Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-qwmp-482q-vqpm | A vulnerability was identified in h-moses moga-mall up to 392d631a5ef15962a9bddeeb9f1269b9085473fa.… | 2025-12-28T21:30:24Z | 2025-12-28T21:30:25Z |
| ghsa-hjpp-4hh8-vj87 | A vulnerability has been found in rawchen ecms up to b59d7feaa9094234e8aa6c8c6b290621ca575ded. Affe… | 2025-12-28T21:30:24Z | 2025-12-28T21:30:24Z |
| ghsa-hgch-f8pj-55cf | A security vulnerability has been detected in PbootCMS up to 3.2.12. The affected element is the fu… | 2025-12-28T21:30:24Z | 2025-12-28T21:30:25Z |
| ghsa-m496-m5ff-4j4p | A flaw has been found in CmsEasy up to 7.7.7. Affected is the function savetemp_action in the libra… | 2025-12-28T18:30:27Z | 2025-12-28T18:30:27Z |
| ghsa-v539-hv42-wghc | A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. The impacted element is the functio… | 2025-12-28T18:30:26Z | 2025-12-28T18:30:26Z |
| ghsa-q6cr-5pc5-4693 | A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. This affects the funct… | 2025-12-28T18:30:26Z | 2025-12-28T18:30:26Z |
| ghsa-pj23-86ww-f72p | In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where o… | 2025-12-28T18:30:26Z | 2025-12-29T21:30:24Z |
| ghsa-8jc6-q7jq-r8wg | A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. This impacts the function doUserList… | 2025-12-28T18:30:26Z | 2025-12-28T18:30:26Z |
| ghsa-6w66-j7h2-8jjr | A security flaw has been discovered in EyouCMS up to 1.7.6. The affected element is an unknown func… | 2025-12-28T18:30:26Z | 2025-12-28T18:30:26Z |
| ghsa-3h7r-f34v-h2h3 | A vulnerability was identified in 9786 phpok3w up to 901d96a06809fb28b17f3a4362c59e70411c933c. Impa… | 2025-12-28T18:30:26Z | 2025-12-28T18:30:26Z |
| ghsa-p7vj-83qq-wvmx | A vulnerability was found in saiftheboss7 onlinemcqexam up to 0e56806132971e49721db3ef01868098c7b42… | 2025-12-28T15:30:26Z | 2025-12-28T15:30:26Z |
| ghsa-jxhp-qvjm-mxcj | A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the f… | 2025-12-28T15:30:26Z | 2025-12-28T15:30:26Z |
| ghsa-j5pv-22p5-jmgv | A vulnerability has been found in TRENDnet TEW-822DRE 1.00B21/1.01B06. This affects the function su… | 2025-12-28T15:30:26Z | 2025-12-28T15:30:26Z |
| ghsa-9mf8-q5hw-h59m | A vulnerability was determined in Halo up to 2.21.10. This issue affects some unknown processing of… | 2025-12-28T15:30:26Z | 2025-12-28T15:30:27Z |
| ghsa-9794-w62c-pf6f | A flaw has been found in prasathmani TinyFileManager up to 2.6. Affected by this issue is some unkn… | 2025-12-28T15:30:26Z | 2025-12-28T15:30:26Z |
| ghsa-2mpc-f7w9-hpmw | A security vulnerability has been detected in TRENDnet TEW-800MB 1.0.1.0. Affected is the function … | 2025-12-28T15:30:26Z | 2025-12-28T15:30:26Z |
| ghsa-7x46-g3w8-h64v | A weakness has been identified in joey-zhou xiaozhi-esp32-server-java up to 3.0.0. This impacts the… | 2025-12-28T12:30:24Z | 2025-12-28T12:30:24Z |
| ghsa-w487-9rjq-3p3v | A vulnerability has been found in shanyu SyCms up to a242ef2d194e8bb249dc175e7c49f2c1673ec921. This… | 2025-12-28T12:30:23Z | 2025-12-28T12:30:23Z |
| ghsa-v2w5-94qr-4c5g | A vulnerability was determined in ZSPACE Z4Pro+ 1.0.0440024. The affected element is the function z… | 2025-12-28T12:30:23Z | 2025-12-28T12:30:23Z |
| ghsa-fvhh-hg59-vfxx | A vulnerability was found in ZSPACE Z4Pro+ 1.0.0440024. Impacted is the function zfilev2_api_SafeSt… | 2025-12-28T12:30:23Z | 2025-12-28T12:30:23Z |
| ghsa-6chc-jx4m-r2w2 | A vulnerability was identified in ZSPACE Z4Pro+ 1.0.0440024. The impacted element is the function z… | 2025-12-28T12:30:23Z | 2025-12-28T12:30:23Z |
| ghsa-29m3-gxfx-749g | A security flaw has been discovered in yourmaileyes MOOC up to 1.17. This affects the function subr… | 2025-12-28T12:30:23Z | 2025-12-28T12:30:24Z |
