38334 | x86/sgx: Prevent attempts to reclaim poisoned pages | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38333 | f2fs: fix to bail out in get_new_segment() | 2025-07-02T00:00:00.000Z | 2025-08-21T18:00:17.000Z |
| msrc_cve-2025-38332 | scsi: lpfc: Use memcpy() for BIOS version | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2021-000048 | Asken App for Android fails to restrict custom URL schemes properly | 2021-06-14T15:10+09:00 | 2021-06-14T15:10+09:00 |
| jvndb-2021-000047 | WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting | 2021-06-11T15:24+09:00 | 2021-06-11T15:24+09:00 |
| jvndb-2021-001756 | urllib3 vulnerable to Regular expression Denial-of-Service (ReDoS) | 2021-06-08T12:21+09:00 | 2021-06-08T12:21+09:00 |
| jvndb-2021-000046 | ATOM - Smart life App vulnerable to improper server certificate verification | 2021-06-03T14:05+09:00 | 2021-06-03T14:05+09:00 |
| jvndb-2021-000045 | goo blog App fails to restrict custom URL schemes properly | 2021-06-02T15:46+09:00 | 2021-06-02T15:46+09:00 |
| jvndb-2021-001575 | Multiple vulnerabilities in Buffalo WSR-1166DHP3 and WSR-1166DHP4 routers | 2021-06-01T15:18+09:00 | 2021-06-01T15:18+09:00 |
| jvndb-2021-000044 | Zettlr vulnerable to cross-site scripting | 2021-05-26T14:50+09:00 | 2021-06-03T16:21+09:00 |
| jvndb-2021-001506 | Hitachi Ops Center Analyzer vulnerability of communication using a certificate not intended by the user | 2021-05-25T14:11+09:00 | 2021-05-25T14:11+09:00 |
| jvndb-2021-000041 | The installers of ScanSnap Manager may insecurely load Dynamic Link Libraries | 2021-05-21T16:34+09:00 | 2021-05-21T16:34+09:00 |
| jvndb-2021-000043 | Installer of Overwolf may insecurely load Dynamic Link Libraries | 2021-05-21T16:07+09:00 | 2021-05-21T16:07+09:00 |
| jvndb-2021-000042 | Multiple cross-site scripting vulnerabilities in multiple PHP Factory products | 2021-05-21T15:38+09:00 | 2021-05-21T15:38+09:00 |
| jvndb-2021-000040 | QND vulnerable to privilege escalation | 2021-05-21T14:21+09:00 | 2021-05-21T14:21+09:00 |
| jvndb-2021-000037 | mod_auth_openidc vulnerable to denial-of-service (DoS) | 2021-05-14T15:35+09:00 | 2021-05-14T15:35+09:00 |
| jvndb-2021-000038 | Multiple vulnerabilities in Cisco Small Business Series Wireless Access Points | 2021-05-14T15:26+09:00 | 2021-05-14T15:26+09:00 |
| jvndb-2021-000039 | RFNTPS vulnerable to OS command injection | 2021-05-13T16:05+09:00 | 2021-05-13T16:05+09:00 |
| jvndb-2021-000036 | Multiple vulnerabilities in KonaWiki2 | 2021-05-13T16:05+09:00 | 2021-05-13T16:05+09:00 |
| jvndb-2021-000035 | EC-CUBE vulnerable to cross-site scripting | 2021-05-10T18:08+09:00 | 2021-05-10T18:08+09:00 |
| jvndb-2021-001380 | Multiple Buffalo network devices contain hidden functionality | 2021-04-28T16:15+09:00 | 2021-05-07T16:16+09:00 |
| jvndb-2021-001381 | Multiple vulnerabilities in Buffalo broadband routers | 2021-04-28T16:14+09:00 | 2021-05-07T16:28+09:00 |
| jvndb-2021-000034 | WordPress plugin "WP Fastest Cache" vulnerable to directory traversal | 2021-04-27T17:12+09:00 | 2021-04-27T17:12+09:00 |
| jvndb-2021-000033 | Hot Pepper Gourmet App fails to restrict access permissions | 2021-04-27T17:10+09:00 | 2023-03-08T17:02+09:00 |
| jvndb-2021-000909 | yappa-ng vulnerable to cross-site scripting | 2021-04-22T16:33+09:00 | 2021-04-22T16:33+09:00 |
| jvndb-2021-001374 | Trend Micro Password Manager may insecurely load Dynamic Link Libraries | 2021-04-20T12:25+09:00 | 2021-04-20T12:25+09:00 |
| jvndb-2021-000031 | Gurunavi Apps fail to restrict access permissions | 2021-04-14T17:22+09:00 | 2023-03-08T17:02+09:00 |
| jvndb-2021-001345 | Information Disclosure Vulnerability in Cosminexus | 2021-04-13T16:46+09:00 | 2021-04-13T16:46+09:00 |
| jvndb-2021-001344 | Vulnerability in JP1/VERITAS | 2021-04-13T16:42+09:00 | 2021-04-13T16:42+09:00 |
| jvndb-2021-001343 | D-Link DAP-1880AC contains multiple vulnerabilities | 2021-04-12T15:32+09:00 | 2021-04-12T15:32+09:00 |
| jvndb-2021-000028 | Multiple vulnerabilities in multiple Aterm products | 2021-04-09T17:16+09:00 | 2021-04-09T17:16+09:00 |
| jvndb-2021-000030 | Multiple vulnerabilities in Aterm WF1200CR, Aterm WG1200CR, Aterm WG2600HS, and Aterm WX3000HP | 2021-04-09T16:42+09:00 | 2021-04-09T16:42+09:00 |
| jvndb-2021-000029 | Archive collectively operation utility vulnerable to directory traversal | 2021-04-01T14:44+09:00 | 2021-04-01T14:44+09:00 |
| ID | Description | Updated |
|---|