Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-x537-qj98-fh4f | Rejected reason: Not used | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-x2gm-m7w7-2jvh | Rejected reason: Not used | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-vm9p-cjxm-7x59 | Improper handling of insufficient permissions or privileges in Samsung Account prior to version 15.… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-v6qv-c42f-74pm | The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnera… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-rr7q-fp5v-74gg | Rejected reason: Not used | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-r4jr-4jcc-p7qg | Improper input validation in Samsung Email prior to version 6.2.06.0 allows local attackers to laun… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-q6x7-qqgq-h832 | The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions … | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-mrqj-5x6c-fvcx | The The Events Calendar plugin for WordPress is vulnerable to blind SQL Injection via the 's' param… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-hvcm-6j9r-922f | Rejected reason: Not used | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-gx3m-376p-9g95 | Rejected reason: Not used | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-fx86-2vc6-jxpq | Out-of-bounds write in handling opcode in fingerprint trustlet prior to SMR Nov-2025 Release 1 allo… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-fwpv-8w5r-6h2x | The SMS for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the … | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-ch23-x532-vgwg | The ElementInvader Addons for Elementor WordPress plugin before 1.4.1 allows unauthenticated user t… | 2025-11-05T06:30:25Z | 2025-11-05T21:31:01Z |
| ghsa-c798-f247-mv6f | Out-of-bounds write in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attacke… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-9r3j-gc74-fvx7 | Insecure default configuration in USB connection mode prior to SMR Nov-2025 Release 1 allows privil… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-93gj-8p48-h7f8 | The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restrictio… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-8jg3-f28x-33h3 | The FunnelKit WordPress plugin before 3.12.0.1 does not sanitize user input before echoing it back… | 2025-11-05T06:30:25Z | 2025-11-05T21:31:01Z |
| ghsa-8652-4qrv-r8hp | Rejected reason: Not used | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-6p65-2966-2gj7 | Rejected reason: Not used | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-57cg-g95j-25q3 | Out-of-bounds read in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attacker… | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-49q4-53vc-m8p9 | The MelAbu WP Download Counter Button WordPress plugin through 1.8.6.7 does not validate the path o… | 2025-11-05T06:30:25Z | 2025-11-05T21:31:01Z |
| ghsa-4245-33hh-r4j6 | Rejected reason: Not used | 2025-11-05T06:30:25Z | 2025-11-05T06:30:25Z |
| ghsa-99pj-8225-q39g | The Features plugin for WordPress is vulnerable to unauthorized modification of data due to a missi… | 2025-11-05T03:30:24Z | 2025-11-05T03:30:24Z |
| ghsa-6wgh-rvcx-89g9 | The Everest Forms (Pro) plugin for WordPress is vulnerable to PHP Object Injection in all versions … | 2025-11-05T03:30:24Z | 2025-11-05T03:30:24Z |
| ghsa-jc85-fpwf-qm7x | expr-eval does not restrict functions passed to the evaluate function | 2025-11-05T03:30:23Z | 2025-11-10T19:06:03Z |
