Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-frmv-pr5f-9mcr | Django vulnerable to SQL injection via _connector keyword argument in QuerySet and Q objects. | 2025-11-05T15:31:07Z | 2025-11-05T19:55:43Z |
| ghsa-pmj8-xcc6-hfrp | A denial of service vulnerability exists in the g_assert_not_reached functionality of Entr'ouve… | 2025-11-05T15:31:06Z | 2025-11-05T17:48:28Z |
| ghsa-j9px-r24r-fm3p | A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr… | 2025-11-05T15:31:06Z | 2025-11-05T17:48:28Z |
| ghsa-4p4q-6835-5w79 | A denial of service vulnerability exists in the lasso_node_init_from_message_with_format functional… | 2025-11-05T15:31:06Z | 2025-11-05T17:48:28Z |
| ghsa-mg7h-mgjw-mg5g | An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input valid… | 2025-11-05T15:31:05Z | 2025-11-05T15:31:05Z |
| ghsa-2vvf-4m7q-pvpx | A denial of service vulnerability exists in the lasso_provider_verify_saml_signature functionality … | 2025-11-05T15:31:05Z | 2025-11-05T17:48:28Z |
| ghsa-w6ph-hrmj-vffx | The FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce plugin f… | 2025-11-05T12:30:19Z | 2025-11-05T12:30:19Z |
| ghsa-m35w-xx8c-6xc7 | Apache Doris-MCP-Server: Improper Access Control results in bypassing a "read-only" mode | 2025-11-05T12:30:19Z | 2025-11-07T16:48:36Z |
| ghsa-f5fh-r4mj-fqj8 | The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Stored Cross-Site … | 2025-11-05T12:30:19Z | 2025-11-05T12:30:19Z |
| ghsa-99fv-75qw-h59w | The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Local File Inc… | 2025-11-05T12:30:19Z | 2025-11-05T12:30:19Z |
| ghsa-5ppg-2735-mfmv | The FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce plugin f… | 2025-11-05T12:30:19Z | 2025-11-05T12:30:19Z |
| ghsa-wjrf-gc3h-428q | The Visual Link Preview plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the p… | 2025-11-05T12:30:18Z | 2025-11-05T12:30:19Z |
| ghsa-8rfp-386c-p2rw | The Graphina – Elementor Charts and Graphs plugin for WordPress is vulnerable to Stored Cross-Site … | 2025-11-05T12:30:18Z | 2025-11-05T12:30:19Z |
| ghsa-7r77-r49w-qf55 | The Events Calendar plugin for WordPress is vulnerable to information disclosure in versions up to,… | 2025-11-05T12:30:18Z | 2025-11-05T12:30:18Z |
| ghsa-p7ww-wjh2-g3gw | The Control-M/Agent is vulnerable to unauthenticated remote code execution, arbitrary file read and… | 2025-11-05T09:30:26Z | 2025-11-05T09:30:26Z |
| ghsa-vcpc-5m37-qv5v | Optical Disc Archive Software provided by Sony Corporation registers a Windows service with an unqu… | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-rjf9-fxg3-f244 | The B Carousel Block – Responsive Image and Content Carousel plugin for WordPress is vulnerable to … | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-qjg9-678q-xgw7 | Multiple Roboticsware products provided by Roboticsware PTE. LTD. register Windows services with un… | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-h8f7-hc62-fwj7 | The KiotViet Sync plugin for WordPress is vulnerable to unauthorized modification of data due to a … | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-f8wq-xr9h-w4f8 | The KiotViet Sync plugin for WordPress is vulnerable to arbitrary file uploads due to missing file … | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-f5h4-c4jw-c4gm | A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticat… | 2025-11-05T09:30:25Z | 2025-11-06T09:30:27Z |
