Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-r879-mf96-p9qf | CVE-2025-59596 is a denial-of-service vulnerability in Secure Access Windows client versions 12.0 … | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ghsa-ph8v-q2pj-5pg4 | Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the upda… | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ghsa-h64p-rwjv-9xcw | A maliciously crafted project file may cause a heap-based buffer overflow in Fuji Electric Monito… | 2025-11-05T00:31:33Z | 2025-11-05T00:31:33Z |
| ghsa-xh2h-xr83-rv32 | An issue was discovered in the Secure Boot component in Samsung Mobile Processor and Wearable Proce… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:33Z |
| ghsa-x7cq-fpc4-629v | Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibe… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-x649-8g7w-vfq7 | Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibe… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-q7rw-xpv8-759x | An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 10… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-mc8g-h5jq-wxvm | An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-jpjx-vf8p-rx6j | An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem. Mishandling of … | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-hqf8-533m-fqgc | NVIDIA NVApp for Windows contains a vulnerability in the installer, where a local attacker can caus… | 2025-11-04T21:31:36Z | 2025-11-04T21:31:36Z |
| ghsa-fm9h-jr58-3cph | NVIDIA RunAI for all platforms contains a vulnerability where a user could cause an improper restri… | 2025-11-04T21:31:36Z | 2025-11-04T21:31:36Z |
| ghsa-9gvj-29qh-j9fx | An issue was discovered in the GPU in Samsung Mobile Processor and Wearable Processor Exynos 1280, … | 2025-11-04T21:31:36Z | 2025-11-05T00:31:33Z |
| ghsa-4qqm-257h-w336 | A reflected cross-site scripted (XSS) vulnerability in the /jsp/gsfr_feditorHTML.jsp endpoint of Zu… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-4hrg-69hg-xq77 | Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes … | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-4c2j-p6fq-fm4p | Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Mulesoft Anypoint… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:32Z |
| ghsa-3jhf-jgrg-mcw3 | An issue was discovered in the GPU driver in Samsung Mobile Processor Exynos 1480, 2400, 1580, 2500… | 2025-11-04T21:31:36Z | 2025-11-05T00:31:33Z |
| ghsa-cgq7-3vmm-7c3m | Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoi… | 2025-11-04T21:31:35Z | 2025-11-05T00:31:32Z |
| ghsa-xjw6-gm63-g5h8 | An issue was discovered in the NPU driver in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480… | 2025-11-04T21:31:34Z | 2025-11-04T21:31:34Z |
| ghsa-v9vj-4829-7862 | An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in th… | 2025-11-04T21:31:34Z | 2025-11-04T21:31:34Z |
| ghsa-rr2v-x53x-8p62 | The Survision LPR Camera system does not enforce password protection by default. This allows access… | 2025-11-04T21:31:34Z | 2025-11-04T21:31:34Z |
| ghsa-jw3q-wg8m-2gvw | An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in th… | 2025-11-04T21:31:34Z | 2025-11-05T00:31:32Z |
| ghsa-75vx-vv5g-q5cq | Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoi… | 2025-11-04T21:31:34Z | 2025-11-05T00:31:32Z |
| ghsa-5pmx-7r6r-wfqq | Kgateway transformation policy template can emit files from the container | 2025-11-04T18:58:22Z | 2025-11-04T18:58:22Z |
| ghsa-4766-x535-jw3r | kgateway is missing xDS authorization | 2025-11-04T18:39:31Z | 2025-11-07T16:42:45Z |
| ghsa-x8rr-g8p8-jww3 | An issue was discovered in the camera in Samsung Mobile Processor Exynos 980, 990, 850, 1080, 2100,… | 2025-11-04T18:31:58Z | 2025-11-04T21:31:34Z |
| ghsa-q4wg-4r43-jqjx | Radiometrics VizAir is vulnerable to any remote attacker via access to the admin panel of the VizAi… | 2025-11-04T18:31:58Z | 2025-11-04T18:31:58Z |
| ghsa-p4q9-wr86-5gjc | Radiometrics VizAir is vulnerable to exposure of the system's REST API key through a publicly acces… | 2025-11-04T18:31:58Z | 2025-11-04T18:31:58Z |
| ghsa-j7wh-wg9r-4cm7 | An issue was discovered in NPU in Samsung Mobile Processor Exynos through July 2025. There is an Ou… | 2025-11-04T18:31:58Z | 2025-11-04T18:31:58Z |