| ghsa-xmpw-v77r-v8qg | CVE-2025-59595 is an internally discovered denial of service vulnerability in versions of Secure A… | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ghsa-v5rq-p42m-gh9q | Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer overflow while processing a … | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ghsa-r879-mf96-p9qf | CVE-2025-59596 is a denial-of-service vulnerability in Secure Access Windows client versions 12.0 … | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ghsa-ph8v-q2pj-5pg4 | Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the upda… | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ghsa-h64p-rwjv-9xcw | A maliciously crafted project file may cause a heap-based buffer overflow in Fuji Electric Monito… | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-52602 | 4.2 (v3.1) | HCL BigFix Query is affected by a sensitive informatio… |
HCL Software |
BigFix Query |
2025-11-05T14:46:46.537Z | 2025-11-05T18:58:08.387Z |
| cve-2025-11745 | Ad Inserter <= 2.8.7 - Authenticated (Contributor+) St… |
spacetime |
Ad Inserter – Ad Manager & AdSense Ads |
2025-11-05T11:24:40.781Z | 2025-11-05T11:24:40.781Z | |
| cve-2025-12497 | Premium Portfolio Features for Phlox theme <= 2.3.10 -… |
averta |
Premium Portfolio Features for Phlox theme |
2025-11-05T11:24:40.177Z | 2025-11-05T15:03:20.522Z | |
| cve-2025-12192 | The Events Calendar <= 6.15.9 - Sysinfo Key Incorrect … |
stellarwp |
The Events Calendar |
2025-11-05T09:27:40.562Z | 2025-11-05T15:15:28.224Z | |
| cve-2025-12469 | FunnelKit Automations – Email Marketing Automation and… |
amans2k |
FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce |
2025-11-05T09:27:40.199Z | 2025-11-05T15:39:59.784Z | |
| cve-2025-11987 | Visual Link Preview <= 2.2.7 - Authenticated (Contribu… |
brechtvds |
Visual Link Preview |
2025-11-05T09:27:39.799Z | 2025-11-05T15:43:22.991Z | |
| cve-2025-12468 | FunnelKit Automations – Email Marketing Automation and… |
amans2k |
FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce |
2025-11-05T09:27:39.398Z | 2025-11-05T15:43:54.382Z | |
| cve-2025-11820 | Graphina – Elementor Charts and Graphs <= 3.1.8 - Auth… |
iqonicdesign |
Graphina – Charts and Graphs For Elementor |
2025-11-05T09:27:38.778Z | 2025-11-05T15:44:24.788Z | |
| cve-2025-58337 | Apache Doris-MCP-Server: Improper Access Control resul… |
Apache Software Foundation |
Apache Doris-MCP-Server |
2025-11-05T09:26:36.573Z | 2025-11-06T15:55:05.901Z | |
| cve-2025-55108 | 9.5 (v4.0) 10 (v3.1) | BMC Control-M/Agent default configuration does not enf… |
BMC |
Control-M/Agent |
2025-11-05T09:07:29.915Z | 2025-11-06T04:55:31.161Z |
| cve-2025-10622 | 8 (v3.1) | Foreman: os command injection via ct_location and fcct… |
Red Hat |
Red Hat Satellite 6.15 for RHEL 8 |
2025-11-05T07:32:14.390Z | 2025-11-06T21:06:37.850Z |
| cve-2025-12675 | KiotViet Sync <= 1.8.5 - Missing Authorization to Auth… |
mykiot |
KiotViet Sync |
2025-11-05T07:27:56.886Z | 2025-11-05T14:13:37.640Z | |
| cve-2025-12676 | KiotViet Sync <= 1.8.5 - Use of Hard-coded Password to… |
mykiot |
KiotViet Sync |
2025-11-05T07:27:56.492Z | 2025-11-05T14:20:41.378Z | |
| cve-2025-12674 | KiotViet Sync <= 1.8.5 - Unauthenticated Arbitrary Fil… |
mykiot |
KiotViet Sync |
2025-11-05T07:27:56.065Z | 2025-11-05T14:21:06.844Z | |
| cve-2025-12677 | KiotViet Sync <= 1.8.5 - Unauthenticated Webhook Key E… |
mykiot |
KiotViet Sync |
2025-11-05T07:27:55.399Z | 2025-11-05T14:21:40.476Z | |
| cve-2025-12384 | Document Embedder – Embed PDFs, Word, Excel, and Other… |
bplugins |
Document Embedder – Embed PDFs, Word, Excel, and Other Files |
2025-11-05T06:35:02.300Z | 2025-11-05T14:22:37.337Z | |