| ghsa-6rw4-g9p6-qw7p | The KiotViet Sync plugin for WordPress is vulnerable to authorizarion bypass in all versions up to,… | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-4whc-73rx-33pq | The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable… | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-48mf-wgq9-gwrv | The KiotViet Sync plugin for WordPress is vulnerable to Sensitive Information Exposure in all versi… | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-2wwx-4xj6-c38h | The File Manager for Google Drive – Integrate Google Drive with WordPress plugin for WordPress is v… | 2025-11-05T09:30:25Z | 2025-11-05T09:30:25Z |
| ghsa-7vr5-68r6-mx7p | The Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, I… | 2025-11-05T09:30:24Z | 2025-11-05T09:30:24Z |
| ghsa-52h6-5xm4-pr2j | The WPeMatico RSS Feed Fetcher plugin for WordPress is vulnerable to Server-Side Request Forgery in… | 2025-11-05T09:30:24Z | 2025-11-05T09:30:24Z |
| ghsa-vrx8-mx5x-r6qv | Improper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to c… | 2025-11-05T06:30:26Z | 2025-11-05T06:30:26Z |
| ghsa-v22x-qm55-p7pm | The Ace User Management WordPress plugin through 2.0.3 does not properly validate that a password r… | 2025-11-05T06:30:26Z | 2025-11-05T21:31:01Z |
| ghsa-f39f-cwqh-hrrj | Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows ad… | 2025-11-05T06:30:26Z | 2025-11-05T06:30:26Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-10907 | 8.4 (v3.1) | Authenticated Arbitrary File Upload in Multiple WSO2 P… |
WSO2 |
WSO2 API Manager |
2025-11-05T18:03:49.831Z | 2025-11-05T18:49:44.604Z |
| cve-2025-10713 | 6.5 (v3.1) | XML External Entity (XXE) Vulnerability in Multiple WS… |
WSO2 |
WSO2 Enterprise Integrator |
2025-11-05T17:18:24.719Z | 2025-11-05T18:15:56.913Z |
| cve-2025-43990 | 7.3 (v3.1) | Dell Command Monitor (DCM), versions prior to 10.… |
Dell |
Command Monitor (DCM) |
2025-11-05T17:01:23.986Z | 2025-11-06T04:55:47.809Z |
| cve-2025-46366 | 6.7 (v3.1) | Dell CloudLink, versions prior to 8.1.1, contain … |
Dell |
CloudLink |
2025-11-05T16:50:28.754Z | 2025-11-06T04:55:41.794Z |
| cve-2025-46424 | 6.7 (v3.1) | Dell CloudLink, versions prior to 8.2, contain us… |
Dell |
CloudLink |
2025-11-05T16:46:25.707Z | 2025-11-06T04:55:40.938Z |
| cve-2025-46365 | 5.3 (v3.1) | Dell CloudLink, versions prior 8.1.1, contain a C… |
Dell |
CloudLink |
2025-11-05T16:40:39.934Z | 2025-11-06T04:55:40.128Z |
| cve-2025-46364 | 9.1 (v3.1) | Dell CloudLink, versions prior to 8.1.1, contain … |
Dell |
CloudLin |
2025-11-05T16:36:00.347Z | 2025-11-06T04:55:39.277Z |
| cve-2025-20304 | Multiple vulnerabilities in the web-based managem… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:33:27.573Z | 2025-11-05T20:20:07.804Z | |
| cve-2025-20305 | A vulnerability in the web-based management inter… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:32:52.800Z | 2025-11-05T20:19:33.833Z | |
| cve-2025-20289 | Multiple vulnerabilities in the web-based managem… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:32:28.860Z | 2025-11-05T20:18:33.404Z | |
| cve-2025-20303 | Multiple vulnerabilities in the web-based managem… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:32:02.482Z | 2025-11-05T20:17:21.630Z | |
| cve-2025-45379 | 8.4 (v3.1) | Dell CloudLink, versions prior to 8.2, contain a … |
Dell |
CloudLink |
2025-11-05T16:31:57.457Z | 2025-11-06T04:55:38.394Z |
| cve-2025-20377 | Cisco Unified Intelligence Center API Information Disc… |
Cisco |
Cisco Packaged Contact Center Enterprise |
2025-11-05T16:31:52.595Z | 2025-11-05T20:14:05.911Z | |
| cve-2025-20375 | Cisco Unified Contact Center Express Arbitrary File Up… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:43.035Z | 2025-11-06T04:55:45.946Z | |
| cve-2025-20376 | Cisco Unified Contact Center Express Remote Code Execu… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:38.793Z | 2025-11-06T04:55:44.673Z | |