| ghsa-xvv8-2hxw-mghp | A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this vulnerability is the func… | 2025-12-28T09:30:27Z | 2025-12-28T09:30:27Z |
| ghsa-q2w3-p85r-q6v3 | A flaw has been found in ChenJinchuang Lin-CMS-TP5 up to 0.3.3. This vulnerability affects the func… | 2025-12-28T09:30:27Z | 2025-12-28T09:30:27Z |
| ghsa-mjm5-xqg6-v939 | A security flaw has been discovered in JeecgBoot up to 3.9.0. Affected is the function queryDepartP… | 2025-12-28T09:30:27Z | 2025-12-28T09:30:27Z |
| ghsa-m84v-87w9-mgjq | A vulnerability was determined in JeecgBoot up to 3.9.0. This affects an unknown function of the fi… | 2025-12-28T09:30:27Z | 2025-12-28T09:30:27Z |
| ghsa-hq3q-62v8-pp48 | A vulnerability was detected in ZKTeco BioTime up to 9.0.3/9.0.4/9.5.2. This affects an unknown par… | 2025-12-28T09:30:27Z | 2025-12-28T09:30:27Z |
| ghsa-6px8-5r5j-c9f2 | A vulnerability was identified in JeecgBoot up to 3.9.0. This impacts the function getParameterMap … | 2025-12-28T09:30:27Z | 2025-12-28T09:30:27Z |
| ghsa-2cqx-6pqq-j99h | A security vulnerability has been detected in FantasticLBP Hotels_Server up to 67b44df162fab26df209… | 2025-12-28T09:30:27Z | 2025-12-28T09:30:27Z |
| ghsa-jcpx-68wr-v54v | A flaw has been found in JeecgBoot up to 3.9.0. Impacted is the function getDeptRoleList of the fil… | 2025-12-28T06:31:32Z | 2025-12-28T06:31:32Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-15142 | 9786 phpok3w show.php sql injection |
9786 |
phpok3w |
2025-12-28T15:32:12.734Z | 2025-12-29T16:26:52.591Z | |
| cve-2025-15141 | Halo Configuration actuator information disclosure |
n/a |
Halo |
2025-12-28T15:02:05.484Z | 2025-12-29T16:30:18.082Z | |
| cve-2025-15140 | saiftheboss7 onlinemcqexam quesadd.php sql injection |
saiftheboss7 |
onlinemcqexam |
2025-12-28T14:32:06.750Z | 2025-12-29T16:07:22.328Z | |
| cve-2025-15139 | TRENDnet TEW-822DRE formWsc sub_43ACF4 command injection |
TRENDnet |
TEW-822DRE |
2025-12-28T14:02:07.407Z | 2025-12-29T16:06:45.224Z | |
| cve-2025-15138 | prasathmani TinyFileManager tinyfilemanager.php path t… |
prasathmani |
TinyFileManager |
2025-12-28T13:32:08.843Z | 2025-12-29T16:40:10.063Z | |
| cve-2025-15137 | TRENDnet TEW-800MB NTPSyncWithHost.cgi sub_F934 comma… |
TRENDnet |
TEW-800MB |
2025-12-28T13:02:05.931Z | 2025-12-29T17:19:47.335Z | |
| cve-2025-15136 | TRENDnet TEW-800MB Management wizardset do_setWizard_a… |
TRENDnet |
TEW-800MB |
2025-12-28T12:32:06.349Z | 2025-12-29T17:20:27.000Z | |
| cve-2025-15135 | joey-zhou xiaozhi-esp32-server-java Cookie Authenticat… |
joey-zhou |
xiaozhi-esp32-server-java |
2025-12-28T12:02:07.346Z | 2025-12-29T17:58:51.665Z | |
| cve-2025-15134 | yourmaileyes MOOC Submission MainController.java subre… |
yourmaileyes |
MOOC |
2025-12-28T11:32:05.791Z | 2025-12-29T17:59:32.211Z | |
| cve-2025-15133 | ZSPACE Z4Pro+ HTTP POST Request close zfilev2_api_Clos… |
ZSPACE |
Z4Pro+ |
2025-12-28T11:02:10.256Z | 2025-12-29T18:00:13.048Z | |
| cve-2025-15132 | ZSPACE Z4Pro+ HTTP POST Request open zfilev2_api_open … |
ZSPACE |
Z4Pro+ |
2025-12-28T10:32:05.208Z | 2025-12-29T18:00:46.951Z | |
| cve-2025-15131 | ZSPACE Z4Pro+ HTTP POST Request status zfilev2_api_Saf… |
ZSPACE |
Z4Pro+ |
2025-12-28T10:02:06.337Z | 2025-12-29T18:01:13.797Z | |
| cve-2025-15130 | shanyu SyCms Administrative Panel FileManageController… |
shanyu |
SyCms |
2025-12-28T09:32:10.325Z | 2025-12-29T18:01:53.351Z | |
| cve-2025-15129 | ChenJinchuang Lin-CMS-TP5 File Upload LocalUploader.ph… |
ChenJinchuang |
Lin-CMS-TP5 |
2025-12-28T09:02:10.127Z | 2025-12-29T18:55:29.222Z | |
| cve-2025-15128 | ZKTeco BioTime Endpoint safe_setting credentials storage |
ZKTeco |
BioTime |
2025-12-28T08:32:10.069Z | 2025-12-29T16:06:03.528Z | |
| cve-2025-15127 | FantasticLBP Hotels_Server Room.php sql injection |