| cve-2025-12388 | B Carousel Block – Responsive Image and Content Carous… |
bplugins |
Carousel Block – Responsive Image and Content Carousel |
2025-11-05T06:35:01.390Z | 2025-11-05T14:23:30.683Z | |
| cve-2025-11373 | Popup and Slider Builder by Depicter – Add Email colle… |
averta |
Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel |
2025-11-05T06:35:00.978Z | 2025-11-05T14:24:11.253Z | |
| cve-2025-12139 | File Manager for Google Drive – Integrate Google Drive… |
princeahmed |
File Manager for Google Drive – Integrate Google Drive |
2025-11-05T06:35:00.585Z | 2025-11-05T14:35:34.262Z | |
| cve-2025-11917 | WPeMatico RSS Feed Fetcher <= 2.8.11 - Authenticated (… |
etruel |
WPeMatico RSS Feed Fetcher |
2025-11-05T06:34:59.886Z | 2025-11-05T15:45:19.848Z | |
| cve-2025-62225 | 6.7 (v3.0) 8.4 (v4.0) | Optical Disc Archive Software provided by Sony Co… |
Sony Corporation |
Optical Disc Archive Software (for Windows) |
2025-11-05T06:19:44.575Z | 2025-11-05T16:42:44.405Z |
| cve-2025-64151 | 6.7 (v3.0) 8.4 (v4.0) | Multiple Roboticsware products provided by Roboti… |
Roboticsware PTE. LTD. |
FA-Panel6 |
2025-11-05T06:19:25.053Z | 2025-11-05T17:08:42.226Z |
| cve-2025-6027 | N/A | Ace User Management <= 2.0.3 - Subscriber+ Authenticat… |
Unknown |
Ace User Management |
2025-11-05T06:00:07.919Z | 2025-11-05T18:35:20.331Z |
| cve-2025-11072 | N/A | Download Counter Button <= 1.8.6.7 - Unauthenticated A… |
Unknown |
MelAbu WP Download Counter Button |
2025-11-05T06:00:07.091Z | 2025-11-05T18:36:44.703Z |
| cve-2025-10873 | N/A | Elementinvader Addons for Elementor < 1.4.1 – Unauthen… |
Unknown |
ElementInvader Addons for Elementor |
2025-11-05T06:00:06.600Z | 2025-11-05T18:38:43.461Z |
| cve-2025-10567 | N/A | FunnelKit < 3.12.0.1 - Reflected XSS |
Unknown |
FunnelKit |
2025-11-05T06:00:02.503Z | 2025-11-05T18:45:38.517Z |
| cve-2025-21079 | 7.1 (v3.1) | Improper input validation in Samsung Members prio… |
Samsung Mobile |
Samsung Members |
2025-11-05T05:41:01.576Z | 2025-11-05T17:09:18.091Z |
| cve-2025-21078 | 8.8 (v3.1) | Use of insufficiently random value of secretKey i… |
Samsung Mobile |
Smart Switch |
2025-11-05T05:41:00.294Z | 2025-11-06T04:55:33.954Z |
| cve-2025-21077 | 3.3 (v3.1) | Improper input validation in Samsung Email prior … |
Samsung Mobile |
Samsung Email |
2025-11-05T05:40:58.968Z | 2025-11-07T14:26:08.837Z |
| cve-2025-21076 | 5.5 (v3.1) | Improper handling of insufficient permissions or … |
Samsung Mobile |
Samsung Account |
2025-11-05T05:40:57.790Z | 2025-11-07T14:26:14.798Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-57244 | N/A | OpenKM Community Edition 6.3.12 is vulnerable to … |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T19:57:23.140Z |
| cve-2025-46424 | 6.7 (v3.1) | Dell CloudLink, versions prior to 8.2, contain us… |
Dell |
CloudLink |
2025-11-05T16:46:25.707Z | 2025-11-06T04:55:40.938Z |
| cve-2025-46366 | 6.7 (v3.1) | Dell CloudLink, versions prior to 8.1.1, contain … |
Dell |
CloudLink |
2025-11-05T16:50:28.754Z | 2025-11-06T04:55:41.794Z |
| cve-2025-46365 | 5.3 (v3.1) | Dell CloudLink, versions prior 8.1.1, contain a C… |
Dell |
CloudLink |
2025-11-05T16:40:39.934Z | 2025-11-06T04:55:40.128Z |
| cve-2025-46364 | 9.1 (v3.1) | Dell CloudLink, versions prior to 8.1.1, contain … |
Dell |
CloudLin |
2025-11-05T16:36:00.347Z | 2025-11-06T04:55:39.277Z |
| cve-2025-45379 | 8.4 (v3.1) | Dell CloudLink, versions prior to 8.2, contain a … |
Dell |
CloudLink |
2025-11-05T16:31:57.457Z | 2025-11-06T04:55:38.394Z |
| cve-2025-45378 | 9.1 (v3.1) | Dell CloudLink, versions 8.0 through 8.1.2, conta… |
Dell |
CloudLink |
2025-11-05T16:23:15.673Z | 2025-11-06T04:55:36.592Z |