| cve-2025-20374 | Cisco Unified Contact Center Express Arbitrary File Do… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:23.862Z | 2025-11-05T20:11:12.630Z | |
| cve-2025-20358 | Cisco Unified Contact Center Express Editor Authentica… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:23.210Z | 2025-11-06T04:55:43.689Z | |
| cve-2025-20354 | Cisco Unified Contact Center Express Remote Code Execu… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:14.821Z | 2025-11-06T04:55:42.828Z | |
| cve-2025-20343 | Cisco Identity Services Engine Radius Suppression Deni… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:31:05.000Z | 2025-11-05T20:07:12.870Z | |
| cve-2025-30479 | 8.4 (v3.1) | Dell CloudLink, versions prior to 8.2, contain a … |
Dell |
CloudLink |
2025-11-05T16:27:33.266Z | 2025-11-06T04:55:37.459Z |
| cve-2025-45378 | 9.1 (v3.1) | Dell CloudLink, versions 8.0 through 8.1.2, conta… |
Dell |
CloudLink |
2025-11-05T16:23:15.673Z | 2025-11-06T04:55:36.592Z |
| cve-2025-64459 | Potential SQL injection via _connector keyword argumen… |
djangoproject |
Django |
2025-11-05T15:09:58.239Z | 2025-11-08T12:49:45.129Z | |
| cve-2025-64458 | Potential denial-of-service vulnerability in HttpRespo… |
djangoproject |
Django |
2025-11-05T15:07:17.031Z | 2025-11-05T16:20:57.265Z | |
| cve-2025-47151 | A type confusion vulnerability exists in the lass… |
Entr'ouvert |
Lasso |
2025-11-05T14:57:01.436Z | 2025-11-05T22:35:15.897Z | |
| cve-2025-46404 | A denial of service vulnerability exists in the l… |
Entr'ouvert |
Lasso |
2025-11-05T14:56:59.671Z | 2025-11-05T22:36:18.932Z | |
| cve-2025-46784 | A denial of service vulnerability exists in the l… |
Entr'ouvert |
Lasso |
2025-11-05T14:56:57.782Z | 2025-11-05T22:34:21.323Z | |
| cve-2025-46705 | A denial of service vulnerability exists in the g… |
Entr'ouvert |
Lasso |
2025-11-05T14:56:55.535Z | 2025-11-05T22:36:34.501Z | |
| cve-2025-3125 | 6.7 (v3.1) | Authenticated Arbitrary File Upload in Multiple WSO2 P… |
WSO2 |
WSO2 Identity Server |
2025-11-05T14:49:44.597Z | 2025-11-05T18:59:01.426Z |
| cve-2025-52602 | 4.2 (v3.1) | HCL BigFix Query is affected by a sensitive informatio… |
HCL Software |
BigFix Query |
2025-11-05T14:46:46.537Z | 2025-11-05T18:58:08.387Z |
| cve-2025-11745 | Ad Inserter <= 2.8.7 - Authenticated (Contributor+) St… |
spacetime |
Ad Inserter – Ad Manager & AdSense Ads |
2025-11-05T11:24:40.781Z | 2025-11-05T11:24:40.781Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-64114 | ClipBucket v5: SQL Injection possible through ClipBuck… |
MacWarrior |
clipbucket-v5 |
2025-11-05T23:30:59.120Z | 2025-11-06T21:19:38.854Z | |
| cve-2025-62596 | youki container escape and denial of service due to ar… |
youki-dev |
youki |
2025-11-05T23:14:37.167Z | 2025-11-06T16:54:15.942Z | |
| cve-2025-62161 | youki container escape via "masked path" abuse due to … |
youki-dev |
youki |
2025-11-05T23:09:09.014Z | 2025-11-06T21:20:19.865Z | |
| cve-2025-55278 | 8.1 (v3.1) | HCL DevOps Loop is susceptible to an improper authenti… |
HCL Software |
DevOps Loop |
2025-11-05T22:44:17.256Z | 2025-11-06T21:20:55.355Z |
| cve-2025-12779 | 8.8 (v4.0) 8.8 (v3.1) | Improper handling of the authentication token in … |
Amazon |
Amazon WorkSpaces |
2025-11-05T21:20:51.567Z | 2025-11-10T18:52:51.286Z |
| cve-2025-63585 | N/A | OSSN (Open Source Social Network) 8.6 is vulnerab… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-06T21:21:50.790Z |
| cve-2025-60784 | N/A | A vulnerability in the XiaozhangBang Voluntary Li… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T21:01:51.302Z |
| cve-2025-63334 | N/A | PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 cont… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T20:18:30.677Z |
