Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-m8rq-9x47-wwr7 | A security vulnerability has been detected in macrozheng mall up to 1.0.3. This vulnerability affec… | 2025-12-28T06:31:31Z | 2025-12-28T06:31:31Z |
| ghsa-6wrf-f8cg-6rh5 | A vulnerability was detected in JeecgBoot up to 3.9.0. This issue affects the function queryPageLis… | 2025-12-28T06:31:31Z | 2025-12-28T06:31:31Z |
| ghsa-wgfq-49px-5cwg | A security flaw has been discovered in OpenCart up to 4.1.0.3. Affected by this issue is some unkno… | 2025-12-28T03:30:12Z | 2025-12-28T03:30:12Z |
| ghsa-9786-pc79-p3v7 | A weakness has been identified in Dromara Sa-Token up to 1.44.0. This affects the function ObjectIn… | 2025-12-28T03:30:12Z | 2025-12-28T03:30:12Z |
| ghsa-w789-3q45-984r | In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can… | 2025-12-28T00:30:23Z | 2025-12-28T00:30:23Z |
| ghsa-w2jm-qqhw-c9px | A vulnerability has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. Affect… | 2025-12-27T21:30:12Z | 2025-12-27T21:30:12Z |
| ghsa-f342-w736-j52r | A flaw has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. This impacts an… | 2025-12-27T21:30:12Z | 2025-12-27T21:30:12Z |
| ghsa-hj3q-q387-m5hr | A vulnerability was detected in PandaXGO PandaX up to fb8ff40f7ce5dfebdf66306c6d85625061faf7e5. Thi… | 2025-12-27T18:30:26Z | 2025-12-27T18:30:26Z |
| ghsa-43h9-hc38-qph5 | SQLE's JWT Secret Handler can be manipulated to use hard-coded cryptographic key | 2025-12-27T15:30:17Z | 2025-12-29T20:36:20Z |
| ghsa-2qm6-vprh-vgfc | Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code … | 2025-12-27T15:30:16Z | 2025-12-27T15:30:17Z |
| ghsa-72f9-ghc4-fpv2 | A weakness has been identified in getmaxun maxun up to 0.0.28. The affected element is the function… | 2025-12-27T12:30:12Z | 2025-12-27T12:30:12Z |
| ghsa-9m78-g4jr-6549 | A security flaw has been discovered in getmaxun maxun up to 0.0.28. Impacted is an unknown function… | 2025-12-27T09:30:27Z | 2025-12-27T09:30:27Z |
| ghsa-rcfx-77hg-w2wv | FastMCP updated to MCP 1.23+ due to CVE-2025-66416 | 2025-12-26T23:20:50Z | 2025-12-26T23:20:50Z |
| ghsa-9fjq-45qv-pcm7 | ruint affected by unsoundness of safe `reciprocal_mg10` | 2025-12-26T18:55:53Z | 2025-12-26T18:55:53Z |
| ghsa-xq7p-3jhh-cr76 | Incorrect access control in DEV Systemtechnik GmbH DEV 7113 RF over Fiber Distribution System 32-00… | 2025-12-26T18:30:27Z | 2025-12-26T18:30:27Z |
| ghsa-qxv4-g9hq-r87f | Time-based blind SQL Injection vulnerability in Cloudlog v2.6.15 at the endpoint /index.php/logbook… | 2025-12-26T18:30:27Z | 2025-12-26T21:30:21Z |
| ghsa-g5p6-3j82-xfm4 | Croogo CMS has a path traversal vulnerability | 2025-12-26T18:30:27Z | 2025-12-26T23:21:14Z |
| ghsa-8mv8-wmgc-7crw | Incorrect access control in Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem with firmwa… | 2025-12-26T18:30:27Z | 2025-12-26T18:30:27Z |
| ghsa-8cpr-48rw-5rrc | Yealink T21P_E2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged a… | 2025-12-26T18:30:27Z | 2025-12-26T18:30:27Z |
| ghsa-x2hf-qg23-rjpx | An issue in Yealink T21P_E2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute … | 2025-12-26T18:30:26Z | 2025-12-26T18:30:26Z |
| ghsa-98p6-cqhp-8c8x | Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is proce… | 2025-12-26T18:30:26Z | 2025-12-26T18:30:27Z |
| ghsa-8qx7-g43x-4mhm | An issue in Terra Informatica Software, Inc Sciter v.4.4.7.0 allows a local attacker to obtain sens… | 2025-12-26T18:30:26Z | 2025-12-26T18:30:26Z |
| ghsa-6vj3-p34w-xxjp | apidoc-core has a prototype pollution vulnerability | 2025-12-26T18:30:26Z | 2025-12-26T19:50:17Z |
| ghsa-4jf5-rmwc-7vww | The web management interface in ETL Systems Ltd DEXTRA Series ' Digital L-Band Distribution System … | 2025-12-26T18:30:26Z | 2025-12-26T18:30:27Z |