| cve-2025-43990 | 7.3 (v3.1) | Dell Command Monitor (DCM), versions prior to 10.… |
Dell |
Command Monitor (DCM) |
2025-11-05T17:01:23.986Z | 2025-11-06T04:55:47.809Z |
| cve-2025-30479 | 8.4 (v3.1) | Dell CloudLink, versions prior to 8.2, contain a … |
Dell |
CloudLink |
2025-11-05T16:27:33.266Z | 2025-11-06T04:55:37.459Z |
| cve-2025-20377 | Cisco Unified Intelligence Center API Information Disc… |
Cisco |
Cisco Packaged Contact Center Enterprise |
2025-11-05T16:31:52.595Z | 2025-11-05T20:14:05.911Z | |
| cve-2025-20376 | Cisco Unified Contact Center Express Remote Code Execu… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:38.793Z | 2025-11-06T04:55:44.673Z | |
| cve-2025-20375 | Cisco Unified Contact Center Express Arbitrary File Up… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:43.035Z | 2025-11-06T04:55:45.946Z | |
| cve-2025-20374 | Cisco Unified Contact Center Express Arbitrary File Do… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:23.862Z | 2025-11-05T20:11:12.630Z | |
| cve-2025-20358 | Cisco Unified Contact Center Express Editor Authentica… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:23.210Z | 2025-11-06T04:55:43.689Z | |
| cve-2025-20354 | Cisco Unified Contact Center Express Remote Code Execu… |
Cisco |
Cisco Unified Contact Center Express |
2025-11-05T16:31:14.821Z | 2025-11-06T04:55:42.828Z | |
| cve-2025-20343 | Cisco Identity Services Engine Radius Suppression Deni… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:31:05.000Z | 2025-11-05T20:07:12.870Z | |
| cve-2025-20305 | A vulnerability in the web-based management inter… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:32:52.800Z | 2025-11-05T20:19:33.833Z | |
| cve-2025-20304 | Multiple vulnerabilities in the web-based managem… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:33:27.573Z | 2025-11-05T20:20:07.804Z | |
| cve-2025-20303 | Multiple vulnerabilities in the web-based managem… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:32:02.482Z | 2025-11-05T20:17:21.630Z | |
| cve-2025-20289 | Multiple vulnerabilities in the web-based managem… |
Cisco |
Cisco Identity Services Engine Software |
2025-11-05T16:32:28.860Z | 2025-11-05T20:18:33.404Z | |
| cve-2025-63601 | N/A | Snipe-IT before version 8.3.3 contains a remote c… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-10T16:40:21.341Z |
| cve-2025-61304 | N/A | OS command injection vulnerability in Dynatrace A… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T19:26:14.228Z |
| cve-2025-60753 | N/A | An issue was discovered in libarchive bsdtar befo… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T15:44:31.278Z |
| cve-2025-57130 | An Incorrect Access Control vulnerability in the … |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T16:20:49.984Z | |
| cve-2025-64459 | Potential SQL injection via _connector keyword argumen… |
djangoproject |
Django |
2025-11-05T15:09:58.239Z | 2025-11-08T12:49:45.129Z | |
| cve-2025-64458 | Potential denial-of-service vulnerability in HttpRespo… |
djangoproject |
Django |
2025-11-05T15:07:17.031Z | 2025-11-05T16:20:57.265Z | |
| cve-2025-61084 | N/A | MDaemon Mail Server 23.5.2 validates SPF, DKIM, a… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T15:13:15.646Z |
| cve-2025-52602 | 4.2 (v3.1) | HCL BigFix Query is affected by a sensitive informatio… |
HCL Software |
BigFix Query |
2025-11-05T14:46:46.537Z | 2025-11-05T18:58:08.387Z |
| cve-2025-47151 | A type confusion vulnerability exists in the lass… |
Entr'ouvert |
Lasso |
2025-11-05T14:57:01.436Z | 2025-11-05T22:35:15.897Z | |
| cve-2025-46784 | A denial of service vulnerability exists in the l… |