FantasticLBP |
Hotels_Server |
2025-12-28T08:02:06.225Z | 2025-12-29T16:02:17.068Z | |
| cve-2025-15126 | JeecgBoot getPositionUserList improper authorization |
n/a |
JeecgBoot |
2025-12-28T07:32:06.264Z | 2025-12-29T16:03:06.162Z | |
| cve-2025-15125 | JeecgBoot queryDepartPermission improper authorization |
n/a |
JeecgBoot |
2025-12-28T07:02:06.680Z | 2025-12-29T16:03:49.238Z | |
| cve-2025-15124 | JeecgBoot list getParameterMap improper authorization |
n/a |
JeecgBoot |
2025-12-28T06:32:06.920Z | 2025-12-29T16:04:32.586Z | |
| cve-2025-15123 | JeecgBoot datarule improper authorization |
n/a |
JeecgBoot |
2025-12-28T06:02:05.781Z | 2025-12-29T16:05:08.309Z | |
| cve-2025-15122 | JeecgBoot datarule loadDatarule improper authorization |
n/a |
JeecgBoot |
2025-12-28T05:02:05.798Z | 2025-12-29T16:42:57.874Z | |
| cve-2025-15121 | JeecgBoot getDeptRoleByUserId information disclosure |
n/a |
JeecgBoot |
2025-12-28T04:32:06.152Z | 2025-12-29T16:41:44.256Z | |
| cve-2025-15120 | JeecgBoot getDeptRoleList improper authorization |
n/a |
JeecgBoot |
2025-12-28T04:02:06.291Z | 2025-12-29T16:40:55.481Z | |
| cve-2025-15119 | JeecgBoot list queryPageList improper authorization |
n/a |
JeecgBoot |
2025-12-28T03:32:06.719Z | 2025-12-29T19:04:57.949Z | |
| cve-2025-15118 | macrozheng mall Member Endpoint update improper author… |
macrozheng |
mall |
2025-12-28T03:02:05.540Z | 2025-12-29T16:40:10.112Z | |
| cve-2025-15117 | Dromara Sa-Token SaJdkSerializer.java ObjectInputStrea… |
Dromara |
Sa-Token |
2025-12-28T02:32:05.652Z | 2025-12-29T16:39:15.402Z | |
| cve-2025-15116 | OpenCart Single-Use Coupon race condition |
n/a |
OpenCart |
2025-12-28T02:02:06.876Z | 2025-12-29T16:38:27.409Z | |
| cve-2025-68972 | 5.9 (v3.1) | In GnuPG through 2.4.8, if a signed message has \… |
GnuPG |
GnuPG |
2025-12-27T22:52:30.957Z | 2025-12-29T16:51:02.621Z |
| cve-2025-15110 | jackq XCMS Backend ProductImageController.class.php up… |
jackq |
XCMS |
2025-12-27T20:02:09.663Z | 2025-12-29T16:51:10.398Z | |
| cve-2025-14177 | 6.3 (v4.0) | Information Leak of Memory in getimagesize |
PHP Group |
PHP |
2025-12-27T19:33:23.973Z | 2025-12-29T16:01:36.231Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-15178 | Tenda WH450 HTTP Request VirtualSer stack-based overflow |
Tenda |
WH450 |
2025-12-29T07:32:09.177Z | 2025-12-29T16:44:43.007Z | |
| cve-2025-15226 | 9.3 (v4.0) 9.8 (v3.1) | Sunnet|WMPro - Arbitrary File Upload |
Sunnet |
WMPro |
2025-12-29T06:39:27.426Z | 2025-12-29T14:34:29.835Z |
| cve-2025-15225 | 8.7 (v4.0) 7.5 (v3.1) | Sunnet|WMPro - Arbitrary File Read |
Sunnet |
WMPro |
2025-12-29T06:31:49.460Z | 2025-12-29T16:45:35.087Z |
| cve-2025-15177 | Tenda WH450 HTTP Request SetIpBind stack-based overflow |
Tenda |
WH450 |
2025-12-29T07:02:07.082Z | 2025-12-29T14:33:44.092Z | |
| cve-2025-15176 | Open5GS PFCP Session Establishment Request rule-match.… |
n/a |
Open5GS |
2025-12-29T06:32:06.957Z | 2025-12-29T14:38:33.043Z | |
| cve-2025-15175 | SohuTV CacheCloud AppController.java appCommandAnalysi… |
SohuTV |
CacheCloud |
2025-12-29T06:02:06.400Z | 2025-12-29T16:46:17.772Z | |
| cve-2025-15174 | SohuTV CacheCloud AppManageController.java doAppAuditL… |
SohuTV |
CacheCloud |
2025-12-29T05:32:06.622Z | 2025-12-29T16:46:51.322Z | |
| cve-2025-15070 | 6.8 (v4.0) 5.5 (v3.1) | Data Exposure in Gmission Web FAX |
Gmission |
Web Fax |
2025-12-29T05:06:21.656Z | 2025-12-29T17:16:42.132Z |
| cve-2025-15069 | 8.4 (v4.0) 7.1 (v3.1) | Privilege Escalation in Gmission Web FAX |
Gmission |
Web Fax |
2025-12-29T05:05:58.228Z | 2025-12-29T17:22:58.014Z |
| cve-2025-15068 | 8.5 (v4.0) 7.7 (v3.1) | Account Takeover in Gmission Web FAX |
Gmission |
Web Fax |
2025-12-29T05:05:42.777Z | 2025-12-29T17:36:55.788Z |
| cve-2025-13958 | N/A | YaMaps < 0.6.40 - Contributor+ Stored XSS |