| ghsa-h78q-4j5r-86xx | Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.… | 2025-12-26T18:30:24Z | 2025-12-26T18:30:24Z |
| ghsa-j4p8-h8mh-rh8q | Self-hosted n8n has Legacy Code node that enables arbitrary file read/write | 2025-12-26T18:26:38Z | 2025-12-31T00:20:06Z |
| ghsa-62r4-hw23-cc8v | n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node | 2025-12-26T18:18:05Z | 2025-12-27T01:08:43Z |
| ghsa-9pf3-7rrr-x5jh | lmdeploy vulnerable to Arbitrary Code Execution via Insecure Deserialization in torch.load() | 2025-12-26T17:34:08Z | 2025-12-27T01:08:38Z |
| ghsa-58jc-rcg5-95f3 | n8n's Possible Stored XSS in "Respond to Webhook" Node May Execute Outside iframe Sandbox | 2025-12-26T17:30:19Z | 2025-12-27T01:08:11Z |
| ghsa-v82x-ghcg-c238 | A cross-site scripting (XSS) vulnerability was identified in FluentCMS 1.2.3. After logging in as a… | 2025-12-26T15:30:17Z | 2025-12-26T18:30:26Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-14178 | 6.5 (v3.1) | Heap buffer overflow in array_merge() |
PHP Group |
PHP |
2025-12-27T19:27:41.691Z | 2025-12-29T16:01:02.639Z |
| cve-2025-14180 | 8.2 (v4.0) | NULL Pointer Dereference in PDO quoting |
PHP Group |
PHP |
2025-12-27T19:21:20.768Z | 2025-12-29T16:00:11.239Z |
| cve-2025-15109 | jackq XCMS upload.php unrestricted upload |
jackq |
XCMS |
2025-12-27T18:32:08.961Z | 2025-12-29T15:59:07.141Z | |
| cve-2025-15108 | PandaXGO PandaX JWT Secret config.yml hard-coded key |
PandaXGO |
PandaX |
2025-12-27T16:32:05.829Z | 2025-12-29T15:58:13.566Z | |
| cve-2025-15107 | actiontech sqle JWT Secret jwt.go hard-coded key |
actiontech |
sqle |
2025-12-27T12:32:06.081Z | 2025-12-29T15:57:28.455Z | |
| cve-2025-15106 | getmaxun Authentication Endpoint auth.ts router.get im… |
getmaxun |
maxun |
2025-12-27T10:32:05.218Z | 2025-12-29T15:56:17.889Z | |
| cve-2025-15105 | getmaxun auth.ts hard-coded key |
getmaxun |
maxun |
2025-12-27T09:02:06.124Z | 2025-12-29T15:55:05.915Z | |
| cve-2025-59946 | NanoMQ has a Use After Free vulnerability via sub info list |
nanomq |
nanomq |
2025-12-27T00:40:51.122Z | 2025-12-29T15:54:27.851Z | |
| cve-2025-68952 | 1-click Remote Code Execution (RCE) vulnerability in Eigent |
eigent-ai |
eigent |
2025-12-27T00:37:08.917Z | 2025-12-29T15:53:36.804Z | |
| cve-2025-68948 | SiYuan: Information Disclosure and Authentication Bypa… |
siyuan-note |
siyuan |
2025-12-27T00:21:31.864Z | 2025-12-29T16:51:19.102Z | |
| cve-2025-68927 | Improper Neutralization of HTML Tags in a Web Page in… |
abhinavxd |
libredesk |
2025-12-27T00:04:49.621Z | 2025-12-29T16:51:24.522Z | |
| cve-2025-54322 | Xspeeder SXZOS through 2025-12-26 allows root rem… |
Xspeeder |
SXZOS |
2025-12-27T00:00:00.000Z | 2025-12-29T16:51:30.437Z | |
| cve-2025-68474 | ESF-IDF Has Out-of-Bounds Write in ESP32 Bluetooth AVR… |
espressif |
esp-idf |
2025-12-26T23:57:54.853Z | 2025-12-29T16:51:36.305Z | |
| cve-2025-68473 | ESF-IDF Has Out-of-Bounds Read in ESP32 Bluetooth SDP … |
espressif |
esp-idf |
2025-12-26T23:54:47.709Z | 2025-12-29T16:51:42.074Z | |
| cve-2025-68148 | FreshRSS globally denies access to feed via proxy modi… |
FreshRSS |
FreshRSS |
2025-12-26T23:46:53.337Z | 2025-12-29T16:51:47.993Z | |
| cve-2025-68932 | FreshRSS has weak cryptographic randomness in remember… |
FreshRSS |
FreshRSS |
2025-12-26T23:43:34.693Z | 2025-12-29T16:51:53.481Z | |
| cve-2025-66203 | StreamVault is Vulnerable to Authenticated Remote Code… |
lemon8866 |
StreamVault |
2025-12-26T23:37:03.817Z | 2025-12-29T15:52:51.712Z | |
| cve-2025-67729 | lmdeploy vulnerable to Arbitrary Code Execution via In… |
InternLM |
lmdeploy |
2025-12-26T21:54:10.137Z | 2025-12-26T22:10:54.833Z | |
| cve-2025-68697 | Self-hosted n8n has Legacy Code node that enables arbi… |
