Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-9786-pc79-p3v7 | A weakness has been identified in Dromara Sa-Token up to 1.44.0. This affects the function ObjectIn… | 2025-12-28T03:30:12Z | 2025-12-28T03:30:12Z |
| ghsa-w789-3q45-984r | In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can… | 2025-12-28T00:30:23Z | 2025-12-28T00:30:23Z |
| ghsa-w2jm-qqhw-c9px | A vulnerability has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. Affect… | 2025-12-27T21:30:12Z | 2025-12-27T21:30:12Z |
| ghsa-f342-w736-j52r | A flaw has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. This impacts an… | 2025-12-27T21:30:12Z | 2025-12-27T21:30:12Z |
| ghsa-hj3q-q387-m5hr | A vulnerability was detected in PandaXGO PandaX up to fb8ff40f7ce5dfebdf66306c6d85625061faf7e5. Thi… | 2025-12-27T18:30:26Z | 2025-12-27T18:30:26Z |
| ghsa-43h9-hc38-qph5 | SQLE's JWT Secret Handler can be manipulated to use hard-coded cryptographic key | 2025-12-27T15:30:17Z | 2025-12-29T20:36:20Z |
| ghsa-2qm6-vprh-vgfc | Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code … | 2025-12-27T15:30:16Z | 2025-12-27T15:30:17Z |
| ghsa-72f9-ghc4-fpv2 | A weakness has been identified in getmaxun maxun up to 0.0.28. The affected element is the function… | 2025-12-27T12:30:12Z | 2025-12-27T12:30:12Z |
| ghsa-9m78-g4jr-6549 | A security flaw has been discovered in getmaxun maxun up to 0.0.28. Impacted is an unknown function… | 2025-12-27T09:30:27Z | 2025-12-27T09:30:27Z |
| ghsa-rcfx-77hg-w2wv | FastMCP updated to MCP 1.23+ due to CVE-2025-66416 | 2025-12-26T23:20:50Z | 2025-12-26T23:20:50Z |
| ghsa-9fjq-45qv-pcm7 | ruint affected by unsoundness of safe `reciprocal_mg10` | 2025-12-26T18:55:53Z | 2025-12-26T18:55:53Z |
| ghsa-xq7p-3jhh-cr76 | Incorrect access control in DEV Systemtechnik GmbH DEV 7113 RF over Fiber Distribution System 32-00… | 2025-12-26T18:30:27Z | 2025-12-26T18:30:27Z |
| ghsa-qxv4-g9hq-r87f | Time-based blind SQL Injection vulnerability in Cloudlog v2.6.15 at the endpoint /index.php/logbook… | 2025-12-26T18:30:27Z | 2025-12-26T21:30:21Z |
| ghsa-g5p6-3j82-xfm4 | Croogo CMS has a path traversal vulnerability | 2025-12-26T18:30:27Z | 2025-12-26T23:21:14Z |
| ghsa-8mv8-wmgc-7crw | Incorrect access control in Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem with firmwa… | 2025-12-26T18:30:27Z | 2025-12-26T18:30:27Z |
| ghsa-8cpr-48rw-5rrc | Yealink T21P_E2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged a… | 2025-12-26T18:30:27Z | 2025-12-26T18:30:27Z |
| ghsa-x2hf-qg23-rjpx | An issue in Yealink T21P_E2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute … | 2025-12-26T18:30:26Z | 2025-12-26T18:30:26Z |
| ghsa-98p6-cqhp-8c8x | Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is proce… | 2025-12-26T18:30:26Z | 2025-12-26T18:30:27Z |
| ghsa-8qx7-g43x-4mhm | An issue in Terra Informatica Software, Inc Sciter v.4.4.7.0 allows a local attacker to obtain sens… | 2025-12-26T18:30:26Z | 2025-12-26T18:30:26Z |
| ghsa-6vj3-p34w-xxjp | apidoc-core has a prototype pollution vulnerability | 2025-12-26T18:30:26Z | 2025-12-26T19:50:17Z |
| ghsa-4jf5-rmwc-7vww | The web management interface in ETL Systems Ltd DEXTRA Series ' Digital L-Band Distribution System … | 2025-12-26T18:30:26Z | 2025-12-26T18:30:27Z |
| ghsa-h78q-4j5r-86xx | Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.… | 2025-12-26T18:30:24Z | 2025-12-26T18:30:24Z |
| ghsa-j4p8-h8mh-rh8q | Self-hosted n8n has Legacy Code node that enables arbitrary file read/write | 2025-12-26T18:26:38Z | 2025-12-31T00:20:06Z |
| ghsa-62r4-hw23-cc8v | n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node | 2025-12-26T18:18:05Z | 2025-12-27T01:08:43Z |