Unknown |
YaMaps for WordPress Plugin |
2025-12-29T06:00:10.716Z | 2025-12-29T20:16:35.365Z |
| cve-2025-13417 | N/A | Plugin Organizer < 10.2.4 - Subscriber+ SQLi |
Unknown |
Plugin Organizer |
2025-12-29T06:00:08.587Z | 2025-12-29T20:15:42.608Z |
| cve-2025-15173 | SohuTV CacheCloud InstanceController.java advancedAnal… |
SohuTV |
CacheCloud |
2025-12-29T05:02:05.724Z | 2025-12-29T17:50:08.853Z | |
| cve-2025-15172 | SohuTV CacheCloud RedisConfigTemplateController.java p… |
SohuTV |
CacheCloud |
2025-12-29T04:32:08.554Z | 2025-12-29T17:51:46.399Z | |
| cve-2025-15171 | SohuTV CacheCloud ServerController.java index cross si… |
SohuTV |
CacheCloud |
2025-12-29T04:02:05.763Z | 2025-12-29T14:39:27.399Z | |
| cve-2025-15170 | Advaya Softech GEMS ERP Portal Error Message home.jsp … |
Advaya Softech |
GEMS ERP Portal |
2025-12-29T03:32:07.618Z | 2025-12-29T14:40:15.648Z | |
| cve-2025-15169 | BiggiDroid Simple PHP CMS editsite.php sql injection |
BiggiDroid |
Simple PHP CMS |
2025-12-29T03:02:09.145Z | 2025-12-29T16:09:31.243Z | |
| cve-2025-52691 | 10 (v3.1) | Upload Arbitrary Files |
SmarterTools |
SmarterMail |
2025-12-29T02:15:58.200Z | 2025-12-29T16:47:54.633Z |
| cve-2025-15168 | itsourcecode Student Management System statistical.php… |
itsourcecode |
Student Management System |
2025-12-29T02:32:06.034Z | 2025-12-29T16:50:56.359Z | |
| cve-2025-15167 | itsourcecode Online Cake Ordering System detailtransac… |
itsourcecode |
Online Cake Ordering System |
2025-12-29T02:02:07.978Z | 2025-12-29T18:00:29.145Z | |
| cve-2025-15166 | itsourcecode Online Cake Ordering System updatesupplie… |
itsourcecode |
Online Cake Ordering System |
2025-12-29T01:32:07.201Z | 2025-12-29T18:57:13.054Z | |
| cve-2025-15165 | itsourcecode Online Cake Ordering System updatecustome… |
itsourcecode |
Online Cake Ordering System |
2025-12-29T01:02:08.921Z | 2025-12-29T19:29:33.393Z | |
| cve-2025-15164 | Tenda WH450 SafeMacFilter stack-based overflow |
Tenda |
WH450 |
2025-12-29T00:32:07.802Z | 2025-12-29T00:32:07.802Z | |
| cve-2025-15163 | Tenda WH450 SafeEmailFilter stack-based overflow |
Tenda |
WH450 |
2025-12-29T00:02:07.226Z | 2025-12-29T21:03:37.471Z | |
| cve-2025-15067 | 8.5 (v4.0) 7.7 (v3.1) | Unrestricted File Upload and RCE in Innorix WP |
Innorix |
Innorix WP |
2025-12-29T00:59:38.660Z | 2025-12-29T17:31:32.666Z |
| cve-2025-15066 | 6.9 (v4.0) 6.2 (v3.1) | Arbitrary File Download through Path Traversal in Innorix WP |
Innorix |
Innorix WP |
2025-12-29T00:48:56.222Z | 2025-12-29T17:35:49.557Z |
| cve-2025-15065 | 8.6 (v4.0) 6.3 (v3.1) | Data Exposure in Kings Information & Network KESS Enterprise |
Kings Information & Network Co. |
KESS Enterprise |
2025-12-29T00:09:27.009Z | 2025-12-31T04:45:49.039Z |
| cve-2025-15162 | Tenda WH450 RouteStatic stack-based overflow |
Tenda |
WH450 |
2025-12-28T23:32:08.620Z | 2025-12-29T21:06:49.439Z | |
| cve-2025-15161 | Tenda WH450 PPTPUserSetting stack-based overflow |
Tenda |
WH450 |
2025-12-28T23:02:08.101Z | 2025-12-29T21:13:48.407Z | |
| cve-2025-15160 | Tenda WH450 PPTPServer stack-based overflow |
Tenda |
WH450 |
2025-12-28T22:32:07.881Z | 2025-12-29T16:08:39.716Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-0000-ghsa-malware-ef08c9391950720b | Malware in hast-util-to-mdast9 | 2025-12-04T07:11:04Z | 2025-12-04T07:11:04Z |
| mal-0000-ghsa-malware-babcb3ddc3e2ab51 | Malware in remark-mdx2.3 | 2025-12-04T07:11:04Z | 2025-12-04T07:11:04Z |
| mal-0000-ghsa-malware-9bfe53604b9b87ba | Malware in unified10 | 2025-12-04T07:11:04Z | 2025-12-04T07:11:04Z |
| mal-0000-ghsa-malware-50a8f2d4aba7f406 | Malware in remark-stringify10 | 2025-12-04T07:11:04Z | 2025-12-04T07:11:04Z |
| mal-0000-ghsa-malware-0234999818b5c644 | Malware in unified11 | 2025-12-04T07:05:43Z | 2025-12-04T07:05:44Z |