Entr'ouvert |
Lasso |
2025-11-05T14:56:57.782Z | 2025-11-05T22:34:21.323Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-137676 | Malicious code in utomo-tapai53-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137675 | Malicious code in utomo-tahu71-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137674 | Malicious code in utomo-soto78-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137673 | Malicious code in utomo-serimuka20-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137672 | Malicious code in utomo-serabi51-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137671 | Malicious code in utomo-sego50-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137670 | Malicious code in utomo-sate17-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137669 | Malicious code in utomo-sate14-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137668 | Malicious code in utomo-sambel57-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137667 | Malicious code in utomo-saguer49-sumpek (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137666 | Malicious code in utomo-ronde73-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137665 | Malicious code in utomo-ronde30-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137664 | Malicious code in utomo-rangi39-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137663 | Malicious code in utomo-rangi27-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137662 | Malicious code in utomo-ragi21-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137661 | Malicious code in utomo-peyek86-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137660 | Malicious code in utomo-peyek71-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137659 | Malicious code in utomo-pecel15-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137658 | Malicious code in utomo-otak-otak29-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137657 | Malicious code in utomo-oncom39-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137656 | Malicious code in utomo-nasiuduk1-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137655 | Malicious code in utomo-nasisayur75-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137654 | Malicious code in utomo-nasipecel49-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137653 | Malicious code in utomo-naget80-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137652 | Malicious code in utomo-miebogor57-sumpek (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137651 | Malicious code in utomo-mieayam88-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137650 | Malicious code in utomo-mendoan32-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137649 | Malicious code in utomo-martabak24-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137648 | Malicious code in utomo-mangga78-sumpek (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| mal-2025-137647 | Malicious code in utomo-lapis75-sluey (npm) | 2025-11-11T22:56:38Z | 2025-11-11T22:56:38Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:13338 | Red Hat Security Advisory: OpenShift Container Platform 4.16.46 security and extras update | 2025-08-13T01:45:55+00:00 | 2025-11-06T22:56:25+00:00 |
| rhsa-2025:13327 | Red Hat Security Advisory: OpenShift Container Platform 4.18.22 security and extras update | 2025-08-13T01:15:12+00:00 | 2025-11-06T22:56:24+00:00 |
| rhsa-2025:13775 | Red Hat Security Advisory: mod_security security update | 2025-08-12T20:24:49+00:00 | 2025-11-08T07:17:00+00:00 |
| rhsa-2025:13716 | Red Hat Security Advisory: mod_security security update | 2025-08-12T15:30:48+00:00 | 2025-11-08T07:16:58+00:00 |