n8n-io |
n8n |
2025-12-26T21:51:12.216Z | 2025-12-26T22:12:04.529Z | |
| cve-2025-68668 | n8n Vulnerable to Arbitrary Command Execution in Pyodi… |
n8n-io |
n8n |
2025-12-26T21:49:20.695Z | 2025-12-26T21:59:34.256Z | |
| cve-2025-61914 | n8n's Possible Stored XSS in "Respond to Webhook" Node… |
n8n-io |
n8n |
2025-12-26T21:48:59.778Z | 2025-12-26T21:59:25.288Z | |
| cve-2025-13158 | 9.3 (v4.0) | apidoc-core - prototype pollution in api_group.js, api… |
apiDoc |
apidoc-core |
2025-12-26T16:00:27.208Z | 2025-12-26T19:26:12.935Z |
| cve-2025-64645 | 7.7 (v3.1) | Time-of-check Time-of-use (TOCTOU) in IBM Concert Software. |
IBM |
Concert |
2025-12-26T14:24:57.880Z | 2025-12-30T04:55:27.810Z |
| cve-2025-36230 | 5.4 (v3.1) | XSS in IBM Aspera Faspex |
IBM |
Aspera Faspex 5 |
2025-12-26T14:22:46.035Z | 2025-12-26T15:14:53.108Z |
| cve-2025-36229 | 3.1 (v3.1) | Exposure of Sensitive System Information to an Unautho… |
IBM |
Aspera Faspex 5 |
2025-12-26T14:15:03.417Z | 2025-12-26T15:14:58.269Z |
| cve-2025-36228 | 3.8 (v3.1) | Incorrect Execution-Assigned Permissions in IBM Aspera… |
IBM |
Aspera Faspex 5 |
2025-12-26T14:11:45.492Z | 2025-12-26T15:15:06.304Z |
| cve-2025-36192 | 6.7 (v3.1) | Missing Authorization with the DS8900F and DS8A00 Hard… |
IBM |
DS8A00( R10.1) |
2025-12-26T13:58:51.713Z | 2025-12-26T15:15:11.888Z |
| cve-2025-14687 | 4.3 (v3.1) | Client-Side Enforcement of Server-Side Security in IBM… |
IBM |
Db2 Intelligence Center |
2025-12-26T13:21:33.403Z | 2025-12-26T14:37:13.233Z |
| cve-2025-13915 | 9.8 (v3.1) | Authentication bypass in IBM API Connect |
IBM |
API Connect |
2025-12-26T13:16:24.669Z | 2025-12-26T14:40:40.703Z |
| cve-2025-12771 | 7.8 (v3.1) | IBM Concert Software Improper Restriction of Operation… |
IBM |
Concert |
2025-12-26T13:01:23.145Z | 2025-12-30T04:55:29.012Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-15066 | 6.9 (v4.0) 6.2 (v3.1) | Arbitrary File Download through Path Traversal in Innorix WP |
Innorix |
Innorix WP |
2025-12-29T00:48:56.222Z | 2025-12-29T17:35:49.557Z |
| cve-2025-15065 | 8.6 (v4.0) 6.3 (v3.1) | Data Exposure in Kings Information & Network KESS Enterprise |
Kings Information & Network Co. |
KESS Enterprise |
2025-12-29T00:09:27.009Z | 2025-12-31T04:45:49.039Z |
| cve-2025-15162 | Tenda WH450 RouteStatic stack-based overflow |
Tenda |
WH450 |
2025-12-28T23:32:08.620Z | 2025-12-29T21:06:49.439Z | |
| cve-2025-15161 | Tenda WH450 PPTPUserSetting stack-based overflow |
Tenda |
WH450 |
2025-12-28T23:02:08.101Z | 2025-12-29T21:13:48.407Z | |
| cve-2025-15160 | Tenda WH450 PPTPServer stack-based overflow |
Tenda |
WH450 |
2025-12-28T22:32:07.881Z | 2025-12-29T16:08:39.716Z | |
| cve-2025-15156 | omec-project UPF PFCP Session Establishment Request me… |
omec-project |
UPF |
2025-12-28T22:02:06.001Z | 2025-12-29T16:08:01.587Z | |
| cve-2025-15155 | floooh sokol sokol_gfx.h _sg_pipeline_desc_defaults st… |
floooh |
sokol |
2025-12-28T21:32:10.957Z | 2025-12-29T14:43:28.566Z | |
| cve-2025-15154 | PbootCMS Header handle.php get_user_ip less trusted source |
n/a |
PbootCMS |
2025-12-28T21:02:07.992Z | 2025-12-29T14:48:02.795Z | |
| cve-2025-15153 | PbootCMS SQLite Database pbootcms.db file access |
n/a |
PbootCMS |
2025-12-28T20:32:07.587Z | 2025-12-29T14:55:49.904Z | |
| cve-2025-15152 | h-moses moga-mall PmsProductController.java addProduct… |
h-moses |
moga-mall |
2025-12-28T20:02:08.188Z | 2025-12-29T15:50:24.977Z | |
| cve-2025-15151 | TaleLin Lin-CMS Tests Folder config.py password in con… |
TaleLin |
Lin-CMS |
2025-12-28T19:32:05.944Z | 2025-12-29T15:52:38.176Z | |
| cve-2025-15150 | PX4 PX4-Autopilot mavlink_log_handler.cpp log_entry_fr… |
PX4 |
PX4-Autopilot |
2025-12-28T19:02:07.960Z | 2025-12-29T16:08:11.074Z | |