| mal-0000-ghsa-malware-b0d37276c9efb7e8 | Malware in remark-parse10 | 2025-12-04T06:43:31Z | 2025-12-04T06:43:32Z |
| mal-2025-192295 | Malicious code in elf-stats-jubilant-ornament-641 (npm) | 2025-12-04T06:00:43Z | 2025-12-05T20:41:17Z |
| mal-2025-192372 | Malicious code in volume-viz (npm) | 2025-12-04T03:08:55Z | 2025-12-10T21:09:40Z |
| mal-2025-192294 | Malicious code in elf-stats-festive-sparkler-275 (npm) | 2025-12-04T00:00:59Z | 2025-12-23T19:37:08Z |
| mal-2025-192293 | Malicious code in tailwindcss-animation-css (npm) | 2025-12-03T22:19:24Z | 2025-12-05T20:41:20Z |
| mal-2025-192292 | Malicious code in email-validated (npm) | 2025-12-03T22:19:24Z | 2025-12-05T20:41:17Z |
| mal-2025-192291 | Malicious code in email-regexed (npm) | 2025-12-03T22:19:24Z | 2025-12-05T20:41:17Z |
| mal-2025-192290 | Malicious code in dotenv-intend (npm) | 2025-12-03T21:24:32Z | 2025-12-23T16:45:00Z |
| mal-2025-192289 | Malicious code in chai-test-await (npm) | 2025-12-03T21:24:32Z | 2025-12-23T16:10:05Z |
| mal-2025-192288 | Malicious code in self-service-portal-prod (npm) | 2025-12-03T20:45:40Z | 2025-12-10T02:55:12Z |
| mal-2025-192281 | Malicious code in elf-stats-frostbitten-pantry-235 (npm) | 2025-12-03T20:00:51Z | 2025-12-23T19:37:08Z |
| mal-2025-192279 | Malicious code in elf-stats-candystriped-chimney-879 (npm) | 2025-12-03T19:54:12Z | 2025-12-23T16:45:01Z |
| mal-2025-192278 | Malicious code in elf-stats-aurora-toy-659 (npm) | 2025-12-03T19:51:09Z | 2025-12-23T16:45:01Z |
| mal-2025-192280 | Malicious code in elf-stats-evergreen-pantry-410 (npm) | 2025-12-03T19:50:08Z | 2025-12-23T19:37:08Z |
| mal-2025-192284 | Malicious code in elf-stats-sprucey-fireplace-355 (npm) | 2025-12-03T19:45:17Z | 2025-12-03T20:10:12Z |
| mal-2025-192285 | Malicious code in elf-stats-sugarplum-cookiejar-287 (npm) | 2025-12-03T19:42:46Z | 2025-12-23T22:09:11Z |
| mal-2025-192283 | Malicious code in elf-stats-sparkly-candy-805 (npm) | 2025-12-03T19:42:46Z | 2025-12-23T21:38:09Z |
| mal-2025-192282 | Malicious code in elf-stats-joyous-train-754 (npm) | 2025-12-03T19:42:46Z | 2025-12-23T20:09:23Z |
| mal-2025-192286 | Malicious code in elf-stats-tinsel-sparkler-289 (npm) | 2025-12-03T19:38:32Z | 2025-12-23T22:09:11Z |
| mal-2025-192287 | Malicious code in elf-stats-twinkling-ribbon-344 (npm) | 2025-12-03T19:36:04Z | 2025-12-05T20:41:17Z |
| mal-2025-192274 | Malicious code in elf-stats-mulled-nightcap-782 (npm) | 2025-12-03T19:35:48Z | 2025-12-03T20:10:12Z |
| mal-2025-192271 | Malicious code in @bhyolken/echotest (npm) | 2025-12-03T19:34:54Z | 2025-12-23T15:09:26Z |
| mal-2025-192276 | Malicious code in elf-stats-snowy-northstar-860 (npm) | 2025-12-03T19:25:36Z | 2025-12-23T21:38:09Z |
| mal-2025-192273 | Malicious code in elf-stats-merry-cookiejar-139 (npm) | 2025-12-03T19:22:08Z | 2025-12-23T20:41:02Z |
| mal-2025-192272 | Malicious code in elf-stats-candystriped-ornament-933 (npm) | 2025-12-03T19:22:08Z | 2025-12-23T16:45:01Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:15608 | Red Hat Security Advisory: python3.12-cryptography security update | 2025-09-10T10:39:56+00:00 | 2025-11-21T19:25:21+00:00 |
| rhsa-2025:15291 | Red Hat Security Advisory: OpenShift Container Platform 4.19.11 packages and security update | 2025-09-09T15:23:04+00:00 | 2025-11-25T21:54:36+00:00 |
| rhsa-2025:15535 | Red Hat Security Advisory: thunderbird security update | 2025-09-09T05:08:42+00:00 | 2025-11-21T19:25:21+00:00 |
| rhsa-2025:15516 | Red Hat Security Advisory: httpd:2.4 security update | 2025-09-08T19:04:32+00:00 | 2025-11-21T19:25:20+00:00 |
| rhsa-2025:15496 | Red Hat Security Advisory: thunderbird security update | 2025-09-08T16:31:37+00:00 | 2025-11-21T19:25:24+00:00 |
