Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-jxhp-qvjm-mxcj | A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the f… | 2025-12-28T15:30:26Z | 2025-12-28T15:30:26Z |
| ghsa-j5pv-22p5-jmgv | A vulnerability has been found in TRENDnet TEW-822DRE 1.00B21/1.01B06. This affects the function su… | 2025-12-28T15:30:26Z | 2025-12-28T15:30:26Z |
| ghsa-9mf8-q5hw-h59m | A vulnerability was determined in Halo up to 2.21.10. This issue affects some unknown processing of… | 2025-12-28T15:30:26Z | 2025-12-28T15:30:27Z |
| ghsa-9794-w62c-pf6f | A flaw has been found in prasathmani TinyFileManager up to 2.6. Affected by this issue is some unkn… | 2025-12-28T15:30:26Z | 2025-12-28T15:30:26Z |
| ghsa-2mpc-f7w9-hpmw | A security vulnerability has been detected in TRENDnet TEW-800MB 1.0.1.0. Affected is the function … | 2025-12-28T15:30:26Z | 2025-12-28T15:30:26Z |
| ghsa-7x46-g3w8-h64v | A weakness has been identified in joey-zhou xiaozhi-esp32-server-java up to 3.0.0. This impacts the… | 2025-12-28T12:30:24Z | 2025-12-28T12:30:24Z |
| ghsa-w487-9rjq-3p3v | A vulnerability has been found in shanyu SyCms up to a242ef2d194e8bb249dc175e7c49f2c1673ec921. This… | 2025-12-28T12:30:23Z | 2025-12-28T12:30:23Z |
| ghsa-v2w5-94qr-4c5g | A vulnerability was determined in ZSPACE Z4Pro+ 1.0.0440024. The affected element is the function z… | 2025-12-28T12:30:23Z | 2025-12-28T12:30:23Z |
| ghsa-fvhh-hg59-vfxx | A vulnerability was found in ZSPACE Z4Pro+ 1.0.0440024. Impacted is the function zfilev2_api_SafeSt… | 2025-12-28T12:30:23Z | 2025-12-28T12:30:23Z |
| ghsa-6chc-jx4m-r2w2 | A vulnerability was identified in ZSPACE Z4Pro+ 1.0.0440024. The impacted element is the function z… | 2025-12-28T12:30:23Z | 2025-12-28T12:30:23Z |
| ghsa-29m3-gxfx-749g | A security flaw has been discovered in yourmaileyes MOOC up to 1.17. This affects the function subr… | 2025-12-28T12:30:23Z | 2025-12-28T12:30:24Z |
| ghsa-xvv8-2hxw-mghp | A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this vulnerability is the func… | 2025-12-28T09:30:27Z | 2025-12-28T09:30:27Z |
| ghsa-q2w3-p85r-q6v3 | A flaw has been found in ChenJinchuang Lin-CMS-TP5 up to 0.3.3. This vulnerability affects the func… | 2025-12-28T09:30:27Z | 2025-12-28T09:30:27Z |
| ghsa-mjm5-xqg6-v939 | A security flaw has been discovered in JeecgBoot up to 3.9.0. Affected is the function queryDepartP… | 2025-12-28T09:30:27Z | 2025-12-28T09:30:27Z |
| ghsa-m84v-87w9-mgjq | A vulnerability was determined in JeecgBoot up to 3.9.0. This affects an unknown function of the fi… | 2025-12-28T09:30:27Z | 2025-12-28T09:30:27Z |
| ghsa-hq3q-62v8-pp48 | A vulnerability was detected in ZKTeco BioTime up to 9.0.3/9.0.4/9.5.2. This affects an unknown par… | 2025-12-28T09:30:27Z | 2025-12-28T09:30:27Z |
| ghsa-6px8-5r5j-c9f2 | A vulnerability was identified in JeecgBoot up to 3.9.0. This impacts the function getParameterMap … | 2025-12-28T09:30:27Z | 2025-12-28T09:30:27Z |
| ghsa-2cqx-6pqq-j99h | A security vulnerability has been detected in FantasticLBP Hotels_Server up to 67b44df162fab26df209… | 2025-12-28T09:30:27Z | 2025-12-28T09:30:27Z |
| ghsa-jcpx-68wr-v54v | A flaw has been found in JeecgBoot up to 3.9.0. Impacted is the function getDeptRoleList of the fil… | 2025-12-28T06:31:32Z | 2025-12-28T06:31:32Z |
| ghsa-gv85-863m-74jv | A vulnerability has been found in JeecgBoot up to 3.9.0. The affected element is the function getDe… | 2025-12-28T06:31:32Z | 2025-12-28T06:31:32Z |
| ghsa-35f9-r8q8-pqf5 | A vulnerability was found in JeecgBoot up to 3.9.0. The impacted element is the function loadDataru… | 2025-12-28T06:31:32Z | 2025-12-28T06:31:32Z |
| ghsa-m8rq-9x47-wwr7 | A security vulnerability has been detected in macrozheng mall up to 1.0.3. This vulnerability affec… | 2025-12-28T06:31:31Z | 2025-12-28T06:31:31Z |