| cve-2025-15149 | rawchen ecms Add New Product updateProductServlet.java… |
rawchen |
ecms |
2025-12-28T18:32:06.054Z | 2025-12-29T21:17:12.684Z | |
| cve-2025-15148 | CmsEasy Backend Template Management template_admin.php… |
n/a |
CmsEasy |
2025-12-28T18:02:08.178Z | 2025-12-29T21:22:26.770Z | |
| cve-2025-15146 | SohuTV CacheCloud UserManageController.java doUserList… |
SohuTV |
CacheCloud |
2025-12-28T17:32:06.551Z | 2025-12-29T21:25:59.423Z | |
| cve-2025-68973 | 7.8 (v3.1) | In GnuPG before 2.4.9, armor_filter in g10/armor.… |
GnuPG |
GnuPG |
2025-12-28T16:19:11.019Z | 2025-12-31T03:34:28.426Z |
| cve-2025-15145 | SohuTV CacheCloud TotalManageController.java doTotalLi… |
SohuTV |
CacheCloud |
2025-12-28T17:02:05.970Z | 2025-12-29T21:26:55.456Z | |
| cve-2025-15144 | dayrui XunRuiCMS JSONP Callback Init.php dr_exit_msg c… |
dayrui |
XunRuiCMS |
2025-12-28T16:32:07.116Z | 2025-12-29T21:27:18.449Z | |
| cve-2025-15143 | EyouCMS Backend Template Management FilemanagerLogic.p… |
n/a |
EyouCMS |
2025-12-28T16:02:08.347Z | 2025-12-29T16:24:22.854Z | |
| cve-2025-15142 | 9786 phpok3w show.php sql injection |
9786 |
phpok3w |
2025-12-28T15:32:12.734Z | 2025-12-29T16:26:52.591Z | |
| cve-2025-15141 | Halo Configuration actuator information disclosure |
n/a |
Halo |
2025-12-28T15:02:05.484Z | 2025-12-29T16:30:18.082Z | |
| cve-2025-15140 | saiftheboss7 onlinemcqexam quesadd.php sql injection |
saiftheboss7 |
onlinemcqexam |
2025-12-28T14:32:06.750Z | 2025-12-29T16:07:22.328Z | |
| cve-2025-15139 | TRENDnet TEW-822DRE formWsc sub_43ACF4 command injection |
TRENDnet |
TEW-822DRE |
2025-12-28T14:02:07.407Z | 2025-12-29T16:06:45.224Z | |
| cve-2025-15138 | prasathmani TinyFileManager tinyfilemanager.php path t… |
prasathmani |
TinyFileManager |
2025-12-28T13:32:08.843Z | 2025-12-29T16:40:10.063Z | |
| cve-2025-15137 | TRENDnet TEW-800MB NTPSyncWithHost.cgi sub_F934 comma… |
TRENDnet |
TEW-800MB |
2025-12-28T13:02:05.931Z | 2025-12-29T17:19:47.335Z | |
| cve-2025-15136 | TRENDnet TEW-800MB Management wizardset do_setWizard_a… |
TRENDnet |
TEW-800MB |
2025-12-28T12:32:06.349Z | 2025-12-29T17:20:27.000Z | |
| cve-2025-15135 | joey-zhou xiaozhi-esp32-server-java Cookie Authenticat… |
joey-zhou |
xiaozhi-esp32-server-java |
2025-12-28T12:02:07.346Z | 2025-12-29T17:58:51.665Z | |
| cve-2025-15134 | yourmaileyes MOOC Submission MainController.java subre… |
yourmaileyes |
MOOC |
2025-12-28T11:32:05.791Z | 2025-12-29T17:59:32.211Z | |
| cve-2025-15133 | ZSPACE Z4Pro+ HTTP POST Request close zfilev2_api_Clos… |
ZSPACE |
Z4Pro+ |
2025-12-28T11:02:10.256Z | 2025-12-29T18:00:13.048Z | |
| cve-2025-15132 | ZSPACE Z4Pro+ HTTP POST Request open zfilev2_api_open … |
ZSPACE |
Z4Pro+ |
2025-12-28T10:32:05.208Z | 2025-12-29T18:00:46.951Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192210 | Malicious code in elf-stats-frostbitten-reindeer-875 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192209 | Malicious code in elf-stats-ember-reindeer-211 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192208 | Malicious code in elf-stats-cranberry-hollyberry-804 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T19:09:02Z |
| mal-2025-192207 | Malicious code in elf-stats-cocoa-train-606-pwn2 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192206 | Malicious code in elf-stats-cocoa-fir-846 (npm) | 2025-12-03T17:22:10Z | 2025-12-23T17:09:49Z |
| mal-2025-192205 | Malicious code in elf-stats-cocoa-cocoa-280 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192204 | Malicious code in elf-stats-caroling-mailbag-397 (npm) | 2025-12-03T17:22:10Z | 2025-12-03T17:22:10Z |
| mal-2025-192223 | Malicious code in elf-stats-nutmeg-cocoa-967 (npm) | 2025-12-03T17:20:38Z | 2025-12-23T20:41:02Z |