| ghsa-9pf3-7rrr-x5jh | lmdeploy vulnerable to Arbitrary Code Execution via Insecure Deserialization in torch.load() | 2025-12-26T17:34:08Z | 2025-12-27T01:08:38Z |
| ghsa-58jc-rcg5-95f3 | n8n's Possible Stored XSS in "Respond to Webhook" Node May Execute Outside iframe Sandbox | 2025-12-26T17:30:19Z | 2025-12-27T01:08:11Z |
| ghsa-v82x-ghcg-c238 | A cross-site scripting (XSS) vulnerability was identified in FluentCMS 1.2.3. After logging in as a… | 2025-12-26T15:30:17Z | 2025-12-26T18:30:26Z |
| ghsa-rh9m-3jjg-79rv | IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 is vulnerable to HTML injection. A remote attacker could… | 2025-12-26T15:30:17Z | 2025-12-26T15:30:17Z |
| ghsa-mrrq-9gcx-wv49 | IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from … | 2025-12-26T15:30:17Z | 2025-12-26T15:30:17Z |
| ghsa-jv72-59wq-8rxm | libxmljs has segmentation fault, potentially leading to a denial-of-service (DoS) | 2025-12-26T15:30:17Z | 2025-12-26T19:47:33Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-68473 | ESF-IDF Has Out-of-Bounds Read in ESP32 Bluetooth SDP … |
espressif |
esp-idf |
2025-12-26T23:54:47.709Z | 2025-12-29T16:51:42.074Z | |
| cve-2025-68148 | FreshRSS globally denies access to feed via proxy modi… |
FreshRSS |
FreshRSS |
2025-12-26T23:46:53.337Z | 2025-12-29T16:51:47.993Z | |
| cve-2025-68932 | FreshRSS has weak cryptographic randomness in remember… |
FreshRSS |
FreshRSS |
2025-12-26T23:43:34.693Z | 2025-12-29T16:51:53.481Z | |
| cve-2025-66203 | StreamVault is Vulnerable to Authenticated Remote Code… |
lemon8866 |
StreamVault |
2025-12-26T23:37:03.817Z | 2025-12-29T15:52:51.712Z | |
| cve-2025-67729 | lmdeploy vulnerable to Arbitrary Code Execution via In… |
InternLM |
lmdeploy |
2025-12-26T21:54:10.137Z | 2025-12-26T22:10:54.833Z | |
| cve-2025-68697 | Self-hosted n8n has Legacy Code node that enables arbi… |
n8n-io |
n8n |
2025-12-26T21:51:12.216Z | 2025-12-26T22:12:04.529Z | |
| cve-2025-68668 | n8n Vulnerable to Arbitrary Command Execution in Pyodi… |
n8n-io |
n8n |
2025-12-26T21:49:20.695Z | 2025-12-26T21:59:34.256Z | |
| cve-2025-61914 | n8n's Possible Stored XSS in "Respond to Webhook" Node… |
n8n-io |
n8n |
2025-12-26T21:48:59.778Z | 2025-12-26T21:59:25.288Z | |
| cve-2025-13158 | 9.3 (v4.0) | apidoc-core - prototype pollution in api_group.js, api… |
apiDoc |
apidoc-core |
2025-12-26T16:00:27.208Z | 2025-12-26T19:26:12.935Z |
| cve-2025-64645 | 7.7 (v3.1) | Time-of-check Time-of-use (TOCTOU) in IBM Concert Software. |
IBM |
Concert |
2025-12-26T14:24:57.880Z | 2025-12-30T04:55:27.810Z |
| cve-2025-36230 | 5.4 (v3.1) | XSS in IBM Aspera Faspex |
IBM |
Aspera Faspex 5 |
2025-12-26T14:22:46.035Z | 2025-12-26T15:14:53.108Z |
| cve-2025-36229 | 3.1 (v3.1) | Exposure of Sensitive System Information to an Unautho… |
IBM |
Aspera Faspex 5 |
2025-12-26T14:15:03.417Z | 2025-12-26T15:14:58.269Z |
| cve-2025-36228 | 3.8 (v3.1) | Incorrect Execution-Assigned Permissions in IBM Aspera… |
IBM |
Aspera Faspex 5 |
2025-12-26T14:11:45.492Z | 2025-12-26T15:15:06.304Z |
| cve-2025-36192 | 6.7 (v3.1) | Missing Authorization with the DS8900F and DS8A00 Hard… |
IBM |
DS8A00( R10.1) |
2025-12-26T13:58:51.713Z | 2025-12-26T15:15:11.888Z |
| cve-2025-14687 | 4.3 (v3.1) | Client-Side Enforcement of Server-Side Security in IBM… |
IBM |
Db2 Intelligence Center |
2025-12-26T13:21:33.403Z | 2025-12-26T14:37:13.233Z |
| cve-2025-13915 | 9.8 (v3.1) | Authentication bypass in IBM API Connect |
IBM |
API Connect |
2025-12-26T13:16:24.669Z | 2025-12-26T14:40:40.703Z |
| cve-2025-12771 | 7.8 (v3.1) | IBM Concert Software Improper Restriction of Operation… |
IBM |
Concert |
2025-12-26T13:01:23.145Z | 2025-12-30T04:55:29.012Z |
| cve-2025-1721 | 5.9 (v3.1) | BM Concert Software Improper Clearing of Heap Memory B… |
IBM |