| cve-2025-10853 | 5.2 (v3.1) | Reflected Cross-Site Scripting (XSS) in Management Con… |
WSO2 |
WSO2 Open Banking IAM |
2025-11-05T19:21:32.971Z | 2025-11-05T19:58:21.875Z |
| cve-2025-63418 | N/A | A DOM-based Cross-Site Scripting (XSS) vulnerabil… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-06T16:56:12.356Z |
| cve-2025-63417 | N/A | A Stored Cross-Site Scripting (XSS) vulnerability… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-06T16:58:11.284Z |
| cve-2025-63416 | N/A | ** exclusively-hosted-service ** A Stored Cross-S… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T19:08:09.280Z |
| cve-2025-5770 | 6.1 (v3.1) | Reflected Cross-Site Scripting (XSS) in Authentication… |
WSO2 |
WSO2 Identity Server |
2025-11-05T19:02:48.434Z | 2025-11-05T20:13:05.330Z |
| cve-2025-56232 | N/A | GOG Galaxy 2.0.0.2 suffers from Missing SSL Certi… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-06T21:22:57.293Z |
| cve-2025-55343 | N/A | Quipux 4.0.1 through e1774ac allows authenticated… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T19:20:45.969Z |
| cve-2025-55342 | N/A | Quipux 4.0.1 through e1774ac allows enumeration o… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-06T17:01:19.835Z |
| cve-2025-55341 | N/A | Cross Site Scripting vulnerability in Quipux 4.0.… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-06T17:03:33.164Z |
| cve-2025-43418 | N/A | This issue was addressed by restricting options o… |
Apple |
iOS and iPadOS |
2025-11-05T18:33:35.485Z | 2025-11-05T18:50:52.441Z |
| cve-2025-31954 | 5.4 (v3.1) | HCL iAutomate is susceptible to a sensitive informatio… |
HCL Software |
iAutomate |
2025-11-05T18:23:21.019Z | 2025-11-05T18:46:53.781Z |
| cve-2025-12745 | QuickJS quickjs.c js_array_buffer_slice buffer over-read |
n/a |
QuickJS |
2025-11-05T18:32:07.580Z | 2025-11-05T19:26:04.149Z | |
| cve-2025-11093 | 8.4 (v3.1) | Arbitrary Code Execution with higher privileged users … |
WSO2 |
WSO2 Micro Integrator |
2025-11-05T18:31:17.873Z | 2025-11-05T19:39:15.696Z |
| cve-2023-43000 | N/A | A use-after-free issue was addressed with improve… |
Apple |
macOS |
2025-11-05T18:33:23.777Z | 2025-11-12T00:20:51.403Z |
| cve-2025-56231 | N/A | Tonec Internet Download Manager 6.42.41.1 and ear… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T20:24:57.560Z |
| cve-2025-10907 | 8.4 (v3.1) | Authenticated Arbitrary File Upload in Multiple WSO2 P… |
WSO2 |
WSO2 API Manager |
2025-11-05T18:03:49.831Z | 2025-11-05T18:49:44.604Z |
| cve-2025-10713 | 6.5 (v3.1) | XML External Entity (XXE) Vulnerability in Multiple WS… |
WSO2 |
WSO2 Enterprise Integrator |
2025-11-05T17:18:24.719Z | 2025-11-05T18:15:56.913Z |
| cve-2025-63248 | N/A | DWSurvey 6.14.0 is vulnerable to Incorrect Access… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T20:03:23.117Z |
| cve-2025-59716 | N/A | ownCloud Guests before 0.12.5 allows unauthentica… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T20:10:32.262Z |
| cve-2025-57244 | N/A | OpenKM Community Edition 6.3.12 is vulnerable to … |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T19:57:23.140Z |
| cve-2025-46424 | 6.7 (v3.1) | Dell CloudLink, versions prior to 8.2, contain us… |
Dell |
CloudLink |
2025-11-05T16:46:25.707Z | 2025-11-06T04:55:40.938Z |
| cve-2025-46366 | 6.7 (v3.1) | Dell CloudLink, versions prior to 8.1.1, contain … |
Dell |
CloudLink |