| mal-2025-192244 | Malicious code in hast-util-to-mdast9 (npm) | 2025-12-03T17:15:49Z | 2025-12-04T07:25:03Z |
| mal-2025-192203 | Malicious code in elf-stats-cocoa-ribbon-476 (npm) | 2025-12-03T16:50:41Z | 2025-12-23T19:09:02Z |
| mal-2025-192201 | Malicious code in elf-stats-merry-garland-548 (npm) | 2025-12-03T16:32:02Z | 2025-12-23T20:41:02Z |
| mal-2025-192202 | Malicious code in elf-stats-sleighing-stocking-579 (npm) | 2025-12-03T16:30:43Z | 2025-12-23T21:08:54Z |
| mal-2025-192212 | Malicious code in elf-stats-ginger-reindeer-411 (npm) | 2025-12-03T16:00:57Z | 2025-12-23T20:09:23Z |
| mal-2025-192200 | Malicious code in elf-stats-wintry-sled-578 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:40:23Z |
| mal-2025-192199 | Malicious code in elf-stats-wintry-satchel-723 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:40:23Z |
| mal-2025-192198 | Malicious code in elf-stats-wintry-ornament-960 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192197 | Malicious code in elf-stats-wintry-icicle-283 (npm) | 2025-12-03T15:59:29Z | 2025-12-03T15:59:29Z |
| mal-2025-192196 | Malicious code in elf-stats-wintry-hollyberry-832 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192195 | Malicious code in elf-stats-wintry-hammer-196 (npm) | 2025-12-03T15:59:29Z | 2025-12-03T15:59:29Z |
| mal-2025-192194 | Malicious code in elf-stats-wintry-fir-892 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192193 | Malicious code in elf-stats-whimsical-snowflake-250 (npm) | 2025-12-03T15:59:29Z | 2025-12-16T07:25:30Z |
| mal-2025-192192 | Malicious code in elf-stats-whimsical-rocket-922 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192191 | Malicious code in elf-stats-whimsical-muffin-613 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192190 | Malicious code in elf-stats-whimsical-marshmallow-258 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192189 | Malicious code in elf-stats-whimsical-marshmallow-212 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192188 | Malicious code in elf-stats-whimsical-ledger-767 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192187 | Malicious code in elf-stats-whimsical-lantern-823 (npm) | 2025-12-03T15:59:29Z | 2025-12-23T22:09:11Z |
| mal-2025-192186 | Malicious code in elf-stats-velvet-ornament-935 (npm) | 2025-12-03T15:59:29Z | 2025-12-03T15:59:29Z |
| mal-2025-192185 | Malicious code in elf-stats-velvet-cocoa-992 (npm) | 2025-12-03T15:59:29Z | 2025-12-03T15:59:29Z |
| mal-2025-192184 | Malicious code in elf-stats-twinkling-wreath-730 (npm) | 2025-12-03T15:59:29Z | 2025-12-03T15:59:29Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:15006 | Red Hat Security Advisory: postgresql:12 security update | 2025-09-02T05:11:44+00:00 | 2025-11-21T19:24:31+00:00 |
| rhsa-2025:15022 | Red Hat Security Advisory: postgresql:15 security update | 2025-09-02T05:11:05+00:00 | 2025-11-21T19:24:41+00:00 |
| rhsa-2025:15021 | Red Hat Security Advisory: postgresql:13 security update | 2025-09-02T05:07:49+00:00 | 2025-11-21T19:24:45+00:00 |
| rhsa-2025:15008 | Red Hat Security Advisory: kernel security update | 2025-09-02T04:26:50+00:00 | 2025-11-21T19:24:32+00:00 |
| rhsa-2025:15001 | Red Hat Security Advisory: krb5 security update | 2025-09-02T04:13:59+00:00 | 2025-11-21T19:24:28+00:00 |
| rhsa-2025:15010 | Red Hat Security Advisory: python3.11 security update | 2025-09-02T04:10:24+00:00 | 2025-11-21T19:24:33+00:00 |
| rhsa-2025:15013 | Red Hat Security Advisory: postgresql:13 security update | 2025-09-02T04:07:34+00:00 | 2025-11-21T19:24:34+00:00 |
| rhsa-2025:15007 | Red Hat Security Advisory: python3.12 security update | 2025-09-02T04:02:44+00:00 | 2025-11-21T19:24:32+00:00 |