Concert |
2025-12-26T12:55:56.448Z | 2025-12-26T14:47:17.326Z |
| cve-2025-67450 | 7.8 (v3.1) | Due to insecure library loading in the Eaton UPS … |
Eaton |
UPS Companion software |
2025-12-26T06:59:41.375Z | 2025-12-26T14:55:51.712Z |
| cve-2025-59888 | 6.7 (v3.1) | Improper quotation in search paths in the Eaton U… |
Eaton |
UPS Companion software |
2025-12-26T06:53:33.887Z | 2025-12-26T15:37:43.044Z |
| cve-2025-59887 | 8.6 (v3.1) | Improper authentication of library files in the E… |
Eaton |
Eaton UPS Companion Software |
2025-12-26T06:48:08.086Z | 2025-12-26T15:45:28.715Z |
| cve-2025-62578 | 7.2 (v4.0) | DVP-12SE - Modbus/TCP Cleartext Transmission of Sensit… |
Delta Electronics |
DVP-12SE |
2025-12-26T06:05:01.035Z | 2025-12-29T00:57:42.778Z |
| cve-2025-8075 | 5.8 (v4.0) | Improper Input Validation |
Hanwha Vision Co., Ltd. |
QNV-C8012 |
2025-12-26T04:31:38.718Z | 2025-12-26T16:01:16.611Z |
| cve-2025-52601 | 6.3 (v4.0) | Hardcoding sensitive information |
Hanwha Vision Co., Ltd. |
Device Manager |
2025-12-26T04:29:25.830Z | 2025-12-26T19:27:44.838Z |
| cve-2025-52600 | 5.2 (v4.0) | Improper Input Validation |
Hanwha Vision Co., Ltd. |
QNV-C8012 |
2025-12-26T04:20:17.014Z | 2025-12-26T14:50:40.099Z |
| cve-2025-68946 | 5.4 (v3.1) | In Gitea before 1.20.1, a forbidden URL scheme su… |
Gitea |
Gitea |
2025-12-26T04:14:03.775Z | 2025-12-26T18:59:45.647Z |
| cve-2025-52599 | 6.3 (v4.0) | Inadequate account permissions management |
Hanwha Vision Co., Ltd. |
QNV-C8012 |
2025-12-26T04:12:37.550Z | 2025-12-26T15:15:17.385Z |
| cve-2025-52598 | 6.3 (v4.0) | Insufficient certificate validation |
Hanwha Vision Co., Ltd. |
QNV-C8012 |
2025-12-26T04:07:19.958Z | 2025-12-26T15:15:22.694Z |
| cve-2025-15099 | simstudioai sim CRON Secret internal.ts improper authe… |
simstudioai |
sim |
2025-12-26T04:02:07.111Z | 2025-12-26T15:04:35.405Z | |
| cve-2025-68945 | 5.8 (v3.1) | In Gitea before 1.21.2, an anonymous user can vis… |
Gitea |
Gitea |
2025-12-26T03:58:46.724Z | 2025-12-26T18:59:29.985Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-15148 | CmsEasy Backend Template Management template_admin.php… |
n/a |
CmsEasy |
2025-12-28T18:02:08.178Z | 2025-12-29T21:22:26.770Z | |
| cve-2025-15146 | SohuTV CacheCloud UserManageController.java doUserList… |
SohuTV |
CacheCloud |
2025-12-28T17:32:06.551Z | 2025-12-29T21:25:59.423Z | |
| cve-2025-68973 | 7.8 (v3.1) | In GnuPG before 2.4.9, armor_filter in g10/armor.… |
GnuPG |
GnuPG |
2025-12-28T16:19:11.019Z | 2025-12-31T03:34:28.426Z |
| cve-2025-15145 | SohuTV CacheCloud TotalManageController.java doTotalLi… |
SohuTV |
CacheCloud |
2025-12-28T17:02:05.970Z | 2025-12-29T21:26:55.456Z | |
| cve-2025-15144 | dayrui XunRuiCMS JSONP Callback Init.php dr_exit_msg c… |
dayrui |
XunRuiCMS |
2025-12-28T16:32:07.116Z | 2025-12-29T21:27:18.449Z | |
| cve-2025-15143 | EyouCMS Backend Template Management FilemanagerLogic.p… |
n/a |
EyouCMS |
2025-12-28T16:02:08.347Z | 2025-12-29T16:24:22.854Z | |
| cve-2025-15142 | 9786 phpok3w show.php sql injection |
9786 |
phpok3w |
2025-12-28T15:32:12.734Z | 2025-12-29T16:26:52.591Z | |
| cve-2025-15141 | Halo Configuration actuator information disclosure |
n/a |
Halo |
2025-12-28T15:02:05.484Z | 2025-12-29T16:30:18.082Z | |
| cve-2025-15140 | saiftheboss7 onlinemcqexam quesadd.php sql injection |
saiftheboss7 |
onlinemcqexam |
2025-12-28T14:32:06.750Z | 2025-12-29T16:07:22.328Z | |
| cve-2025-15139 | TRENDnet TEW-822DRE formWsc sub_43ACF4 command injection |
TRENDnet |
TEW-822DRE |
2025-12-28T14:02:07.407Z | 2025-12-29T16:06:45.224Z | |
| cve-2025-15138 | prasathmani TinyFileManager tinyfilemanager.php path t… |
prasathmani |
TinyFileManager |
2025-12-28T13:32:08.843Z | 2025-12-29T16:40:10.063Z | |