| ghsa-6wrf-f8cg-6rh5 | A vulnerability was detected in JeecgBoot up to 3.9.0. This issue affects the function queryPageLis… | 2025-12-28T06:31:31Z | 2025-12-28T06:31:31Z |
| ghsa-wgfq-49px-5cwg | A security flaw has been discovered in OpenCart up to 4.1.0.3. Affected by this issue is some unkno… | 2025-12-28T03:30:12Z | 2025-12-28T03:30:12Z |
| ghsa-9786-pc79-p3v7 | A weakness has been identified in Dromara Sa-Token up to 1.44.0. This affects the function ObjectIn… | 2025-12-28T03:30:12Z | 2025-12-28T03:30:12Z |
| ghsa-w789-3q45-984r | In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can… | 2025-12-28T00:30:23Z | 2025-12-28T00:30:23Z |
| ghsa-w2jm-qqhw-c9px | A vulnerability has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. Affect… | 2025-12-27T21:30:12Z | 2025-12-27T21:30:12Z |
| ghsa-f342-w736-j52r | A flaw has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. This impacts an… | 2025-12-27T21:30:12Z | 2025-12-27T21:30:12Z |
| ghsa-hj3q-q387-m5hr | A vulnerability was detected in PandaXGO PandaX up to fb8ff40f7ce5dfebdf66306c6d85625061faf7e5. Thi… | 2025-12-27T18:30:26Z | 2025-12-27T18:30:26Z |
| ghsa-43h9-hc38-qph5 | SQLE's JWT Secret Handler can be manipulated to use hard-coded cryptographic key | 2025-12-27T15:30:17Z | 2025-12-29T20:36:20Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-15126 | JeecgBoot getPositionUserList improper authorization |
n/a |
JeecgBoot |
2025-12-28T07:32:06.264Z | 2025-12-29T16:03:06.162Z | |
| cve-2025-15125 | JeecgBoot queryDepartPermission improper authorization |
n/a |
JeecgBoot |
2025-12-28T07:02:06.680Z | 2025-12-29T16:03:49.238Z | |
| cve-2025-15124 | JeecgBoot list getParameterMap improper authorization |
n/a |
JeecgBoot |
2025-12-28T06:32:06.920Z | 2025-12-29T16:04:32.586Z | |
| cve-2025-15123 | JeecgBoot datarule improper authorization |
n/a |
JeecgBoot |
2025-12-28T06:02:05.781Z | 2025-12-29T16:05:08.309Z | |
| cve-2025-15122 | JeecgBoot datarule loadDatarule improper authorization |
n/a |
JeecgBoot |
2025-12-28T05:02:05.798Z | 2025-12-29T16:42:57.874Z | |
| cve-2025-15121 | JeecgBoot getDeptRoleByUserId information disclosure |
n/a |
JeecgBoot |
2025-12-28T04:32:06.152Z | 2025-12-29T16:41:44.256Z | |
| cve-2025-15120 | JeecgBoot getDeptRoleList improper authorization |
n/a |
JeecgBoot |
2025-12-28T04:02:06.291Z | 2025-12-29T16:40:55.481Z | |
| cve-2025-15119 | JeecgBoot list queryPageList improper authorization |
n/a |
JeecgBoot |
2025-12-28T03:32:06.719Z | 2025-12-29T19:04:57.949Z | |
| cve-2025-15118 | macrozheng mall Member Endpoint update improper author… |
macrozheng |
mall |
2025-12-28T03:02:05.540Z | 2025-12-29T16:40:10.112Z | |
| cve-2025-15117 | Dromara Sa-Token SaJdkSerializer.java ObjectInputStrea… |
Dromara |
Sa-Token |
2025-12-28T02:32:05.652Z | 2025-12-29T16:39:15.402Z | |
| cve-2025-15116 | OpenCart Single-Use Coupon race condition |
n/a |
OpenCart |
2025-12-28T02:02:06.876Z | 2025-12-29T16:38:27.409Z | |
| cve-2025-68972 | 5.9 (v3.1) | In GnuPG through 2.4.8, if a signed message has \… |
GnuPG |
GnuPG |
2025-12-27T22:52:30.957Z | 2025-12-29T16:51:02.621Z |
| cve-2025-15110 | jackq XCMS Backend ProductImageController.class.php up… |
jackq |
XCMS |
2025-12-27T20:02:09.663Z | 2025-12-29T16:51:10.398Z | |
| cve-2025-14177 | 6.3 (v4.0) | Information Leak of Memory in getimagesize |
PHP Group |
PHP |
2025-12-27T19:33:23.973Z | 2025-12-29T16:01:36.231Z |
| cve-2025-14178 | 6.5 (v3.1) | Heap buffer overflow in array_merge() |
PHP Group |
PHP |
2025-12-27T19:27:41.691Z | 2025-12-29T16:01:02.639Z |
| cve-2025-14180 | 8.2 (v4.0) | NULL Pointer Dereference in PDO quoting |
PHP Group |
PHP |
2025-12-27T19:21:20.768Z | 2025-12-29T16:00:11.239Z |
| cve-2025-15109 | jackq XCMS upload.php unrestricted upload |
jackq |
XCMS |
2025-12-27T18:32:08.961Z | 2025-12-29T15:59:07.141Z | |
| cve-2025-15108 | PandaXGO PandaX JWT Secret config.yml hard-coded key |