| rhsa-2025:15017 | Red Hat Security Advisory: udisks2 security update | 2025-09-02T03:59:39+00:00 | 2025-11-21T19:24:39+00:00 |
| rhsa-2025:15004 | Red Hat Security Advisory: krb5 security update | 2025-09-02T03:57:04+00:00 | 2025-11-21T19:24:30+00:00 |
| rhsa-2025:15012 | Red Hat Security Advisory: postgresql:12 security update | 2025-09-02T03:49:14+00:00 | 2025-11-21T19:24:34+00:00 |
| rhsa-2025:14997 | Red Hat Security Advisory: httpd security update | 2025-09-02T03:43:39+00:00 | 2025-11-21T19:24:26+00:00 |
| rhsa-2025:14984 | Red Hat Security Advisory: python3.12 security update | 2025-09-02T03:04:29+00:00 | 2025-11-21T19:24:22+00:00 |
| rhsa-2025:15024 | Red Hat Security Advisory: libarchive security update | 2025-09-02T03:02:59+00:00 | 2025-11-22T03:02:07+00:00 |
| rhsa-2025:15000 | Red Hat Security Advisory: krb5 security update | 2025-09-02T03:01:09+00:00 | 2025-11-21T19:24:28+00:00 |
| rhsa-2025:15002 | Red Hat Security Advisory: krb5 security update | 2025-09-02T03:00:09+00:00 | 2025-11-21T19:24:30+00:00 |
| rhsa-2025:15003 | Red Hat Security Advisory: krb5 security update | 2025-09-02T02:59:04+00:00 | 2025-11-21T19:24:30+00:00 |
| rhsa-2025:14998 | Red Hat Security Advisory: httpd security update | 2025-09-02T02:58:29+00:00 | 2025-11-21T19:24:28+00:00 |
| rhsa-2025:15009 | Red Hat Security Advisory: kernel-rt security update | 2025-09-02T02:56:44+00:00 | 2025-11-21T19:24:32+00:00 |
| rhsa-2025:14988 | Red Hat Security Advisory: glib2 security update | 2025-09-02T02:53:04+00:00 | 2025-11-21T19:24:24+00:00 |
| rhsa-2025:14999 | Red Hat Security Advisory: resource-agents security update | 2025-09-02T02:49:59+00:00 | 2025-11-21T19:24:28+00:00 |
| rhsa-2025:14987 | Red Hat Security Advisory: kernel security update | 2025-09-02T02:38:39+00:00 | 2025-11-21T19:24:23+00:00 |
| rhsa-2025:14989 | Red Hat Security Advisory: glib2 security update | 2025-09-02T02:11:24+00:00 | 2025-11-21T19:24:24+00:00 |
| rhsa-2025:14991 | Red Hat Security Advisory: glib2 security update | 2025-09-02T02:10:04+00:00 | 2025-11-21T19:24:26+00:00 |
| rhsa-2025:14983 | Red Hat Security Advisory: mod_http2 security update | 2025-09-02T02:01:29+00:00 | 2025-11-21T19:24:21+00:00 |
| rhsa-2025:14985 | Red Hat Security Advisory: kernel security update | 2025-09-02T01:50:49+00:00 | 2025-11-21T19:24:22+00:00 |
| rhsa-2025:14990 | Red Hat Security Advisory: glib2 security update | 2025-09-02T01:42:29+00:00 | 2025-11-21T19:24:26+00:00 |
| rhsa-2025:14982 | Red Hat Security Advisory: aide security update | 2025-09-02T01:34:19+00:00 | 2025-11-22T03:02:06+00:00 |
| rhsa-2025:14986 | Red Hat Security Advisory: kernel-rt security update | 2025-09-02T01:30:19+00:00 | 2025-11-21T19:24:22+00:00 |
| rhsa-2025:14981 | Red Hat Security Advisory: aide security update | 2025-09-02T01:30:19+00:00 | 2025-11-22T03:02:05+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-38687 | comedi: fix race between polling and detaching | 2025-09-02T00:00:00.000Z | 2025-09-06T01:09:14.000Z |
| msrc_cve-2025-38685 | fbdev: Fix vmalloc out-of-bounds write in fast_imageblit | 2025-09-02T00:00:00.000Z | 2025-09-06T01:01:41.000Z |
| msrc_cve-2025-38684 | net/sched: ets: use old 'nbands' while purging unused classes | 2025-09-02T00:00:00.000Z | 2025-09-06T01:06:52.000Z |
| msrc_cve-2025-38681 | mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() | 2025-09-02T00:00:00.000Z | 2025-09-06T01:03:45.000Z |
| msrc_cve-2025-38680 | media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() | 2025-09-02T00:00:00.000Z | 2025-09-06T01:02:38.000Z |
| msrc_cve-2025-38679 | media: venus: Fix OOB read due to missing payload bound check | 2025-09-02T00:00:00.000Z | 2025-09-06T01:09:41.000Z |