| rhsa-2025:15471 | Red Hat Security Advisory: kernel security update | 2025-09-08T15:06:34+00:00 | 2025-11-21T19:25:17+00:00 |
| rhsa-2025:15472 | Red Hat Security Advisory: kernel-rt security update | 2025-09-08T15:06:33+00:00 | 2025-11-21T19:25:18+00:00 |
| rhsa-2025:15463 | Red Hat Security Advisory: qt5-qt3d security update | 2025-09-08T12:06:06+00:00 | 2025-11-21T19:25:17+00:00 |
| rhsa-2025:15447 | Red Hat Security Advisory: kernel security update | 2025-09-08T12:06:04+00:00 | 2025-11-28T17:34:04+00:00 |
| rhsa-2025:15438 | Red Hat Security Advisory: thunderbird security update | 2025-09-08T08:05:45+00:00 | 2025-11-21T19:25:15+00:00 |
| rhsa-2025:15435 | Red Hat Security Advisory: thunderbird security update | 2025-09-08T08:05:45+00:00 | 2025-11-21T19:25:13+00:00 |
| rhsa-2025:15434 | Red Hat Security Advisory: thunderbird security update | 2025-09-08T08:05:45+00:00 | 2025-11-21T19:25:13+00:00 |
| rhsa-2025:15437 | Red Hat Security Advisory: thunderbird security update | 2025-09-08T08:05:44+00:00 | 2025-11-21T19:25:15+00:00 |
| rhsa-2025:15436 | Red Hat Security Advisory: thunderbird security update | 2025-09-08T08:05:44+00:00 | 2025-11-21T19:25:14+00:00 |
| rhsa-2025:15429 | Red Hat Security Advisory: kernel security update | 2025-09-08T08:05:41+00:00 | 2025-11-21T19:25:12+00:00 |
| rhsa-2025:15430 | Red Hat Security Advisory: firefox security update | 2025-09-08T06:35:15+00:00 | 2025-11-21T19:25:12+00:00 |
| rhsa-2025:15423 | Red Hat Security Advisory: firefox security update | 2025-09-08T03:28:05+00:00 | 2025-11-21T19:25:10+00:00 |
| rhsa-2025:15424 | Red Hat Security Advisory: firefox security update | 2025-09-08T03:25:56+00:00 | 2025-11-21T19:25:11+00:00 |
| rhsa-2025:15422 | Red Hat Security Advisory: firefox security update | 2025-09-08T03:25:55+00:00 | 2025-11-21T19:25:10+00:00 |
| rhsa-2025:15420 | Red Hat Security Advisory: firefox security update | 2025-09-08T03:12:35+00:00 | 2025-11-21T19:25:08+00:00 |
| rhsa-2025:15421 | Red Hat Security Advisory: firefox security update | 2025-09-08T03:07:50+00:00 | 2025-11-21T19:25:09+00:00 |
| rhsa-2025:15418 | Red Hat Security Advisory: firefox security update | 2025-09-08T02:45:05+00:00 | 2025-11-21T19:25:07+00:00 |
| rhsa-2025:15419 | Red Hat Security Advisory: firefox security update | 2025-09-08T02:43:10+00:00 | 2025-11-21T19:25:11+00:00 |
| rhsa-2025:15407 | Red Hat Security Advisory: qt5-qt3d security update | 2025-09-08T01:31:50+00:00 | 2025-11-21T19:25:05+00:00 |
| rhsa-2025:15410 | Red Hat Security Advisory: python39:3.9 security update | 2025-09-08T01:31:20+00:00 | 2025-11-25T10:19:58+00:00 |
| rhsa-2025:15408 | Red Hat Security Advisory: python39:3.9 security update | 2025-09-08T01:27:15+00:00 | 2025-11-25T10:19:58+00:00 |
| rhsa-2025:15406 | Red Hat Security Advisory: opentelemetry-collector security update | 2025-09-08T01:27:06+00:00 | 2025-11-21T19:25:03+00:00 |
| rhsa-2025:15409 | Red Hat Security Advisory: aide security update | 2025-09-08T01:26:40+00:00 | 2025-11-22T03:02:11+00:00 |
| rhsa-2025:15411 | Red Hat Security Advisory: python39:3.9 security update | 2025-09-08T01:17:10+00:00 | 2025-11-25T10:19:58+00:00 |
| rhsa-2025:15389 | Red Hat Security Advisory: Red Hat OpenShift GitOps security update | 2025-09-04T19:49:38+00:00 | 2025-11-21T19:38:32+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-39748 | bpf: Forget ranges when refining tnum after JSET | 2025-09-02T00:00:00.000Z | 2025-12-07T01:51:17.000Z |
| msrc_cve-2025-39747 | drm/msm: Add error handling for krealloc in metadata setup | 2025-09-02T00:00:00.000Z | 2025-12-07T01:51:03.000Z |
| msrc_cve-2025-39746 | wifi: ath10k: shutdown driver when hardware is unreliable | 2025-09-02T00:00:00.000Z | 2025-12-07T01:50:56.000Z |