2025-11-05T16:50:28.754Z | 2025-11-06T04:55:41.794Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-137706 | Malicious code in vera-ketan60-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137705 | Malicious code in vera-keripik75-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137704 | Malicious code in vera-keripik74-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137703 | Malicious code in vera-kepok31-sumpek (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137702 | Malicious code in vera-kemplang48-sumpek (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137701 | Malicious code in vera-jengkol98-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137700 | Malicious code in vera-jamblang72-sumpek (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137699 | Malicious code in vera-jamblang39-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137698 | Malicious code in vera-gaplek47-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137697 | Malicious code in vera-gaplek38-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137696 | Malicious code in vera-gaplek2-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137695 | Malicious code in vera-gandul94-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137694 | Malicious code in vera-donat49-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137693 | Malicious code in vera-buburayam75-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137692 | Malicious code in vera-bakwan16-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137691 | Malicious code in vera-bakso46-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137690 | Malicious code in vera-asinan75-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137689 | Malicious code in vera-asinan56-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137688 | Malicious code in varying_tortoise_z3n (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137687 | Malicious code in various_swan_z3n (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137686 | Malicious code in varied_tarsier_z3n (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137685 | Malicious code in varied_llama_z3n (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137684 | Malicious code in valuable_frog_z3n (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137683 | Malicious code in valuable_bat_z3n (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137682 | Malicious code in valid_gibbon_z3n (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137681 | Malicious code in vague_quail_z3n (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137680 | Malicious code in utomo-telurtahu34-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137679 | Malicious code in utomo-tek95-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137678 | Malicious code in utomo-tek32-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137677 | Malicious code in utomo-teh37-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:13939 | Red Hat Security Advisory: golang security update | 2025-08-18T00:24:18+00:00 | 2025-11-06T23:42:04+00:00 |
| rhsa-2025:13932 | Red Hat Security Advisory: Red Hat OpenShift Builds 1.5.1 | 2025-08-14T22:50:13+00:00 | 2025-11-11T16:24:37+00:00 |
| rhsa-2025:13931 | Red Hat Security Advisory: Red Hat OpenShift Builds 1.5.1 | 2025-08-14T22:06:55+00:00 | 2025-11-11T16:24:37+00:00 |
| rhsa-2025:13904 | Red Hat Security Advisory: RHOAI 2.23.0 - Red Hat OpenShift AI | 2025-08-14T16:11:10+00:00 | 2025-11-11T20:38:58+00:00 |
| rhsa-2025:13681 | Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP1 security update | 2025-08-14T13:51:01+00:00 | 2025-11-11T12:34:30+00:00 |
| rhsa-2025:13680 | Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP1 security update | 2025-08-14T13:43:29+00:00 | 2025-11-11T12:34:30+00:00 |
| rhsa-2025:13289 | Red Hat Security Advisory: OpenShift Container Platform 4.14.55 bug fix and security update | 2025-08-14T04:08:11+00:00 | 2025-11-07T18:40:19+00:00 |