| rhsa-2025:13688 | Red Hat Security Advisory: libxml2 security update | 2025-08-12T13:01:38+00:00 | 2025-11-06T23:14:39+00:00 |
| rhsa-2025:13689 | Red Hat Security Advisory: libxml2 security update | 2025-08-12T12:44:33+00:00 | 2025-11-06T23:14:40+00:00 |
| rhsa-2025:13683 | Red Hat Security Advisory: libxml2 security update | 2025-08-12T12:30:08+00:00 | 2025-11-06T23:14:39+00:00 |
| rhsa-2025:13684 | Red Hat Security Advisory: libxml2 security update | 2025-08-12T12:25:23+00:00 | 2025-11-06T23:14:39+00:00 |
| rhsa-2025:13677 | Red Hat Security Advisory: libxml2 security update | 2025-08-12T09:47:28+00:00 | 2025-11-06T23:14:39+00:00 |
| rhsa-2025:13676 | Red Hat Security Advisory: thunderbird security update | 2025-08-12T09:11:13+00:00 | 2025-11-06T23:42:02+00:00 |
| rhsa-2025:13675 | Red Hat Security Advisory: java-1.8.0-ibm security update | 2025-08-12T08:35:28+00:00 | 2025-11-11T12:34:29+00:00 |
| rhsa-2025:13674 | Red Hat Security Advisory: toolbox security update | 2025-08-12T06:50:07+00:00 | 2025-11-11T10:12:44+00:00 |
| rhsa-2025:13673 | Red Hat Security Advisory: toolbox security update | 2025-08-12T06:48:53+00:00 | 2025-11-11T10:12:44+00:00 |
| rhsa-2025:13671 | Red Hat Security Advisory: Updated 7.1 container image is now available in the Red Hat Ecosystem Catalog | 2025-08-12T04:43:04+00:00 | 2025-11-11T20:38:57+00:00 |
| rhsa-2025:13670 | Red Hat Security Advisory: mod_security security update | 2025-08-12T01:14:37+00:00 | 2025-11-08T07:16:58+00:00 |
| rhsa-2025:13664 | Red Hat Security Advisory: krb5 security update | 2025-08-12T01:10:37+00:00 | 2025-10-30T14:55:36+00:00 |
| rhsa-2025:13668 | Red Hat Security Advisory: python3.12-setuptools security update | 2025-08-12T00:47:32+00:00 | 2025-11-07T03:32:29+00:00 |
| rhsa-2025:13669 | Red Hat Security Advisory: python3.11-setuptools security update | 2025-08-12T00:44:27+00:00 | 2025-11-07T03:32:31+00:00 |
| rhsa-2025:13656 | Red Hat Security Advisory: java-21-ibm-semeru-certified-jdk bug fix and enhancement update | 2025-08-11T21:25:01+00:00 | 2025-11-11T07:51:16+00:00 |
| rhsa-2025:13651 | Red Hat Security Advisory: thunderbird security update | 2025-08-11T17:35:46+00:00 | 2025-11-06T23:42:04+00:00 |
| rhsa-2025:13649 | Red Hat Security Advisory: thunderbird security update | 2025-08-11T17:35:36+00:00 | 2025-11-06T23:42:01+00:00 |
| rhsa-2025:13650 | Red Hat Security Advisory: thunderbird security update | 2025-08-11T17:33:11+00:00 | 2025-11-06T23:42:01+00:00 |
| rhsa-2025:13648 | Red Hat Security Advisory: thunderbird security update | 2025-08-11T17:31:46+00:00 | 2025-11-06T23:42:01+00:00 |
| rhsa-2025:13645 | Red Hat Security Advisory: thunderbird security update | 2025-08-11T17:30:51+00:00 | 2025-11-06T23:42:00+00:00 |
| rhsa-2025:13647 | Red Hat Security Advisory: thunderbird security update | 2025-08-11T17:30:36+00:00 | 2025-11-06T23:42:00+00:00 |
| rhsa-2025:13646 | Red Hat Security Advisory: thunderbird security update | 2025-08-11T17:30:14+00:00 | 2025-11-06T23:42:00+00:00 |
| rhsa-2025:13633 | Red Hat Security Advisory: kernel-rt security update | 2025-08-11T14:20:25+00:00 | 2025-11-11T20:29:52+00:00 |
| rhsa-2025:13622 | Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Jaeger) 3.5.2 release | 2025-08-11T11:42:43+00:00 | 2025-11-06T23:14:38+00:00 |
| rhsa-2025:13602 | Red Hat Security Advisory: kernel security update | 2025-08-11T11:24:30+00:00 | 2025-11-11T09:06:16+00:00 |