| msrc_cve-2025-39745 | rcutorture: Fix rcutorture_one_extend_check() splat in RT kernels | 2025-09-02T00:00:00.000Z | 2025-12-03T01:37:53.000Z |
| msrc_cve-2025-39744 | rcu: Fix rcu_read_unlock() deadloop due to IRQ work | 2025-09-02T00:00:00.000Z | 2025-11-27T01:02:33.000Z |
| msrc_cve-2025-39743 | jfs: truncate good inode pages when hard link is 0 | 2025-09-02T00:00:00.000Z | 2025-09-13T01:04:03.000Z |
| msrc_cve-2025-39742 | RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() | 2025-09-02T00:00:00.000Z | 2025-09-13T01:03:58.000Z |
| msrc_cve-2025-39739 | iommu/arm-smmu-qcom: Add SM6115 MDSS compatible | 2025-09-02T00:00:00.000Z | 2025-09-13T01:02:41.000Z |
| msrc_cve-2025-39738 | btrfs: do not allow relocation of partially dropped subvolumes | 2025-09-02T00:00:00.000Z | 2025-09-13T01:04:36.000Z |
| msrc_cve-2025-39737 | mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup() | 2025-09-02T00:00:00.000Z | 2025-09-13T01:04:47.000Z |
| msrc_cve-2025-39736 | mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock | 2025-09-02T00:00:00.000Z | 2025-09-13T01:02:24.000Z |
| msrc_cve-2025-39732 | wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() | 2025-09-02T00:00:00.000Z | 2025-12-03T01:37:48.000Z |
| msrc_cve-2025-39731 | f2fs: vm_unmap_ram() may be called from an invalid context | 2025-09-02T00:00:00.000Z | 2025-09-09T01:01:17.000Z |
| msrc_cve-2025-39730 | NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() | 2025-09-02T00:00:00.000Z | 2025-09-09T01:01:30.000Z |
| msrc_cve-2025-39726 | s390/ism: fix concurrency management in ism_cmd() | 2025-09-02T00:00:00.000Z | 2025-12-03T01:37:43.000Z |
| msrc_cve-2025-39724 | serial: 8250: fix panic due to PSLVERR | 2025-09-02T00:00:00.000Z | 2025-09-07T01:05:12.000Z |
| msrc_cve-2025-39721 | crypto: qat - flush misc workqueue during device shutdown | 2025-09-02T00:00:00.000Z | 2025-09-07T01:07:41.000Z |
| msrc_cve-2025-39720 | ksmbd: fix refcount leak causing resource not released | 2025-09-02T00:00:00.000Z | 2025-12-03T01:37:38.000Z |
| msrc_cve-2025-39719 | iio: imu: bno055: fix OOB access of hw_xlate array | 2025-09-02T00:00:00.000Z | 2025-09-07T01:13:30.000Z |
| msrc_cve-2025-39718 | vsock/virtio: Validate length in packet header before skb_put() | 2025-09-02T00:00:00.000Z | 2025-09-07T01:03:56.000Z |
| msrc_cve-2025-39716 | parisc: Revise __get_user() to probe user read access | 2025-09-02T00:00:00.000Z | 2025-09-07T01:12:43.000Z |
| msrc_cve-2025-39715 | parisc: Revise gateway LWS calls to probe user read access | 2025-09-02T00:00:00.000Z | 2025-09-07T01:11:11.000Z |
| msrc_cve-2025-39714 | media: usbtv: Lock resolution while streaming | 2025-09-02T00:00:00.000Z | 2025-09-07T01:13:39.000Z |
| msrc_cve-2025-39713 | media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() | 2025-09-02T00:00:00.000Z | 2025-09-07T01:13:46.000Z |
| msrc_cve-2025-39711 | media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls | 2025-09-02T00:00:00.000Z | 2025-09-07T01:07:03.000Z |
| msrc_cve-2025-39710 | media: venus: Add a check for packet size after reading from shared memory | 2025-09-02T00:00:00.000Z | 2025-09-07T01:03:46.000Z |
| msrc_cve-2025-39709 | media: venus: protect against spurious interrupts during probe | 2025-09-02T00:00:00.000Z | 2025-09-07T01:02:25.000Z |
| msrc_cve-2025-39707 | drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities | 2025-09-02T00:00:00.000Z | 2025-12-07T01:50:17.000Z |
| msrc_cve-2025-39706 | drm/amdkfd: Destroy KFD debugfs after destroy KFD wq | 2025-09-02T00:00:00.000Z | 2025-09-07T01:09:21.000Z |
| msrc_cve-2025-39705 | drm/amd/display: fix a Null pointer dereference vulnerability | 2025-09-02T00:00:00.000Z | 2025-12-07T01:49:57.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2021-000043 | Installer of Overwolf may insecurely load Dynamic Link Libraries | 2021-05-21T16:07+09:00 | 2021-05-21T16:07+09:00 |