PandaXGO |
PandaX |
2025-12-27T16:32:05.829Z | 2025-12-29T15:58:13.566Z | |
| cve-2025-15107 | actiontech sqle JWT Secret jwt.go hard-coded key |
actiontech |
sqle |
2025-12-27T12:32:06.081Z | 2025-12-29T15:57:28.455Z | |
| cve-2025-15106 | getmaxun Authentication Endpoint auth.ts router.get im… |
getmaxun |
maxun |
2025-12-27T10:32:05.218Z | 2025-12-29T15:56:17.889Z | |
| cve-2025-15105 | getmaxun auth.ts hard-coded key |
getmaxun |
maxun |
2025-12-27T09:02:06.124Z | 2025-12-29T15:55:05.915Z | |
| cve-2025-59946 | NanoMQ has a Use After Free vulnerability via sub info list |
nanomq |
nanomq |
2025-12-27T00:40:51.122Z | 2025-12-29T15:54:27.851Z | |
| cve-2025-68952 | 1-click Remote Code Execution (RCE) vulnerability in Eigent |
eigent-ai |
eigent |
2025-12-27T00:37:08.917Z | 2025-12-29T15:53:36.804Z | |
| cve-2025-68948 | SiYuan: Information Disclosure and Authentication Bypa… |
siyuan-note |
siyuan |
2025-12-27T00:21:31.864Z | 2025-12-29T16:51:19.102Z | |
| cve-2025-68927 | Improper Neutralization of HTML Tags in a Web Page in… |
abhinavxd |
libredesk |
2025-12-27T00:04:49.621Z | 2025-12-29T16:51:24.522Z | |
| cve-2025-54322 | Xspeeder SXZOS through 2025-12-26 allows root rem… |
Xspeeder |
SXZOS |
2025-12-27T00:00:00.000Z | 2025-12-29T16:51:30.437Z | |
| cve-2025-68474 | ESF-IDF Has Out-of-Bounds Write in ESP32 Bluetooth AVR… |
espressif |
esp-idf |
2025-12-26T23:57:54.853Z | 2025-12-29T16:51:36.305Z | |
| cve-2025-68473 | ESF-IDF Has Out-of-Bounds Read in ESP32 Bluetooth SDP … |
espressif |
esp-idf |
2025-12-26T23:54:47.709Z | 2025-12-29T16:51:42.074Z | |
| cve-2025-68148 | FreshRSS globally denies access to feed via proxy modi… |
FreshRSS |
FreshRSS |
2025-12-26T23:46:53.337Z | 2025-12-29T16:51:47.993Z | |
| cve-2025-68932 | FreshRSS has weak cryptographic randomness in remember… |
FreshRSS |
FreshRSS |
2025-12-26T23:43:34.693Z | 2025-12-29T16:51:53.481Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-13417 | N/A | Plugin Organizer < 10.2.4 - Subscriber+ SQLi |
Unknown |
Plugin Organizer |
2025-12-29T06:00:08.587Z | 2025-12-29T20:15:42.608Z |
| cve-2025-15173 | SohuTV CacheCloud InstanceController.java advancedAnal… |
SohuTV |
CacheCloud |
2025-12-29T05:02:05.724Z | 2025-12-29T17:50:08.853Z | |
| cve-2025-15172 | SohuTV CacheCloud RedisConfigTemplateController.java p… |
SohuTV |
CacheCloud |
2025-12-29T04:32:08.554Z | 2025-12-29T17:51:46.399Z | |
| cve-2025-15171 | SohuTV CacheCloud ServerController.java index cross si… |
SohuTV |
CacheCloud |
2025-12-29T04:02:05.763Z | 2025-12-29T14:39:27.399Z | |
| cve-2025-15170 | Advaya Softech GEMS ERP Portal Error Message home.jsp … |
Advaya Softech |
GEMS ERP Portal |
2025-12-29T03:32:07.618Z | 2025-12-29T14:40:15.648Z | |
| cve-2025-15169 | BiggiDroid Simple PHP CMS editsite.php sql injection |
BiggiDroid |
Simple PHP CMS |
2025-12-29T03:02:09.145Z | 2025-12-29T16:09:31.243Z | |
| cve-2025-52691 | 10 (v3.1) | Upload Arbitrary Files |
SmarterTools |
SmarterMail |
2025-12-29T02:15:58.200Z | 2025-12-29T16:47:54.633Z |
| cve-2025-15168 | itsourcecode Student Management System statistical.php… |
itsourcecode |
Student Management System |
2025-12-29T02:32:06.034Z | 2025-12-29T16:50:56.359Z | |
| cve-2025-15167 | itsourcecode Online Cake Ordering System detailtransac… |
itsourcecode |
Online Cake Ordering System |
2025-12-29T02:02:07.978Z | 2025-12-29T18:00:29.145Z | |
| cve-2025-15166 | itsourcecode Online Cake Ordering System updatesupplie… |
itsourcecode |
Online Cake Ordering System |
2025-12-29T01:32:07.201Z | 2025-12-29T18:57:13.054Z | |
| cve-2025-15165 | itsourcecode Online Cake Ordering System updatecustome… |
itsourcecode |
Online Cake Ordering System |
2025-12-29T01:02:08.921Z | 2025-12-29T19:29:33.393Z | |
| cve-2025-15164 | Tenda WH450 SafeMacFilter stack-based overflow |
Tenda |
WH450 |
2025-12-29T00:32:07.802Z | 2025-12-29T00:32:07.802Z | |