| cve-2025-15137 | TRENDnet TEW-800MB NTPSyncWithHost.cgi sub_F934 comma… |
TRENDnet |
TEW-800MB |
2025-12-28T13:02:05.931Z | 2025-12-29T17:19:47.335Z | |
| cve-2025-15136 | TRENDnet TEW-800MB Management wizardset do_setWizard_a… |
TRENDnet |
TEW-800MB |
2025-12-28T12:32:06.349Z | 2025-12-29T17:20:27.000Z | |
| cve-2025-15135 | joey-zhou xiaozhi-esp32-server-java Cookie Authenticat… |
joey-zhou |
xiaozhi-esp32-server-java |
2025-12-28T12:02:07.346Z | 2025-12-29T17:58:51.665Z | |
| cve-2025-15134 | yourmaileyes MOOC Submission MainController.java subre… |
yourmaileyes |
MOOC |
2025-12-28T11:32:05.791Z | 2025-12-29T17:59:32.211Z | |
| cve-2025-15133 | ZSPACE Z4Pro+ HTTP POST Request close zfilev2_api_Clos… |
ZSPACE |
Z4Pro+ |
2025-12-28T11:02:10.256Z | 2025-12-29T18:00:13.048Z | |
| cve-2025-15132 | ZSPACE Z4Pro+ HTTP POST Request open zfilev2_api_open … |
ZSPACE |
Z4Pro+ |
2025-12-28T10:32:05.208Z | 2025-12-29T18:00:46.951Z | |
| cve-2025-15131 | ZSPACE Z4Pro+ HTTP POST Request status zfilev2_api_Saf… |
ZSPACE |
Z4Pro+ |
2025-12-28T10:02:06.337Z | 2025-12-29T18:01:13.797Z | |
| cve-2025-15130 | shanyu SyCms Administrative Panel FileManageController… |
shanyu |
SyCms |
2025-12-28T09:32:10.325Z | 2025-12-29T18:01:53.351Z | |
| cve-2025-15129 | ChenJinchuang Lin-CMS-TP5 File Upload LocalUploader.ph… |
ChenJinchuang |
Lin-CMS-TP5 |
2025-12-28T09:02:10.127Z | 2025-12-29T18:55:29.222Z | |
| cve-2025-15128 | ZKTeco BioTime Endpoint safe_setting credentials storage |
ZKTeco |
BioTime |
2025-12-28T08:32:10.069Z | 2025-12-29T16:06:03.528Z | |
| cve-2025-15127 | FantasticLBP Hotels_Server Room.php sql injection |
FantasticLBP |
Hotels_Server |
2025-12-28T08:02:06.225Z | 2025-12-29T16:02:17.068Z | |
| cve-2025-15126 | JeecgBoot getPositionUserList improper authorization |
n/a |
JeecgBoot |
2025-12-28T07:32:06.264Z | 2025-12-29T16:03:06.162Z | |
| cve-2025-15125 | JeecgBoot queryDepartPermission improper authorization |
n/a |
JeecgBoot |
2025-12-28T07:02:06.680Z | 2025-12-29T16:03:49.238Z | |
| cve-2025-15124 | JeecgBoot list getParameterMap improper authorization |
n/a |
JeecgBoot |
2025-12-28T06:32:06.920Z | 2025-12-29T16:04:32.586Z | |
| cve-2025-15123 | JeecgBoot datarule improper authorization |
n/a |
JeecgBoot |
2025-12-28T06:02:05.781Z | 2025-12-29T16:05:08.309Z | |
| cve-2025-15122 | JeecgBoot datarule loadDatarule improper authorization |
n/a |
JeecgBoot |
2025-12-28T05:02:05.798Z | 2025-12-29T16:42:57.874Z | |
| cve-2025-15121 | JeecgBoot getDeptRoleByUserId information disclosure |
n/a |
JeecgBoot |
2025-12-28T04:32:06.152Z | 2025-12-29T16:41:44.256Z | |
| cve-2025-15120 | JeecgBoot getDeptRoleList improper authorization |
n/a |
JeecgBoot |
2025-12-28T04:02:06.291Z | 2025-12-29T16:40:55.481Z | |
| cve-2025-15119 | JeecgBoot list queryPageList improper authorization |
n/a |
JeecgBoot |
2025-12-28T03:32:06.719Z | 2025-12-29T19:04:57.949Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192219 | Malicious code in elf-stats-merry-cookiejar-511 (npm) | 2025-12-03T17:31:24Z | 2025-12-23T20:41:02Z |
| mal-2025-192225 | Malicious code in elf-stats-nutmeg-stockpile-999 (npm) | 2025-12-03T17:28:13Z | 2025-12-03T18:11:50Z |
| mal-2025-192243 | Malicious code in elf-stats-wintry-cocoa-831 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T22:09:11Z |
| mal-2025-192242 | Malicious code in elf-stats-whimsical-chimney-949 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192241 | Malicious code in elf-stats-velvet-snowman-470 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T22:09:11Z |
| mal-2025-192240 | Malicious code in elf-stats-velvet-ornament-148 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T22:09:11Z |