| jvndb-2021-000042 | Multiple cross-site scripting vulnerabilities in multiple PHP Factory products | 2021-05-21T15:38+09:00 | 2021-05-21T15:38+09:00 |
| jvndb-2021-000040 | QND vulnerable to privilege escalation | 2021-05-21T14:21+09:00 | 2021-05-21T14:21+09:00 |
| jvndb-2021-000037 | mod_auth_openidc vulnerable to denial-of-service (DoS) | 2021-05-14T15:35+09:00 | 2021-05-14T15:35+09:00 |
| jvndb-2021-000038 | Multiple vulnerabilities in Cisco Small Business Series Wireless Access Points | 2021-05-14T15:26+09:00 | 2021-05-14T15:26+09:00 |
| jvndb-2021-000039 | RFNTPS vulnerable to OS command injection | 2021-05-13T16:05+09:00 | 2021-05-13T16:05+09:00 |
| jvndb-2021-000036 | Multiple vulnerabilities in KonaWiki2 | 2021-05-13T16:05+09:00 | 2021-05-13T16:05+09:00 |
| jvndb-2021-000035 | EC-CUBE vulnerable to cross-site scripting | 2021-05-10T18:08+09:00 | 2021-05-10T18:08+09:00 |
| jvndb-2021-001380 | Multiple Buffalo network devices contain hidden functionality | 2021-04-28T16:15+09:00 | 2021-05-07T16:16+09:00 |
| jvndb-2021-001381 | Multiple vulnerabilities in Buffalo broadband routers | 2021-04-28T16:14+09:00 | 2021-05-07T16:28+09:00 |
| jvndb-2021-000034 | WordPress plugin "WP Fastest Cache" vulnerable to directory traversal | 2021-04-27T17:12+09:00 | 2021-04-27T17:12+09:00 |
| jvndb-2021-000033 | Hot Pepper Gourmet App fails to restrict access permissions | 2021-04-27T17:10+09:00 | 2023-03-08T17:02+09:00 |
| jvndb-2021-000909 | yappa-ng vulnerable to cross-site scripting | 2021-04-22T16:33+09:00 | 2021-04-22T16:33+09:00 |
| jvndb-2021-001374 | Trend Micro Password Manager may insecurely load Dynamic Link Libraries | 2021-04-20T12:25+09:00 | 2021-04-20T12:25+09:00 |
| jvndb-2021-000031 | Gurunavi Apps fail to restrict access permissions | 2021-04-14T17:22+09:00 | 2023-03-08T17:02+09:00 |
| jvndb-2021-001345 | Information Disclosure Vulnerability in Cosminexus | 2021-04-13T16:46+09:00 | 2021-04-13T16:46+09:00 |
| jvndb-2021-001344 | Vulnerability in JP1/VERITAS | 2021-04-13T16:42+09:00 | 2021-04-13T16:42+09:00 |
| jvndb-2021-001343 | D-Link DAP-1880AC contains multiple vulnerabilities | 2021-04-12T15:32+09:00 | 2021-04-12T15:32+09:00 |
| jvndb-2021-000028 | Multiple vulnerabilities in multiple Aterm products | 2021-04-09T17:16+09:00 | 2021-04-09T17:16+09:00 |
| jvndb-2021-000030 | Multiple vulnerabilities in Aterm WF1200CR, Aterm WG1200CR, Aterm WG2600HS, and Aterm WX3000HP | 2021-04-09T16:42+09:00 | 2021-04-09T16:42+09:00 |
| jvndb-2021-000029 | Archive collectively operation utility vulnerable to directory traversal | 2021-04-01T14:44+09:00 | 2021-04-01T14:44+09:00 |
| jvndb-2021-000027 | Multiple vulnerabilities in baserCMS | 2021-03-26T14:25+09:00 | 2021-03-26T14:25+09:00 |
| jvndb-2021-000908 | rNote vulnerable to cross-site scripting | 2021-03-25T18:14+09:00 | 2021-03-25T18:14+09:00 |
| jvndb-2021-000907 | Yomi-Search vulnerable to cross-site scripting | 2021-03-25T18:12+09:00 | 2021-03-25T18:12+09:00 |
| jvndb-2021-000906 | Yomi-Search vulnerable to cross-site scripting | 2021-03-25T18:06+09:00 | 2021-03-25T18:06+09:00 |
| jvndb-2021-000905 | Yomi-Search vulnerable to cross-site scripting | 2021-03-25T18:01+09:00 | 2021-03-25T18:01+09:00 |
| jvndb-2021-000904 | Click Ranker vulnerable to cross-site scripting | 2021-03-25T17:52+09:00 | 2021-03-25T17:52+09:00 |
| jvndb-2021-000903 | Kagemai vulnerable to cross-site request forgery | 2021-03-25T17:50+09:00 | 2021-03-25T17:50+09:00 |
| jvndb-2021-000902 | Kagemai vulnerable to cross-site scripting | 2021-03-25T17:46+09:00 | 2021-03-25T17:46+09:00 |
| jvndb-2021-000901 | Kagemai vulnerable to cross-site scripting | 2021-03-25T17:43+09:00 | 2021-03-25T17:43+09:00 |
| ID | Description | Updated |
|---|