| msrc_cve-2025-38678 | netfilter: nf_tables: reject duplicate device on updates | 2025-09-02T00:00:00.000Z | 2025-12-02T14:35:35.000Z |
| msrc_cve-2025-11083 | GNU Binutils Linker elfcode.h elf_swap_shdr heap-based overflow | 2025-09-02T00:00:00.000Z | 2025-10-02T01:04:49.000Z |
| msrc_cve-2025-11082 | GNU Binutils Linker elf-eh-frame.c _bfd_elf_parse_eh_frame heap-based overflow | 2025-09-02T00:00:00.000Z | 2025-10-02T01:04:39.000Z |
| msrc_cve-2025-11081 | GNU Binutils objdump.c dump_dwarf_section out-of-bounds | 2025-09-02T00:00:00.000Z | 2025-10-02T01:04:20.000Z |
| msrc_cve-2025-11021 | Libsoup: out-of-bounds read in cookie date handling of libsoup http library | 2025-09-02T00:00:00.000Z | 2025-09-29T01:01:39.000Z |
| msrc_cve-2025-10911 | Libxslt: use-after-free with key data stored cross-rvt | 2025-09-02T00:00:00.000Z | 2025-12-07T01:36:04.000Z |
| msrc_cve-2025-10824 | axboe fio init.c __parse_jobs_ini use after free | 2025-09-02T00:00:00.000Z | 2025-09-24T01:01:39.000Z |
| msrc_cve-2025-10823 | axboe fio options.c str_buffer_pattern_cb null pointer dereference | 2025-09-02T00:00:00.000Z | 2025-09-24T01:01:30.000Z |
| msrc_cve-2024-58241 | Bluetooth: hci_core: Disable works on hci_unregister_dev | 2025-09-02T00:00:00.000Z | 2025-12-16T01:38:02.000Z |
| msrc_cve-2023-53447 | f2fs: don't reset unchangable mount option in f2fs_remount() | 2025-09-02T00:00:00.000Z | 2025-12-17T01:39:01.000Z |
| msrc_cve-2023-53438 | x86/MCE: Always save CS register on AMD Zen IF Poison errors | 2025-09-02T00:00:00.000Z | 2025-12-12T01:02:37.000Z |
| msrc_cve-2023-53429 | btrfs: don't check PageError in __extent_writepage | 2025-09-02T00:00:00.000Z | 2025-12-12T01:02:32.000Z |
| msrc_cve-2023-53424 | clk: mediatek: fix of_iomap memory leak | 2025-09-02T00:00:00.000Z | 2025-12-12T01:02:26.000Z |
| msrc_cve-2023-53421 | blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats() | 2025-09-02T00:00:00.000Z | 2025-12-12T01:02:21.000Z |
| msrc_cve-2023-53410 | USB: ULPI: fix memory leak with using debugfs_lookup() | 2025-09-02T00:00:00.000Z | 2025-12-16T01:36:48.000Z |
| msrc_cve-2023-53401 | mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required() | 2025-09-02T00:00:00.000Z | 2025-12-13T01:01:40.000Z |
| msrc_cve-2023-53387 | scsi: ufs: core: Fix device management cmd timeout flow | 2025-09-02T00:00:00.000Z | 2025-12-16T01:37:11.000Z |
| msrc_cve-2023-53383 | irqchip/gicv3: Workaround for NVIDIA erratum T241-FABRIC-4 | 2025-09-02T00:00:00.000Z | 2025-12-13T01:01:29.000Z |
| msrc_cve-2023-53376 | scsi: mpi3mr: Use number of bits to manage bitmap sizes | 2025-09-02T00:00:00.000Z | 2025-12-15T14:36:14.000Z |
| msrc_cve-2023-53371 | net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create | 2025-09-02T00:00:00.000Z | 2025-12-17T01:38:56.000Z |
| msrc_cve-2023-53370 | drm/amdgpu: fix memory leak in mes self test | 2025-09-02T00:00:00.000Z | 2025-12-16T01:37:37.000Z |
| msrc_cve-2023-53367 | accel/habanalabs: fix mem leak in capture user mappings | 2025-09-02T00:00:00.000Z | 2025-12-16T01:37:04.000Z |
| msrc_cve-2023-53366 | block: be a bit more careful in checking for NULL bdev while polling | 2025-09-02T00:00:00.000Z | 2025-12-13T01:01:18.000Z |
| msrc_cve-2023-53355 | staging: pi433: fix memory leak with using debugfs_lookup() | 2025-09-02T00:00:00.000Z | 2025-12-12T01:02:10.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2020-000068 | WordPress Plugin "Live Chat - Live support" vulnerable to cross-site request forgery | 2020-10-14T15:32+09:00 | 2020-10-14T15:32+09:00 |
| jvndb-2020-008931 | Trend Micro Antivirus for Mac vulnerable to a privilege escalation | 2020-10-07T15:10+09:00 | 2020-10-07T15:10+09:00 |
| jvndb-2020-000067 | OS command injection vulnerability in multiple ELECOM LAN routers | 2020-10-05T15:33+09:00 | 2020-10-05T15:33+09:00 |