| mal-2025-192238 | Malicious code in elf-stats-sugarplum-muffin-944 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T22:09:11Z |
| mal-2025-192237 | Malicious code in elf-stats-storybook-snowglobe-157 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T22:09:11Z |
| mal-2025-192236 | Malicious code in elf-stats-storybook-marshmallow-471 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192235 | Malicious code in elf-stats-sprucey-stockpile-628 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T21:38:09Z |
| mal-2025-192234 | Malicious code in elf-stats-snuggly-ornament-764 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192233 | Malicious code in elf-stats-snowy-candy-518 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T21:38:09Z |
| mal-2025-192232 | Malicious code in elf-stats-snowy-bow-730 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192231 | Malicious code in elf-stats-snowdusted-drum-647 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T21:08:54Z |
| mal-2025-192230 | Malicious code in elf-stats-snowdusted-cocoa-694 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T21:08:54Z |
| mal-2025-192229 | Malicious code in elf-stats-sleighing-nutcracker-806 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T21:08:54Z |
| mal-2025-192228 | Malicious code in elf-stats-piney-nightcap-782 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192227 | Malicious code in elf-stats-piney-icicle-383 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192226 | Malicious code in elf-stats-peppermint-hollyberry-893 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192224 | Malicious code in elf-stats-nutmeg-cookie-584 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192222 | Malicious code in elf-stats-mulled-stocking-538 (npm) | 2025-12-03T17:22:10Z | 2025-12-04T08:26:39Z |
| mal-2025-192221 | Malicious code in elf-stats-midnight-chimney-291 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T20:41:02Z |
| mal-2025-192218 | Malicious code in elf-stats-merry-cookiejar-442 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192217 | Malicious code in elf-stats-jubilant-bow-187 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192216 | Malicious code in elf-stats-glittering-reindeer-615 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192215 | Malicious code in elf-stats-glittering-nutcracker-709 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192214 | Malicious code in elf-stats-glittering-fir-252 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T20:09:23Z |
| mal-2025-192213 | Malicious code in elf-stats-gingersnap-ornament-469 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T20:09:23Z |
| mal-2025-192211 | Malicious code in elf-stats-fuzzy-hollyberry-736 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192210 | Malicious code in elf-stats-frostbitten-reindeer-875 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:15102 | Red Hat Security Advisory: pam security update | 2025-09-03T01:35:02+00:00 | 2025-11-21T19:24:50+00:00 |
| rhsa-2025:15106 | Red Hat Security Advisory: pam security update | 2025-09-03T01:33:37+00:00 | 2025-11-21T19:24:51+00:00 |
| rhsa-2025:15105 | Red Hat Security Advisory: pam security update | 2025-09-03T01:33:17+00:00 | 2025-11-21T19:24:50+00:00 |
| rhsa-2025:15103 | Red Hat Security Advisory: pam security update | 2025-09-03T01:31:08+00:00 | 2025-11-21T19:24:50+00:00 |
| rhsa-2025:15104 | Red Hat Security Advisory: pam security update | 2025-09-03T01:29:07+00:00 | 2025-11-21T19:24:50+00:00 |
| rhsa-2025:15101 | Red Hat Security Advisory: pam security update | 2025-09-03T01:27:23+00:00 | 2025-11-21T19:24:50+00:00 |
| rhsa-2025:15107 | Red Hat Security Advisory: pam security update | 2025-09-03T01:15:27+00:00 | 2025-11-21T19:24:51+00:00 |