| rhsa-2025:13604 | Red Hat Security Advisory: python-requests security update | 2025-08-11T10:27:10+00:00 | 2025-11-11T13:20:49+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-38222 | ext4: inline: fix len overflow in ext4_prepare_inline_data | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38220 | ext4: only dirty folios when data journaling regular files | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38219 | f2fs: prevent kernel warning due to negative i_nlink from corrupted image | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38218 | f2fs: fix to do sanity check on sit_bitmap_size | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38217 | hwmon: (ftsteutates) Fix TOCTOU race in fts_read() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38215 | fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38214 | fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38213 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38212 | ipc: fix to protect IPCS lookups using RCU | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38211 | RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38208 | smb: client: add NULL check in automount_fullpath | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38207 | mm: fix uprobe pte be overwritten when expanding vma | 2025-07-02T00:00:00.000Z | 2025-09-03T22:33:43.000Z |
| msrc_cve-2025-38206 | exfat: fix double free in delayed_free | 2025-07-02T00:00:00.000Z | 2025-09-03T22:31:13.000Z |
| msrc_cve-2025-38205 | drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 | 2025-07-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-38204 | jfs: fix array-index-out-of-bounds read in add_missing_indices | 2025-07-02T00:00:00.000Z | 2025-09-04T02:52:29.000Z |
| msrc_cve-2025-38203 | jfs: Fix null-ptr-deref in jfs_ioc_trim | 2025-07-02T00:00:00.000Z | 2025-09-03T22:07:31.000Z |
| msrc_cve-2025-38202 | bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38201 | netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX | 2025-07-02T00:00:00.000Z | 2025-09-03T22:05:15.000Z |
| msrc_cve-2025-38200 | i40e: fix MMIO write access to an invalid page in i40e_clear_hw | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38199 | wifi: ath12k: Fix memory leak due to multiple rx_stats allocation | 2025-07-02T00:00:00.000Z | 2025-09-03T21:57:17.000Z |
| msrc_cve-2025-38198 | fbcon: Make sure modelist not set on unregistered console | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38197 | platform/x86: dell_rbu: Fix list usage | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38194 | jffs2: check that raw node were preallocated before writing summary | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38193 | net_sched: sch_sfq: reject invalid perturb period | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38192 | net: clear the dst when changing skb protocol | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38191 | ksmbd: fix null pointer dereference in destroy_previous_session | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38190 | atm: Revert atm_account_tx() if copy_from_iter_full() fails. | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38185 | atm: atmtcp: Free invalid length skb in atmtcp_c_send(). | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38184 | tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38183 | net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2020-000074 | Hibernate ORM vulnerable to SQL injection | 2020-11-19T14:33+09:00 | 2020-11-19T14:33+09:00 |
| jvndb-2020-009584 | Multiple vulnerabilities in KonaWiki3 | 2020-11-18T18:13+09:00 | 2020-11-18T18:13+09:00 |
| jvndb-2020-000073 | Movable Type Premium vulnerable to cross-site scripting | 2020-11-18T18:01+09:00 | 2020-11-18T18:01+09:00 |