| jvndb-2020-000066 | InfoCage SiteShell installs their files with improper access permissions | 2020-09-30T15:37+09:00 | 2020-09-30T15:37+09:00 |
| jvndb-2020-008821 | CMONOS.JP vulnerable to cross-site scripting | 2020-09-28T18:10+09:00 | 2020-09-28T18:10+09:00 |
| jvndb-2020-008762 | ServerProtect for Linux vulnerable to OS command injection | 2020-09-28T15:52+09:00 | 2020-09-28T15:52+09:00 |
| jvndb-2020-000064 | Multiple vulnerabilities in Active Update function implemented in multiple Trend Micro products | 2020-09-23T15:26+09:00 | 2020-09-23T15:26+09:00 |
| jvndb-2020-000065 | Multiple access restriction bypass vulnerabilities in UNIQLO App | 2020-09-17T14:41+09:00 | 2020-09-17T14:41+09:00 |
| jvndb-2020-000063 | Multiple vulnerabilities in Buffalo AirStation WHR-G54S | 2020-09-11T15:57+09:00 | 2020-09-11T15:57+09:00 |
| jvndb-2020-000062 | Yodobashi App for Android fails to restrict access permissions | 2020-09-07T14:24+09:00 | 2020-09-07T14:24+09:00 |
| jvndb-2020-000059 | CLUSTERPRO X and EXPRESSCLUSTER X vulnerable to XML external entity injection (XXE) | 2020-08-31T15:10+09:00 | 2020-08-31T15:10+09:00 |
| jvndb-2020-000060 | "Shadankun Server Security Type" vulnerable to denial-of-service (DoS) | 2020-08-31T14:41+09:00 | 2020-08-31T14:41+09:00 |
| jvndb-2020-000056 | Multiple NETGEAR switching hubs vulnerable to cross-site request forgery | 2020-08-28T15:33+09:00 | 2020-08-28T15:33+09:00 |
| jvndb-2020-000058 | Multiple vulnerabilities in XOOPS module "XooNIps" | 2020-08-27T15:37+09:00 | 2020-08-27T15:37+09:00 |
| jvndb-2020-000057 | NITORI App fails to restrict access permissions | 2020-08-26T15:34+09:00 | 2020-08-26T15:34+09:00 |
| jvndb-2020-000055 | Apache Struts 2 vulnerable to denial-of-service (DoS) | 2020-08-25T13:59+09:00 | 2022-08-09T13:57+09:00 |
| jvndb-2020-000054 | Multiple cross-site scripting vulnerabilities in Exment | 2020-08-21T14:34+09:00 | 2020-08-21T14:34+09:00 |
| jvndb-2020-000053 | Multiple vulnerabilities in CyberMail | 2020-08-11T14:20+09:00 | 2020-08-11T14:20+09:00 |
| jvndb-2020-007128 | DoS Vulnerability in HiRDB | 2020-08-03T16:37+09:00 | 2020-08-03T16:37+09:00 |
| jvndb-2020-007127 | Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center | 2020-08-03T16:36+09:00 | 2020-08-03T16:36+09:00 |
| jvndb-2020-000052 | SKYSEA Client View vulnerable to privilege escalation | 2020-08-03T14:59+09:00 | 2020-08-03T14:59+09:00 |
| jvndb-2020-000051 | Multiple vulnerabilities in multiple PHP Factory products | 2020-07-31T16:29+09:00 | 2020-07-31T16:29+09:00 |
| jvndb-2020-000050 | FANUC i Series CNC vulnerable to denial-of-service (DoS) | 2020-07-31T14:29+09:00 | 2020-07-31T14:29+09:00 |
| jvndb-2020-000049 | TOYOTA MOTOR's Global TechStream vulnerable to buffer overflow | 2020-07-29T14:48+09:00 | 2020-10-08T18:08+09:00 |
| jvndb-2020-000047 | JavaFX WebEngine does not properly restrict Java method execution | 2020-07-28T15:47+09:00 | 2020-07-28T15:47+09:00 |
| jvndb-2020-000048 | Multiple vulnerabilities in KonaWiki2 and KonaWiki3 | 2020-07-28T15:38+09:00 | 2020-07-28T15:38+09:00 |
| jvndb-2020-000046 | WordPress Plugin "Social Sharing Plugin" vulnerable to cross-site request forgery | 2020-07-22T14:24+09:00 | 2020-07-22T14:24+09:00 |
| jvndb-2020-006617 | Cross-site Scripting Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2020-07-14T10:40+09:00 | 2020-07-14T10:40+09:00 |
| jvndb-2020-006586 | Server Side Request Forgery Vulnerability in Hitachi Ops Center Analyzer viewpoint | 2020-07-13T14:25+09:00 | 2020-07-13T14:25+09:00 |
| jvndb-2020-006469 | Multiple vulnerabilities in TCP/IP function on Mitsubishi Electric GOT2000 series | 2020-07-09T15:46+09:00 | 2020-07-09T15:46+09:00 |
| ID | Description | Updated |
|---|