| rhsa-2025:15099 | Red Hat Security Advisory: pam security update | 2025-09-03T01:08:27+00:00 | 2025-11-25T10:22:20+00:00 |
| rhsa-2025:15100 | Red Hat Security Advisory: pam security update | 2025-09-03T00:46:48+00:00 | 2025-11-21T19:24:48+00:00 |
| rhsa-2025:15095 | Red Hat Security Advisory: httpd security update | 2025-09-02T20:03:51+00:00 | 2025-11-21T19:24:47+00:00 |
| rhsa-2025:14819 | Red Hat Security Advisory: OpenShift Container Platform 4.19.10 bug fix and security update | 2025-09-02T19:25:33+00:00 | 2025-11-22T03:02:01+00:00 |
| rhba-2025:14817 | Red Hat Bug Fix Advisory: OpenShift Container Platform 4.19.10 packages update | 2025-09-02T18:36:11+00:00 | 2025-11-25T21:52:21+00:00 |
| rhsa-2025:15062 | Red Hat Security Advisory: postgresql:15 security update | 2025-09-02T11:52:50+00:00 | 2025-11-21T19:24:47+00:00 |
| rhsa-2025:15058 | Red Hat Security Advisory: aide security update | 2025-09-02T11:18:25+00:00 | 2025-11-22T03:02:09+00:00 |
| rhsa-2025:15057 | Red Hat Security Advisory: postgresql:13 security update | 2025-09-02T11:00:50+00:00 | 2025-11-21T19:24:46+00:00 |
| rhsa-2025:15039 | Red Hat Security Advisory: aide security update | 2025-09-02T07:30:45+00:00 | 2025-11-22T03:02:08+00:00 |
| rhsa-2025:15038 | Red Hat Security Advisory: aide security update | 2025-09-02T07:28:41+00:00 | 2025-11-22T03:02:07+00:00 |
| rhsa-2025:15036 | Red Hat Security Advisory: httpd security update | 2025-09-02T07:20:15+00:00 | 2025-11-21T19:24:44+00:00 |
| rhsa-2025:15011 | Red Hat Security Advisory: kernel security update | 2025-09-02T07:19:50+00:00 | 2025-11-28T17:34:00+00:00 |
| rhsa-2025:15035 | Red Hat Security Advisory: kernel security update | 2025-09-02T06:56:50+00:00 | 2025-11-28T17:33:55+00:00 |
| rhsa-2025:15005 | Red Hat Security Advisory: kernel security update | 2025-09-02T06:55:20+00:00 | 2025-11-21T19:24:34+00:00 |
| rhsa-2025:15034 | Red Hat Security Advisory: postgresql:12 security update | 2025-09-02T06:54:45+00:00 | 2025-11-21T19:24:44+00:00 |
| rhsa-2025:15031 | Red Hat Security Advisory: postgresql:15 security update | 2025-09-02T06:44:25+00:00 | 2025-11-21T19:24:44+00:00 |
| rhsa-2025:15019 | Red Hat Security Advisory: python3.9 security update | 2025-09-02T06:08:54+00:00 | 2025-11-21T19:24:39+00:00 |
| rhsa-2025:15016 | Red Hat Security Advisory: kernel security update | 2025-09-02T06:05:19+00:00 | 2025-11-28T17:33:56+00:00 |
| rhsa-2025:15018 | Red Hat Security Advisory: udisks2 security update | 2025-09-02T05:56:29+00:00 | 2025-11-21T19:24:39+00:00 |
| rhsa-2025:15023 | Red Hat Security Advisory: httpd security update | 2025-09-02T05:51:39+00:00 | 2025-11-21T19:24:42+00:00 |
| rhsa-2025:15014 | Red Hat Security Advisory: postgresql:15 security update | 2025-09-02T05:39:29+00:00 | 2025-11-21T19:24:36+00:00 |
| rhsa-2025:15015 | Red Hat Security Advisory: postgresql:16 security update | 2025-09-02T05:24:10+00:00 | 2025-11-21T19:24:37+00:00 |
| rhsa-2025:15020 | Red Hat Security Advisory: udisks2 security update | 2025-09-02T05:14:19+00:00 | 2025-11-21T19:24:39+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-38723 | LoongArch: BPF: Fix jump offset calculation in tailcall | 2025-09-02T00:00:00.000Z | 2025-09-06T01:01:32.000Z |
| msrc_cve-2025-38722 | habanalabs: fix UAF in export_dmabuf() | 2025-09-02T00:00:00.000Z | 2025-12-07T01:49:31.000Z |
| msrc_cve-2025-38721 | netfilter: ctnetlink: fix refcount leak on table dump | 2025-09-02T00:00:00.000Z | 2025-09-06T01:10:33.000Z |
| msrc_cve-2025-38718 | sctp: linearize cloned gso packets in sctp_rcv | 2025-09-02T00:00:00.000Z | 2025-09-06T01:01:23.000Z |
| msrc_cve-2025-38717 | net: kcm: Fix race condition in kcm_unattach() | 2025-09-02T00:00:00.000Z | 2025-12-07T01:49:40.000Z |