| rhsa-2025:13291 | Red Hat Security Advisory: OpenShift Container Platform 4.14.55 security and extras update | 2025-08-14T01:26:54+00:00 | 2025-11-06T22:56:23+00:00 |
| rhsa-2025:13806 | Red Hat Security Advisory: libxml2 security update | 2025-08-13T16:02:36+00:00 | 2025-11-06T23:14:41+00:00 |
| rhsa-2025:13804 | Red Hat Security Advisory: python3.11-setuptools security update | 2025-08-13T15:33:01+00:00 | 2025-11-07T03:32:33+00:00 |
| rhsa-2025:13805 | Red Hat Security Advisory: kernel security update | 2025-08-13T15:29:16+00:00 | 2025-11-11T09:06:18+00:00 |
| rhsa-2025:13803 | Red Hat Security Advisory: python3.11-setuptools security update | 2025-08-13T15:25:41+00:00 | 2025-11-07T03:32:31+00:00 |
| rhsa-2025:13685 | Red Hat Security Advisory: Red Hat JBoss Web Server 6.1.2 release and security update | 2025-08-13T15:06:51+00:00 | 2025-11-06T23:42:02+00:00 |
| rhsa-2025:13686 | Red Hat Security Advisory: Red Hat JBoss Web Server 6.1.2 release and security update | 2025-08-13T15:04:27+00:00 | 2025-11-06T23:42:02+00:00 |
| rhsa-2025:13789 | Red Hat Security Advisory: libxml2 security update | 2025-08-13T10:46:22+00:00 | 2025-11-06T23:14:41+00:00 |
| rhsa-2025:13788 | Red Hat Security Advisory: libxml2 security update | 2025-08-13T10:38:41+00:00 | 2025-11-06T23:14:41+00:00 |
| rhsa-2025:13782 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-08-13T09:46:26+00:00 | 2025-11-06T23:14:41+00:00 |
| rhsa-2025:13781 | Red Hat Security Advisory: kernel security update | 2025-08-13T09:41:41+00:00 | 2025-11-11T20:29:52+00:00 |
| rhsa-2025:13780 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-08-13T09:40:36+00:00 | 2025-11-06T23:14:40+00:00 |
| rhsa-2025:13777 | Red Hat Security Advisory: krb5 security update | 2025-08-13T05:03:10+00:00 | 2025-10-30T14:55:37+00:00 |
| rhsa-2025:13776 | Red Hat Security Advisory: kernel security update | 2025-08-13T02:49:20+00:00 | 2025-11-11T11:27:21+00:00 |
| rhsa-2025:13338 | Red Hat Security Advisory: OpenShift Container Platform 4.16.46 security and extras update | 2025-08-13T01:45:55+00:00 | 2025-11-06T22:56:25+00:00 |
| rhsa-2025:13327 | Red Hat Security Advisory: OpenShift Container Platform 4.18.22 security and extras update | 2025-08-13T01:15:12+00:00 | 2025-11-06T22:56:24+00:00 |
| rhsa-2025:13775 | Red Hat Security Advisory: mod_security security update | 2025-08-12T20:24:49+00:00 | 2025-11-08T07:17:00+00:00 |
| rhsa-2025:13716 | Red Hat Security Advisory: mod_security security update | 2025-08-12T15:30:48+00:00 | 2025-11-08T07:16:58+00:00 |
| rhsa-2025:13688 | Red Hat Security Advisory: libxml2 security update | 2025-08-12T13:01:38+00:00 | 2025-11-06T23:14:39+00:00 |
| rhsa-2025:13689 | Red Hat Security Advisory: libxml2 security update | 2025-08-12T12:44:33+00:00 | 2025-11-06T23:14:40+00:00 |
| rhsa-2025:13683 | Red Hat Security Advisory: libxml2 security update | 2025-08-12T12:30:08+00:00 | 2025-11-06T23:14:39+00:00 |
| rhsa-2025:13684 | Red Hat Security Advisory: libxml2 security update | 2025-08-12T12:25:23+00:00 | 2025-11-06T23:14:39+00:00 |
| rhsa-2025:13677 | Red Hat Security Advisory: libxml2 security update | 2025-08-12T09:47:28+00:00 | 2025-11-06T23:14:39+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-38274 | fpga: fix potential null pointer deref in fpga_mgr_test_img_load_sgt() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38272 | net: dsa: b53: do not enable EEE on bcm63xx | 2025-07-02T00:00:00.000Z | 2025-09-04T02:17:12.000Z |
| msrc_cve-2025-38269 | btrfs: exit after state insertion failure at btrfs_convert_extent_bit() | 2025-07-02T00:00:00.000Z | 2025-09-04T02:13:28.000Z |