| cve-2025-15163 | Tenda WH450 SafeEmailFilter stack-based overflow |
Tenda |
WH450 |
2025-12-29T00:02:07.226Z | 2025-12-29T21:03:37.471Z | |
| cve-2025-15067 | 8.5 (v4.0) 7.7 (v3.1) | Unrestricted File Upload and RCE in Innorix WP |
Innorix |
Innorix WP |
2025-12-29T00:59:38.660Z | 2025-12-29T17:31:32.666Z |
| cve-2025-15066 | 6.9 (v4.0) 6.2 (v3.1) | Arbitrary File Download through Path Traversal in Innorix WP |
Innorix |
Innorix WP |
2025-12-29T00:48:56.222Z | 2025-12-29T17:35:49.557Z |
| cve-2025-15065 | 8.6 (v4.0) 6.3 (v3.1) | Data Exposure in Kings Information & Network KESS Enterprise |
Kings Information & Network Co. |
KESS Enterprise |
2025-12-29T00:09:27.009Z | 2025-12-31T04:45:49.039Z |
| cve-2025-15162 | Tenda WH450 RouteStatic stack-based overflow |
Tenda |
WH450 |
2025-12-28T23:32:08.620Z | 2025-12-29T21:06:49.439Z | |
| cve-2025-15161 | Tenda WH450 PPTPUserSetting stack-based overflow |
Tenda |
WH450 |
2025-12-28T23:02:08.101Z | 2025-12-29T21:13:48.407Z | |
| cve-2025-15160 | Tenda WH450 PPTPServer stack-based overflow |
Tenda |
WH450 |
2025-12-28T22:32:07.881Z | 2025-12-29T16:08:39.716Z | |
| cve-2025-15156 | omec-project UPF PFCP Session Establishment Request me… |
omec-project |
UPF |
2025-12-28T22:02:06.001Z | 2025-12-29T16:08:01.587Z | |
| cve-2025-15155 | floooh sokol sokol_gfx.h _sg_pipeline_desc_defaults st… |
floooh |
sokol |
2025-12-28T21:32:10.957Z | 2025-12-29T14:43:28.566Z | |
| cve-2025-15154 | PbootCMS Header handle.php get_user_ip less trusted source |
n/a |
PbootCMS |
2025-12-28T21:02:07.992Z | 2025-12-29T14:48:02.795Z | |
| cve-2025-15153 | PbootCMS SQLite Database pbootcms.db file access |
n/a |
PbootCMS |
2025-12-28T20:32:07.587Z | 2025-12-29T14:55:49.904Z | |
| cve-2025-15152 | h-moses moga-mall PmsProductController.java addProduct… |
h-moses |
moga-mall |
2025-12-28T20:02:08.188Z | 2025-12-29T15:50:24.977Z | |
| cve-2025-15151 | TaleLin Lin-CMS Tests Folder config.py password in con… |
TaleLin |
Lin-CMS |
2025-12-28T19:32:05.944Z | 2025-12-29T15:52:38.176Z | |
| cve-2025-15150 | PX4 PX4-Autopilot mavlink_log_handler.cpp log_entry_fr… |
PX4 |
PX4-Autopilot |
2025-12-28T19:02:07.960Z | 2025-12-29T16:08:11.074Z | |
| cve-2025-15149 | rawchen ecms Add New Product updateProductServlet.java… |
rawchen |
ecms |
2025-12-28T18:32:06.054Z | 2025-12-29T21:17:12.684Z | |
| cve-2025-15148 | CmsEasy Backend Template Management template_admin.php… |
n/a |
CmsEasy |
2025-12-28T18:02:08.178Z | 2025-12-29T21:22:26.770Z | |
| cve-2025-15146 | SohuTV CacheCloud UserManageController.java doUserList… |
SohuTV |
CacheCloud |
2025-12-28T17:32:06.551Z | 2025-12-29T21:25:59.423Z | |
| cve-2025-68973 | 7.8 (v3.1) | In GnuPG before 2.4.9, armor_filter in g10/armor.… |
GnuPG |
GnuPG |
2025-12-28T16:19:11.019Z | 2025-12-31T03:34:28.426Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192277 | Malicious code in elf-stats-sugarplum-ribbon-151 (npm) | 2025-12-03T19:19:14Z | 2025-12-03T19:19:14Z |
| mal-2025-192275 | Malicious code in elf-stats-sleighing-mailbag-621 (npm) | 2025-12-03T19:10:54Z | 2025-12-23T21:08:54Z |
| mal-2025-192266 | Malicious code in elf-stats-silvered-star-676 (npm) | 2025-12-03T19:06:00Z | 2025-12-23T21:08:54Z |
| mal-2025-192263 | Malicious code in elf-stats-nutmeg-garland-645 (npm) | 2025-12-03T19:06:00Z | 2025-12-23T20:41:02Z |
| mal-2025-192268 | Malicious code in elf-stats-snowdusted-stockpile-595 (npm) | 2025-12-03T19:05:41Z | 2025-12-03T19:37:58Z |
| mal-2025-192261 | Malicious code in elf-stats-jolly-workshop-110 (npm) | 2025-12-03T18:59:26Z | 2025-12-03T19:37:58Z |
| mal-2025-192267 | Malicious code in elf-stats-snowdusted-lantern-234 (npm) | 2025-12-03T18:57:54Z | 2025-12-23T21:38:09Z |
| mal-2025-192270 | Malicious code in elf-stats-tinsel-candy-605 (npm) | 2025-12-03T18:49:05Z | 2025-12-23T22:09:11Z |