| msrc_cve-2025-38716 | hfs: fix general protection fault in hfs_find_init() | 2025-09-02T00:00:00.000Z | 2025-12-03T01:37:33.000Z |
| msrc_cve-2025-38715 | hfs: fix slab-out-of-bounds in hfs_bnode_read() | 2025-09-02T00:00:00.000Z | 2025-09-06T01:05:31.000Z |
| msrc_cve-2025-38714 | hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() | 2025-09-02T00:00:00.000Z | 2025-09-06T01:05:58.000Z |
| msrc_cve-2025-38713 | hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() | 2025-09-02T00:00:00.000Z | 2025-09-06T01:14:32.000Z |
| msrc_cve-2025-38712 | hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file() | 2025-09-02T00:00:00.000Z | 2025-09-06T01:10:07.000Z |
| msrc_cve-2025-38711 | smb/server: avoid deadlock when linking with ReplaceIfExists | 2025-09-02T00:00:00.000Z | 2025-09-06T01:10:53.000Z |
| msrc_cve-2025-38710 | gfs2: Validate i_depth for exhash directories | 2025-09-02T00:00:00.000Z | 2025-12-03T01:37:29.000Z |
| msrc_cve-2025-38709 | loop: Avoid updating block size under exclusive owner | 2025-09-02T00:00:00.000Z | 2025-12-05T01:02:51.000Z |
| msrc_cve-2025-38708 | drbd: add missing kref_get in handle_write_conflicts | 2025-09-02T00:00:00.000Z | 2025-09-06T01:05:12.000Z |
| msrc_cve-2025-38707 | fs/ntfs3: Add sanity check for file name | 2025-09-02T00:00:00.000Z | 2025-09-06T01:07:31.000Z |
| msrc_cve-2025-38706 | ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() | 2025-09-02T00:00:00.000Z | 2025-09-06T01:13:41.000Z |
| msrc_cve-2025-38705 | drm/amd/pm: fix null pointer access | 2025-09-02T00:00:00.000Z | 2025-12-07T01:49:24.000Z |
| msrc_cve-2025-38704 | rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer access | 2025-09-02T00:00:00.000Z | 2025-12-07T01:49:49.000Z |
| msrc_cve-2025-38703 | drm/xe: Make dma-fences compliant with the safe access rules | 2025-09-02T00:00:00.000Z | 2025-09-06T01:11:40.000Z |
| msrc_cve-2025-38702 | fbdev: fix potential buffer overflow in do_register_framebuffer() | 2025-09-02T00:00:00.000Z | 2025-09-06T01:08:54.000Z |
| msrc_cve-2025-38701 | ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr | 2025-09-02T00:00:00.000Z | 2025-09-06T01:14:03.000Z |
| msrc_cve-2025-38700 | scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated | 2025-09-02T00:00:00.000Z | 2025-09-06T01:14:54.000Z |
| msrc_cve-2025-38699 | scsi: bfa: Double-free fix | 2025-09-02T00:00:00.000Z | 2025-09-06T01:07:53.000Z |
| msrc_cve-2025-38698 | jfs: Regular file corruption check | 2025-09-02T00:00:00.000Z | 2025-09-06T01:04:52.000Z |
| msrc_cve-2025-38697 | jfs: upper bound check of tree index in dbAllocAG | 2025-09-02T00:00:00.000Z | 2025-09-06T01:06:21.000Z |
| msrc_cve-2025-38696 | MIPS: Don't crash in stack_top() for tasks without ABI or vDSO | 2025-09-02T00:00:00.000Z | 2025-09-06T01:01:49.000Z |
| msrc_cve-2025-38695 | scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure | 2025-09-02T00:00:00.000Z | 2025-09-06T01:04:14.000Z |
| msrc_cve-2025-38692 | exfat: add cluster chain loop check for dir | 2025-09-02T00:00:00.000Z | 2025-12-03T01:37:24.000Z |
| msrc_cve-2025-38691 | pNFS: Fix uninited ptr deref in block/scsi layout | 2025-09-02T00:00:00.000Z | 2025-09-06T01:02:01.000Z |
| msrc_cve-2025-38688 | iommufd: Prevent ALIGN() overflow | 2025-09-02T00:00:00.000Z | 2025-09-06T01:01:17.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2021-000004 | Multiple vulnerabilities in acmailer | 2021-01-14T16:22+09:00 | 2021-01-14T16:22+09:00 |
| jvndb-2021-000003 | The installer of SKYSEA Client View may insecurely load Dynamic Link Libraries | 2021-01-12T15:53+09:00 | 2021-01-12T15:53+09:00 |
| jvndb-2021-000002 | Multiple NEC Products vulnerable to authentication bypass | 2021-01-04T17:24+09:00 | 2021-01-08T12:22+09:00 |