| msrc_cve-2025-38265 | serial: jsm: fix NPE during jsm_uart_port_init | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38264 | nvme-tcp: sanitize request list handling | 2025-07-02T00:00:00.000Z | 2025-09-03T23:24:11.000Z |
| msrc_cve-2025-38263 | bcache: fix NULL pointer in cache_set_flush() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38262 | tty: serial: uartlite: register uart driver in init | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38261 | riscv: save the SR_SUM status over switches | 2025-07-02T00:00:00.000Z | 2025-09-04T00:02:03.000Z |
| msrc_cve-2025-38260 | btrfs: handle csum tree error with rescue=ibadroots correctly | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38259 | ASoC: codecs: wcd9335: Fix missing free of regulator supplies | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38258 | mm/damon/sysfs-schemes: free old damon_sysfs_scheme_filter->memcg_path on write | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38257 | s390/pkey: Prevent overflow in size calculation for memdup_user() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38251 | atm: clip: prevent NULL deref in clip_push() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38250 | Bluetooth: hci_core: Fix use-after-free in vhci_flush() | 2025-07-02T00:00:00.000Z | 2025-09-03T23:38:51.000Z |
| msrc_cve-2025-38249 | ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38248 | bridge: mcast: Fix use-after-free during router port configuration | 2025-07-02T00:00:00.000Z | 2025-09-03T23:32:57.000Z |
| msrc_cve-2025-38246 | bnxt: properly flush XDP redirect lists | 2025-07-02T00:00:00.000Z | 2025-09-03T23:27:31.000Z |
| msrc_cve-2025-38245 | atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38244 | smb: client: fix potential deadlock when reconnecting channels | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38239 | scsi: megaraid_sas: Fix invalid node index | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38237 | media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode() | 2025-07-02T00:00:00.000Z | 2025-09-03T23:10:02.000Z |
| msrc_cve-2025-38236 | af_unix: Don't leave consecutive consumed OOB skbs. | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38234 | sched/rt: Fix race in push_rt_task | 2025-07-02T00:00:00.000Z | 2025-09-03T22:13:44.000Z |
| msrc_cve-2025-38232 | NFSD: fix race between nfsd registration and exports_proc | 2025-07-02T00:00:00.000Z | 2025-09-03T22:20:10.000Z |
| msrc_cve-2025-38231 | nfsd: Initialize ssc before laundromat_work to prevent NULL dereference | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38230 | jfs: validate AG parameters in dbMount() to prevent crashes | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38229 | media: cxusb: no longer judge rbuf when the write fails | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38227 | media: vidtv: Terminating the subsequent process of initialization failure | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38226 | media: vivid: Change the siize of the composing | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38225 | media: imx-jpeg: Cleanup after an allocation error | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2021-000011 | Panasonic Video Insight VMS vulnerable to arbitrary code execution | 2021-02-04T15:39+09:00 | 2021-02-04T15:39+09:00 |
| jvndb-2021-001014 | Vulnerability in JP1/VERITAS | 2021-02-01T16:49+09:00 | 2021-02-01T16:49+09:00 |
| jvndb-2021-000007 | OS command injection vulnerability in multiple Infoscience Corporation log management tools | 2021-01-27T18:31+09:00 | 2022-07-26T15:53+09:00 |