| mal-2025-192269 | Malicious code in elf-stats-snowdusted-train-837 (npm) | 2025-12-03T18:48:03Z | 2025-12-03T18:48:03Z |
| mal-2025-192265 | Malicious code in elf-stats-rooftop-fireplace-499 (npm) | 2025-12-03T18:48:03Z | 2025-12-23T21:08:54Z |
| mal-2025-192264 | Malicious code in elf-stats-rooftop-cocoa-966 (npm) | 2025-12-03T18:48:03Z | 2025-12-23T21:08:54Z |
| mal-2025-192262 | Malicious code in elf-stats-joyous-hollyberry-121 (npm) | 2025-12-03T18:48:03Z | 2025-12-03T18:48:03Z |
| mal-2025-192260 | Malicious code in elf-stats-flickering-ornament-344 (npm) | 2025-12-03T18:48:03Z | 2025-12-23T19:37:08Z |
| mal-2025-192255 | Malicious code in elf-stats-festive-workshop-566 (npm) | 2025-12-03T18:43:29Z | 2025-12-03T19:09:03Z |
| mal-2025-192257 | Malicious code in elf-stats-midnight-saddlebag-720 (npm) | 2025-12-03T18:40:37Z | 2025-12-03T19:09:03Z |
| mal-2025-192259 | Malicious code in unified11 (npm) | 2025-12-03T18:25:39Z | 2025-12-04T07:25:06Z |
| mal-2025-192258 | Malicious code in stats-engine (npm) | 2025-12-03T18:12:57Z | 2025-12-03T18:12:57Z |
| mal-2025-192256 | Malicious code in elf-stats-frostbitten-drum-529 (npm) | 2025-12-03T18:12:57Z | 2025-12-23T19:37:08Z |
| mal-2025-192254 | Malicious code in unified10 (npm) | 2025-12-03T18:06:52Z | 2025-12-04T07:25:06Z |
| mal-2025-192247 | Malicious code in elf-stats-holly-wishlist-355 (npm) | 2025-12-03T18:00:24Z | 2025-12-23T20:09:23Z |
| mal-2025-192249 | Malicious code in elf-stats-shimmering-muffin-598 (npm) | 2025-12-03T17:55:47Z | 2025-12-03T17:55:47Z |
| mal-2025-192252 | Malicious code in elf-stats-sleighing-mailbag-109 (npm) | 2025-12-03T17:53:09Z | 2025-12-23T21:08:54Z |
| mal-2025-192251 | Malicious code in elf-stats-silvered-stocking-120 (npm) | 2025-12-03T17:53:05Z | 2025-12-23T21:08:54Z |
| mal-2025-192250 | Malicious code in elf-stats-shimmering-workbench-301 (npm) | 2025-12-03T17:53:05Z | 2025-12-03T17:53:05Z |
| mal-2025-192253 | Malicious code in remark-stringify10 (npm) | 2025-12-03T17:50:51Z | 2025-12-04T07:25:05Z |
| mal-2025-192248 | Malicious code in elf-stats-marzipan-pantry-560 (npm) | 2025-12-03T17:50:51Z | 2025-12-23T20:41:02Z |
| mal-2025-192246 | Malicious code in remark-parse10 (npm) | 2025-12-03T17:35:41Z | 2025-12-04T07:25:05Z |
| mal-2025-192239 | Malicious code in elf-stats-tinsel-train-397 (npm) | 2025-12-03T17:35:41Z | 2025-12-03T17:35:41Z |
| mal-2025-192245 | Malicious code in remark-mdx2.3 (npm) | 2025-12-03T17:31:24Z | 2025-12-04T07:25:05Z |
| mal-2025-192220 | Malicious code in elf-stats-merry-cookiejar-646 (npm) | 2025-12-03T17:31:24Z | 2025-12-23T20:41:02Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:15387 | Red Hat Security Advisory: Red Hat OpenShift GitOps security update | 2025-09-04T19:38:44+00:00 | 2025-11-21T19:38:31+00:00 |
| rhsa-2025:15388 | Red Hat Security Advisory: Red Hat OpenShift GitOps security update | 2025-09-04T19:38:37+00:00 | 2025-11-21T19:38:32+00:00 |
| rhsa-2025:14858 | Red Hat Security Advisory: OpenShift Container Platform 4.16.47 bug fix and security update | 2025-09-04T17:05:36+00:00 | 2025-11-22T03:02:04+00:00 |
| rhsa-2025:14853 | Red Hat Security Advisory: OpenShift Container Platform 4.14.56 bug fix and security update | 2025-09-04T17:05:30+00:00 | 2025-11-22T03:02:03+00:00 |
| rhsa-2025:14818 | Red Hat Security Advisory: OpenShift Container Platform 4.18.23 bug fix and security update | 2025-09-04T17:03:51+00:00 | 2025-11-22T03:02:01+00:00 |
| rhsa-2025:15358 | Red Hat Security Advisory: updated RHEL-8 based Middleware Containers container images | 2025-09-04T16:29:43+00:00 | 2025-11-25T10:22:19+00:00 |
| rhsa-2025:15371 | Red Hat Security Advisory: Satellite 6 Client Bug Fix Update | 2025-09-04T15:54:46+00:00 | 2025-11-21T19:25:03+00:00 |
| rhsa-2025:15359 | Red Hat Security Advisory: postgresql:13 security update | 2025-09-04T14:50:26+00:00 | 2025-11-21T19:25:02+00:00 |