| jvndb-2021-000001 | Multiple vulnerabilities in UNIVERGE SV9500/SV8500 series | 2021-01-04T14:37+09:00 | 2021-01-04T14:37+09:00 |
| jvndb-2020-009965 | Cleartext Transmission of Sensitive Information Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2020-12-21T17:48+09:00 | 2020-12-21T17:48+09:00 |
| jvndb-2020-009964 | Improper certificate validation vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2020-12-21T17:48+09:00 | 2020-12-21T17:48+09:00 |
| jvndb-2020-010072 | Cross-site Scripting Vulnerability in Hitachi Command Suite | 2020-12-21T14:20+09:00 | 2020-12-21T14:20+09:00 |
| jvndb-2020-000087 | Management software for NEC Storage disk array system vulnerable to improper server certificate verification | 2020-12-18T17:00+09:00 | 2021-07-21T16:21+09:00 |
| jvndb-2020-000086 | Self-Extracting files created by multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries | 2020-12-18T16:47+09:00 | 2020-12-18T16:47+09:00 |
| jvndb-2020-000085 | Multiple vulnerabilities in GROWI | 2020-12-15T15:41+09:00 | 2021-08-30T16:29+09:00 |
| jvndb-2020-000083 | Multiple vulnerabilities in Aterm SA3500G | 2020-12-11T16:59+09:00 | 2020-12-11T16:59+09:00 |
| jvndb-2020-000084 | Apache Struts 2 vulnerable to remote code execution (S2-061) | 2020-12-11T15:09+09:00 | 2022-08-09T13:55+09:00 |
| jvndb-2020-000082 | FileZen vulnerable to directory traversal | 2020-12-10T15:21+09:00 | 2020-12-10T15:21+09:00 |
| jvndb-2020-009771 | ServerProtect for Linux vulnerable to heap-based buffer overflow | 2020-12-08T12:34+09:00 | 2020-12-08T12:34+09:00 |
| jvndb-2020-000081 | Apache Cordova Plugin camera vulnerable to information exposure | 2020-12-07T16:34+09:00 | 2020-12-07T16:34+09:00 |
| jvndb-2020-000080 | Multiple vulnerabilities in EC-CUBE | 2020-12-03T18:15+09:00 | 2020-12-03T18:15+09:00 |
| jvndb-2020-000079 | desknet's NEO vulnerable to cross-site scripting | 2020-12-03T17:54+09:00 | 2023-03-08T17:02+09:00 |
| jvndb-2020-000077 | Multiple vulnerabilities in GROWI | 2020-11-25T14:54+09:00 | 2020-11-25T14:54+09:00 |
| jvndb-2020-000076 | NETGEAR GS108Ev3 vulnerable to cross-site request forgery | 2020-11-24T14:32+09:00 | 2020-11-24T14:32+09:00 |
| jvndb-2020-000075 | The installers of multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries | 2020-11-20T15:39+09:00 | 2020-11-20T15:39+09:00 |
| jvndb-2020-009590 | Trend Micro Security 2020 (Consumer) is vulnerable to arbitrary file deletion | 2020-11-19T18:03+09:00 | 2020-11-19T18:03+09:00 |
| jvndb-2020-000074 | Hibernate ORM vulnerable to SQL injection | 2020-11-19T14:33+09:00 | 2020-11-19T14:33+09:00 |
| jvndb-2020-009584 | Multiple vulnerabilities in KonaWiki3 | 2020-11-18T18:13+09:00 | 2020-11-18T18:13+09:00 |
| jvndb-2020-000073 | Movable Type Premium vulnerable to cross-site scripting | 2020-11-18T18:01+09:00 | 2020-11-18T18:01+09:00 |
| jvndb-2020-000072 | MELSEC iQ-R Series CPU Modules vulnerable to uncontrolled resource consumption | 2020-11-12T14:58+09:00 | 2020-11-13T12:06+09:00 |
| jvndb-2020-009467 | Multiple vulnerabilities in XOOPS module "XooNIps" | 2020-11-09T15:10+09:00 | 2020-11-09T15:10+09:00 |
| jvndb-2020-000070 | Studyplus App uses a hard-coded API key for an external service | 2020-11-05T18:43+09:00 | 2023-03-08T17:02+09:00 |
| jvndb-2020-000071 | Cybozu Garoon vulnerable to improper input validation | 2020-11-05T11:43+09:00 | 2021-08-02T11:08+09:00 |
| jvndb-2020-009141 | Local File Inclusion vulnerability in OneThird CMS | 2020-10-21T15:21+09:00 | 2020-10-21T15:21+09:00 |
| jvndb-2020-000069 | Multiple vulnerabilities in WordPress Plugin "Simple Download Monitor" | 2020-10-21T14:50+09:00 | 2020-10-21T14:50+09:00 |
| ID | Description | Updated |
|---|