| jvndb-2020-000072 | MELSEC iQ-R Series CPU Modules vulnerable to uncontrolled resource consumption | 2020-11-12T14:58+09:00 | 2020-11-13T12:06+09:00 |
| jvndb-2020-009467 | Multiple vulnerabilities in XOOPS module "XooNIps" | 2020-11-09T15:10+09:00 | 2020-11-09T15:10+09:00 |
| jvndb-2020-000070 | Studyplus App uses a hard-coded API key for an external service | 2020-11-05T18:43+09:00 | 2023-03-08T17:02+09:00 |
| jvndb-2020-000071 | Cybozu Garoon vulnerable to improper input validation | 2020-11-05T11:43+09:00 | 2021-08-02T11:08+09:00 |
| jvndb-2020-009141 | Local File Inclusion vulnerability in OneThird CMS | 2020-10-21T15:21+09:00 | 2020-10-21T15:21+09:00 |
| jvndb-2020-000069 | Multiple vulnerabilities in WordPress Plugin "Simple Download Monitor" | 2020-10-21T14:50+09:00 | 2020-10-21T14:50+09:00 |
| jvndb-2020-000068 | WordPress Plugin "Live Chat - Live support" vulnerable to cross-site request forgery | 2020-10-14T15:32+09:00 | 2020-10-14T15:32+09:00 |
| jvndb-2020-008931 | Trend Micro Antivirus for Mac vulnerable to a privilege escalation | 2020-10-07T15:10+09:00 | 2020-10-07T15:10+09:00 |
| jvndb-2020-000067 | OS command injection vulnerability in multiple ELECOM LAN routers | 2020-10-05T15:33+09:00 | 2020-10-05T15:33+09:00 |
| jvndb-2020-000066 | InfoCage SiteShell installs their files with improper access permissions | 2020-09-30T15:37+09:00 | 2020-09-30T15:37+09:00 |
| jvndb-2020-008821 | CMONOS.JP vulnerable to cross-site scripting | 2020-09-28T18:10+09:00 | 2020-09-28T18:10+09:00 |
| jvndb-2020-008762 | ServerProtect for Linux vulnerable to OS command injection | 2020-09-28T15:52+09:00 | 2020-09-28T15:52+09:00 |
| jvndb-2020-000064 | Multiple vulnerabilities in Active Update function implemented in multiple Trend Micro products | 2020-09-23T15:26+09:00 | 2020-09-23T15:26+09:00 |
| jvndb-2020-000065 | Multiple access restriction bypass vulnerabilities in UNIQLO App | 2020-09-17T14:41+09:00 | 2020-09-17T14:41+09:00 |
| jvndb-2020-000063 | Multiple vulnerabilities in Buffalo AirStation WHR-G54S | 2020-09-11T15:57+09:00 | 2020-09-11T15:57+09:00 |
| jvndb-2020-000062 | Yodobashi App for Android fails to restrict access permissions | 2020-09-07T14:24+09:00 | 2020-09-07T14:24+09:00 |
| jvndb-2020-000059 | CLUSTERPRO X and EXPRESSCLUSTER X vulnerable to XML external entity injection (XXE) | 2020-08-31T15:10+09:00 | 2020-08-31T15:10+09:00 |
| jvndb-2020-000060 | "Shadankun Server Security Type" vulnerable to denial-of-service (DoS) | 2020-08-31T14:41+09:00 | 2020-08-31T14:41+09:00 |
| jvndb-2020-000056 | Multiple NETGEAR switching hubs vulnerable to cross-site request forgery | 2020-08-28T15:33+09:00 | 2020-08-28T15:33+09:00 |
| jvndb-2020-000058 | Multiple vulnerabilities in XOOPS module "XooNIps" | 2020-08-27T15:37+09:00 | 2020-08-27T15:37+09:00 |
| jvndb-2020-000057 | NITORI App fails to restrict access permissions | 2020-08-26T15:34+09:00 | 2020-08-26T15:34+09:00 |
| jvndb-2020-000055 | Apache Struts 2 vulnerable to denial-of-service (DoS) | 2020-08-25T13:59+09:00 | 2022-08-09T13:57+09:00 |
| jvndb-2020-000054 | Multiple cross-site scripting vulnerabilities in Exment | 2020-08-21T14:34+09:00 | 2020-08-21T14:34+09:00 |
| jvndb-2020-000053 | Multiple vulnerabilities in CyberMail | 2020-08-11T14:20+09:00 | 2020-08-11T14:20+09:00 |
| jvndb-2020-007128 | DoS Vulnerability in HiRDB | 2020-08-03T16:37+09:00 | 2020-08-03T16:37+09:00 |
| jvndb-2020-007127 | Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center | 2020-08-03T16:36+09:00 | 2020-08-03T16:36+09:00 |
| jvndb-2020-000052 | SKYSEA Client View vulnerable to privilege escalation | 2020-08-03T14:59+09:00 | 2020-08-03T14:59+09:00 |
| ID | Description | Updated |
|---|