| rhsa-2025:14820 | Red Hat Security Advisory: OpenShift Container Platform 4.18.23 bug fix and security update | 2025-09-04T14:47:49+00:00 | 2025-11-29T06:53:04+00:00 |
| rhsa-2025:15361 | Red Hat Security Advisory: postgresql:12 security update | 2025-09-04T14:39:07+00:00 | 2025-11-21T19:25:03+00:00 |
| rhsa-2025:14859 | Red Hat Security Advisory: OpenShift Container Platform 4.16.47 bug fix and security update | 2025-09-04T13:50:12+00:00 | 2025-11-29T06:53:04+00:00 |
| rhsa-2025:15348 | Red Hat Security Advisory: python3.12 security update | 2025-09-04T13:09:46+00:00 | 2025-11-21T19:25:01+00:00 |
| rhsa-2025:15347 | Red Hat Security Advisory: qt5-qt3d security update | 2025-09-04T12:51:16+00:00 | 2025-11-21T19:25:01+00:00 |
| rhsa-2025:15337 | Red Hat Security Advisory: Red Hat build of Keycloak 26.0.15 Images Update | 2025-09-04T11:24:04+00:00 | 2025-11-21T19:24:59+00:00 |
| rhsa-2025:15338 | Red Hat Security Advisory: Red Hat build of Keycloak 26.2.8 Images Security Update | 2025-09-04T11:22:48+00:00 | 2025-11-21T19:25:00+00:00 |
| rhsa-2025:15339 | Red Hat Security Advisory: Red Hat build of Keycloak 26.2.8 Security Update | 2025-09-04T11:13:13+00:00 | 2025-11-21T19:25:01+00:00 |
| rhsa-2025:15336 | Red Hat Security Advisory: Red Hat build of Keycloak 26.0.15 Update | 2025-09-04T11:09:19+00:00 | 2025-11-21T19:24:59+00:00 |
| rhsa-2025:14855 | Red Hat Security Advisory: OpenShift Container Platform 4.14.56 bug fix and security update | 2025-09-04T04:22:43+00:00 | 2025-11-29T06:53:04+00:00 |
| rhsa-2025:14856 | Red Hat Security Advisory: OpenShift Container Platform 4.14.56 security and extras update | 2025-09-04T03:47:46+00:00 | 2025-11-29T00:08:53+00:00 |
| rhsa-2025:15227 | Red Hat Security Advisory: kernel security update | 2025-09-04T01:50:25+00:00 | 2025-11-21T19:24:56+00:00 |
| rhsa-2025:15224 | Red Hat Security Advisory: kernel-rt security update | 2025-09-04T01:18:44+00:00 | 2025-11-21T19:24:56+00:00 |
| rhsa-2025:14821 | Red Hat Security Advisory: OpenShift Container Platform 4.18.23 security and extras update | 2025-09-03T18:51:10+00:00 | 2025-11-29T00:08:53+00:00 |
| rhsa-2025:14860 | Red Hat Security Advisory: OpenShift Container Platform 4.16.47 security and extras update | 2025-09-03T14:26:28+00:00 | 2025-11-29T00:08:54+00:00 |
| rhsa-2025:15123 | Red Hat Security Advisory: httpd:2.4 security update | 2025-09-03T13:23:28+00:00 | 2025-11-21T19:24:53+00:00 |
| rhsa-2025:15122 | Red Hat Security Advisory: python-requests security update | 2025-09-03T13:23:28+00:00 | 2025-11-21T19:24:52+00:00 |
| rhsa-2025:15124 | Red Hat Security Advisory: Satellite 6.16.5.3 Async Update | 2025-09-03T13:15:43+00:00 | 2025-11-21T19:24:53+00:00 |
| rhsa-2025:15121 | Red Hat Security Advisory: python-requests security update | 2025-09-03T13:15:23+00:00 | 2025-11-21T19:24:52+00:00 |
| rhsa-2025:15115 | Red Hat Security Advisory: postgresql:12 security update | 2025-09-03T08:34:17+00:00 | 2025-11-21T19:24:52+00:00 |
| rhsa-2025:15114 | Red Hat Security Advisory: postgresql security update | 2025-09-03T05:40:37+00:00 | 2025-11-21T19:24:51+00:00 |
| rhsa-2025:14919 | Red Hat Security Advisory: Red Hat build of Cryostat 4.0.2: new RHEL 9 container image security update | 2025-09-03T02:15:18+00:00 | 2025-11-21T19:24:20+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-39703 | net, hsr: reject HSR frame if skb can't hold tag | 2025-09-02T00:00:00.000Z | 2025-09-07T01:01:27.000Z |
| msrc_cve-2025-39702 | ipv6: sr: Fix MAC comparison to be constant-time | 2025-09-02T00:00:00.000Z | 2025-09-07T01:03:29.000Z |
| msrc_cve-2025-39701 | ACPI: pfr_update: Fix the driver update version check | 2025-09-02T00:00:00.000Z | 2025-09-07T01:10:14.000Z |
| msrc_cve-2025-39697 | NFS: Fix a race when updating an existing write | 2025-09-02T00:00:00.000Z | 2025-09-07T01:01:52.000Z |