| jvndb-2021-000009 | Android App "ELECOM File Manager" vulnerable to directory traversal | 2021-01-27T17:38+09:00 | 2021-01-27T17:38+09:00 |
| jvndb-2021-000008 | Multiple vulnerabilities in multiple ELECOM products | 2021-01-26T16:33+09:00 | 2021-01-26T16:33+09:00 |
| jvndb-2021-000010 | Multiple vulnerabilities in multiple LOGITEC products | 2021-01-26T16:26+09:00 | 2021-01-26T16:26+09:00 |
| jvndb-2021-001010 | TP-Link TL-WR841N V13 (JP) vulnerable to OS command injection | 2021-01-25T16:21+09:00 | 2021-01-25T16:21+09:00 |
| jvndb-2021-000006 | Multiple vulnerabilities in Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2 | 2021-01-22T17:55+09:00 | 2021-02-03T12:05+09:00 |
| jvndb-2021-000005 | GROWI vulnerable to cross-site scripting | 2021-01-19T14:05+09:00 | 2021-01-19T14:05+09:00 |
| jvndb-2021-000004 | Multiple vulnerabilities in acmailer | 2021-01-14T16:22+09:00 | 2021-01-14T16:22+09:00 |
| jvndb-2021-000003 | The installer of SKYSEA Client View may insecurely load Dynamic Link Libraries | 2021-01-12T15:53+09:00 | 2021-01-12T15:53+09:00 |
| jvndb-2021-000002 | Multiple NEC Products vulnerable to authentication bypass | 2021-01-04T17:24+09:00 | 2021-01-08T12:22+09:00 |
| jvndb-2021-000001 | Multiple vulnerabilities in UNIVERGE SV9500/SV8500 series | 2021-01-04T14:37+09:00 | 2021-01-04T14:37+09:00 |
| jvndb-2020-009965 | Cleartext Transmission of Sensitive Information Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2020-12-21T17:48+09:00 | 2020-12-21T17:48+09:00 |
| jvndb-2020-009964 | Improper certificate validation vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2020-12-21T17:48+09:00 | 2020-12-21T17:48+09:00 |
| jvndb-2020-010072 | Cross-site Scripting Vulnerability in Hitachi Command Suite | 2020-12-21T14:20+09:00 | 2020-12-21T14:20+09:00 |
| jvndb-2020-000087 | Management software for NEC Storage disk array system vulnerable to improper server certificate verification | 2020-12-18T17:00+09:00 | 2021-07-21T16:21+09:00 |
| jvndb-2020-000086 | Self-Extracting files created by multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries | 2020-12-18T16:47+09:00 | 2020-12-18T16:47+09:00 |
| jvndb-2020-000085 | Multiple vulnerabilities in GROWI | 2020-12-15T15:41+09:00 | 2021-08-30T16:29+09:00 |
| jvndb-2020-000083 | Multiple vulnerabilities in Aterm SA3500G | 2020-12-11T16:59+09:00 | 2020-12-11T16:59+09:00 |
| jvndb-2020-000084 | Apache Struts 2 vulnerable to remote code execution (S2-061) | 2020-12-11T15:09+09:00 | 2022-08-09T13:55+09:00 |
| jvndb-2020-000082 | FileZen vulnerable to directory traversal | 2020-12-10T15:21+09:00 | 2020-12-10T15:21+09:00 |
| jvndb-2020-009771 | ServerProtect for Linux vulnerable to heap-based buffer overflow | 2020-12-08T12:34+09:00 | 2020-12-08T12:34+09:00 |
| jvndb-2020-000081 | Apache Cordova Plugin camera vulnerable to information exposure | 2020-12-07T16:34+09:00 | 2020-12-07T16:34+09:00 |
| jvndb-2020-000080 | Multiple vulnerabilities in EC-CUBE | 2020-12-03T18:15+09:00 | 2020-12-03T18:15+09:00 |
| jvndb-2020-000079 | desknet's NEO vulnerable to cross-site scripting | 2020-12-03T17:54+09:00 | 2023-03-08T17:02+09:00 |
| jvndb-2020-000077 | Multiple vulnerabilities in GROWI | 2020-11-25T14:54+09:00 | 2020-11-25T14:54+09:00 |
| jvndb-2020-000076 | NETGEAR GS108Ev3 vulnerable to cross-site request forgery | 2020-11-24T14:32+09:00 | 2020-11-24T14:32+09:00 |
| jvndb-2020-000075 | The installers of multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries | 2020-11-20T15:39+09:00 | 2020-11-20T15:39+09:00 |
| jvndb-2020-009590 | Trend Micro Security 2020 (Consumer) is vulnerable to arbitrary file deletion | 2020-11-19T18:03+09:00 | 2020-11-19T18:03+09:00 |
| ID | Description | Updated |
|---|