| msrc_cve-2025-39694 | s390/sclp: Fix SCCB present check | 2025-09-02T00:00:00.000Z | 2025-09-07T01:08:31.000Z |
| msrc_cve-2025-39693 | drm/amd/display: Avoid a NULL pointer dereference | 2025-09-02T00:00:00.000Z | 2025-09-07T01:08:47.000Z |
| msrc_cve-2025-39692 | smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy() | 2025-09-02T00:00:00.000Z | 2025-09-07T01:04:48.000Z |
| msrc_cve-2025-39691 | fs/buffer: fix use-after-free when call bh_read() helper | 2025-09-02T00:00:00.000Z | 2025-09-07T01:13:19.000Z |
| msrc_cve-2025-39689 | ftrace: Also allocate and copy hash for reading of filter files | 2025-09-02T00:00:00.000Z | 2025-09-07T01:05:43.000Z |
| msrc_cve-2025-39687 | iio: light: as73211: Ensure buffer holes are zeroed | 2025-09-02T00:00:00.000Z | 2025-09-07T01:08:07.000Z |
| msrc_cve-2025-39686 | comedi: Make insn_rw_emulate_bits() do insn->n samples | 2025-09-02T00:00:00.000Z | 2025-09-07T01:03:14.000Z |
| msrc_cve-2025-39685 | comedi: pcl726: Prevent invalid irq number | 2025-09-02T00:00:00.000Z | 2025-09-07T01:03:06.000Z |
| msrc_cve-2025-39684 | comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() | 2025-09-02T00:00:00.000Z | 2025-09-07T01:04:24.000Z |
| msrc_cve-2025-39683 | tracing: Limit access to parser->buffer when trace_get_user failed | 2025-09-02T00:00:00.000Z | 2025-09-07T01:14:30.000Z |
| msrc_cve-2025-39682 | tls: fix handling of zero-length records on the rx_list | 2025-09-02T00:00:00.000Z | 2025-09-07T01:10:35.000Z |
| msrc_cve-2025-39681 | x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper | 2025-09-02T00:00:00.000Z | 2025-09-07T01:15:12.000Z |
| msrc_cve-2025-39679 | drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor(). | 2025-09-02T00:00:00.000Z | 2025-09-07T01:13:53.000Z |
| msrc_cve-2025-39677 | net/sched: Fix backlog accounting in qdisc_dequeue_internal | 2025-09-02T00:00:00.000Z | 2025-12-07T01:50:08.000Z |
| msrc_cve-2025-39676 | scsi: qla4xxx: Prevent a potential error pointer dereference | 2025-09-02T00:00:00.000Z | 2025-09-07T01:14:07.000Z |
| msrc_cve-2025-39675 | drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() | 2025-09-02T00:00:00.000Z | 2025-09-07T01:12:13.000Z |
| msrc_cve-2025-39673 | ppp: fix race conditions in ppp_fill_forward_path | 2025-09-02T00:00:00.000Z | 2025-09-07T01:11:43.000Z |
| msrc_cve-2025-38736 | net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization | 2025-09-02T00:00:00.000Z | 2025-09-07T01:14:50.000Z |
| msrc_cve-2025-38735 | gve: prevent ethtool ops after shutdown | 2025-09-02T00:00:00.000Z | 2025-09-07T01:04:11.000Z |
| msrc_cve-2025-38734 | net/smc: fix UAF on smcsk after smc_listen_out() | 2025-09-02T00:00:00.000Z | 2025-11-27T01:01:58.000Z |
| msrc_cve-2025-38732 | netfilter: nf_reject: don't leak dst refcount for loopback packets | 2025-09-02T00:00:00.000Z | 2025-09-07T01:13:06.000Z |
| msrc_cve-2025-38730 | io_uring/net: commit partial buffers on retry | 2025-09-02T00:00:00.000Z | 2025-09-06T01:05:44.000Z |
| msrc_cve-2025-38729 | ALSA: usb-audio: Validate UAC3 power domain descriptors, too | 2025-09-02T00:00:00.000Z | 2025-09-06T01:02:22.000Z |
| msrc_cve-2025-38728 | smb3: fix for slab out of bounds on mount to ksmbd | 2025-09-02T00:00:00.000Z | 2025-09-06T01:11:14.000Z |
| msrc_cve-2025-38725 | net: usb: asix_devices: add phy_mask for ax88772 mdio bus | 2025-09-02T00:00:00.000Z | 2025-09-06T01:13:01.000Z |
| msrc_cve-2025-38724 | nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() | 2025-09-02T00:00:00.000Z | 2025-09-06T01:08:33.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2021-000900 | MagazinegerZ vulnerable to cross-site scripting | 2021-03-25T17:32+09:00 | 2021-03-25T17:32+09:00 |
| jvndb-2021-000023 | UNIVERGE Aspire series PBX vulnerable to denial-of-service (DoS) | 2021-03-22T14:57+09:00 | 2021-03-22T14:57+09:00 |
| jvndb-2021-000026 | Fuji Xerox multifunction devices and printers vulnerable to denial-of-service (DoS) | 2021-03-19T15:32+09:00 | 2021-04-12T13:30+09:00 |
| jvndb-2021-000025 | WordPress plugin "Paid Memberships Pro" vulnerable to SQL injection | 2021-03-17T16:24+09:00 | 2021-03-17T16:24+09:00 |
| jvndb-2021-000022 | Multiple vulnerabilities in Cybozu Office | 2021-03-15T15:56+09:00 | 2021-12-17T17:51+09:00 |
| jvndb-2021-000021 | M-System DL8 contains multiple vulnerabilities | 2021-03-12T15:59+09:00 | 2021-03-12T15:59+09:00 |
| jvndb-2021-000020 | Installer of MagicConnect Client program may insecurely load Dynamic Link Libraries | 2021-03-11T14:53+09:00 | 2021-03-11T14:53+09:00 |
| jvndb-2021-000019 | Multiple cross-site scripting vulnerabilities in GROWI | 2021-03-10T16:11+09:00 | 2021-03-10T16:11+09:00 |
| jvndb-2021-001123 | Multiple vulnerabilities in GROWI | 2021-03-09T14:17+09:00 | 2021-09-24T13:34+09:00 |
| jvndb-2021-001122 | Trend Micro Security (Consumer) vulnerable to code injection | 2021-03-08T17:26+09:00 | 2021-03-08T17:26+09:00 |
| jvndb-2021-000018 | The installers of E START products may insecurely load Dynamic Link Libraries | 2021-03-05T17:03+09:00 | 2023-11-16T15:41+09:00 |
| jvndb-2021-000017 | Multiple cross-site scripting vulnerabilities in Movable Type | 2021-02-24T15:20+09:00 | 2021-02-24T15:20+09:00 |
| jvndb-2021-000016 | Multiple vulnerabilities in SolarView Compact | 2021-02-19T16:44+09:00 | 2021-02-25T15:31+09:00 |
| jvndb-2021-001026 | Multiple Vulnerabilities in JP1/Automatic Operation | 2021-02-16T17:23+09:00 | 2021-02-16T17:23+09:00 |
| jvndb-2021-000015 | FileZen vulnerable to OS command injection | 2021-02-16T15:07+09:00 | 2021-03-05T17:31+09:00 |
| jvndb-2021-000014 | Calsos CSDJ fails to restrict access permissions | 2021-02-15T15:52+09:00 | 2021-02-15T15:52+09:00 |
| jvndb-2021-000013 | Wekan vulnerable to cross-site scripting | 2021-02-10T14:01+09:00 | 2021-02-10T14:01+09:00 |
| jvndb-2021-001022 | Cross-site Scripting Vulnerability in Hitachi Application Server Help | 2021-02-09T15:08+09:00 | 2021-02-09T15:08+09:00 |
| jvndb-2021-001021 | Improper access control vulnerability in JP1/IT Desktop Management 2 - Manager and JP1/NETM/Asset Information Manager | 2021-02-09T15:08+09:00 | 2021-02-09T15:08+09:00 |
| jvndb-2021-000012 | WordPress Plugin "Name Directory" vulnerable to cross-site request forgery | 2021-02-05T16:24+09:00 | 2021-02-05T16:24+09:00 |
| jvndb-2021-001017 | Trend Micro HouseCall for Home Networks (Windows Edition) may insecurely load Dynamic Link Libraries | 2021-02-04T15:42+09:00 | 2021-02-04T15:42+09:00 |
| jvndb-2021-000011 | Panasonic Video Insight VMS vulnerable to arbitrary code execution | 2021-02-04T15:39+09:00 | 2021-02-04T15:39+09:00 |
| jvndb-2021-001014 | Vulnerability in JP1/VERITAS | 2021-02-01T16:49+09:00 | 2021-02-01T16:49+09:00 |
| jvndb-2021-000007 | OS command injection vulnerability in multiple Infoscience Corporation log management tools | 2021-01-27T18:31+09:00 | 2022-07-26T15:53+09:00 |
| jvndb-2021-000009 | Android App "ELECOM File Manager" vulnerable to directory traversal | 2021-01-27T17:38+09:00 | 2021-01-27T17:38+09:00 |
| jvndb-2021-000008 | Multiple vulnerabilities in multiple ELECOM products | 2021-01-26T16:33+09:00 | 2021-01-26T16:33+09:00 |
| jvndb-2021-000010 | Multiple vulnerabilities in multiple LOGITEC products | 2021-01-26T16:26+09:00 | 2021-01-26T16:26+09:00 |
| jvndb-2021-001010 | TP-Link TL-WR841N V13 (JP) vulnerable to OS command injection | 2021-01-25T16:21+09:00 | 2021-01-25T16:21+09:00 |
| jvndb-2021-000006 | Multiple vulnerabilities in Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2 | 2021-01-22T17:55+09:00 | 2021-02-03T12:05+09:00 |
| jvndb-2021-000005 | GROWI vulnerable to cross-site scripting | 2021-01-19T14:05+09:00 | 2021-01-19T14:05+09:00 |
| ID | Description | Updated |
|---|