| ghsa-c9f7-5jg4-r3jr | codeshare v1.0.0 was discovered to contain an information leakage vulnerability. | 2025-11-04T18:31:58Z | 2025-11-04T18:31:58Z |
| ghsa-88pr-7pr7-5qgq | An issue was discovered in NPU in Samsung Mobile Processor Exynos through July 2025. There is an Un… | 2025-11-04T18:31:58Z | 2025-11-04T21:31:34Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-21079 | 7.1 (v3.1) | Improper input validation in Samsung Members prio… |
Samsung Mobile |
Samsung Members |
2025-11-05T05:41:01.576Z | 2025-11-05T17:09:18.091Z |
| cve-2025-21078 | 8.8 (v3.1) | Use of insufficiently random value of secretKey i… |
Samsung Mobile |
Smart Switch |
2025-11-05T05:41:00.294Z | 2025-11-06T04:55:33.954Z |
| cve-2025-21077 | 3.3 (v3.1) | Improper input validation in Samsung Email prior … |
Samsung Mobile |
Samsung Email |
2025-11-05T05:40:58.968Z | 2025-11-07T14:26:08.837Z |
| cve-2025-21076 | 5.5 (v3.1) | Improper handling of insufficient permissions or … |
Samsung Mobile |
Samsung Account |
2025-11-05T05:40:57.790Z | 2025-11-07T14:26:14.798Z |
| cve-2025-21075 | 4.3 (v3.1) | Out-of-bounds write in libimagecodec.quram.so pri… |
Samsung Mobile |
Samsung Mobile Devices |
2025-11-05T05:40:55.557Z | 2025-11-07T14:26:20.469Z |
| cve-2025-21074 | 4.3 (v3.1) | Out-of-bounds read in libimagecodec.quram.so prio… |
Samsung Mobile |
Samsung Mobile Devices |
2025-11-05T05:40:54.365Z | 2025-11-05T05:40:54.365Z |
| cve-2025-21073 | 6.8 (v3.1) | Insecure default configuration in USB connection … |
Samsung Mobile |
Samsung Mobile Devices |
2025-11-05T05:40:53.213Z | 2025-11-05T05:40:53.213Z |
| cve-2025-21071 | 5.7 (v3.1) | Out-of-bounds write in handling opcode in fingerp… |
Samsung Mobile |
Samsung Mobile Devices |
2025-11-05T05:40:51.956Z | 2025-11-06T04:55:33.154Z |
| cve-2025-11749 | AI Engine <= 3.1.3 - Unauthenticated Sensitive Informa… |
tigroumeow |
AI Engine |
2025-11-05T05:31:25.156Z | 2025-11-05T14:39:43.748Z | |
| cve-2025-12197 | The Events Calendar 6.15.1.1 - 6.15.9 - Unauthenticate… |
stellarwp |
The Events Calendar |
2025-11-05T04:36:58.788Z | 2025-11-05T14:39:57.142Z | |
| cve-2025-11162 | Spectra <= 2.19.14 - Authenticated (Contributor+) Stor… |
brainstormforce |
Spectra Gutenberg Blocks – Website Builder for the Block Editor |
2025-11-05T04:36:58.130Z | 2025-11-05T18:47:49.874Z | |
| cve-2025-11835 | Paid Membership Subscriptions – Effortless Memberships… |
cozmoslabs |
Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction |
2025-11-05T03:27:57.526Z | 2025-11-07T14:26:27.092Z | |
| cve-2025-12580 | SMS for WordPress <= 1.1.8 - Reflected Cross-Site Scripting |
stanleychoi |
SMS for WordPress |
2025-11-05T03:27:56.949Z | 2025-11-07T14:26:33.712Z | |
| cve-2025-12582 | Features <= 0.0.2 - Missing Authorization to Authentic… |
klicher |
Features |
2025-11-05T02:25:52.638Z | 2025-11-05T18:57:22.260Z | |
| cve-2025-8871 | Everest Forms (Pro) <= 1.9.7 - Unauthenticated PHP Obj… |
WPEverest |
Everest Forms Pro |
2025-11-05T02:25:52.044Z | 2025-11-05T18:56:40.395Z | |
| cve-2025-12735 | CVE-2025-12735 |
silentmatt |
expr-eval |
2025-11-05T00:22:55.297Z | 2025-11-10T14:07:11.995Z | |
| cve-2025-63601 | N/A | Snipe-IT before version 8.3.3 contains a remote c… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-10T16:40:21.341Z |
| cve-2025-63585 | N/A | OSSN (Open Source Social Network) 8.6 is vulnerab… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-06T21:21:50.790Z |
| cve-2025-63418 | N/A | A DOM-based Cross-Site Scripting (XSS) vulnerabil… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-06T16:56:12.356Z |
| cve-2025-63417 | N/A | A Stored Cross-Site Scripting (XSS) vulnerability… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-06T16:58:11.284Z |
| cve-2025-63416 | N/A | ** exclusively-hosted-service ** A Stored Cross-S… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T19:08:09.280Z |
| cve-2025-63334 | N/A | PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 cont… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T20:18:30.677Z |
| cve-2025-63248 | N/A | DWSurvey 6.14.0 is vulnerable to Incorrect Access… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T20:03:23.117Z |
| cve-2025-61304 | N/A | OS command injection vulnerability in Dynatrace A… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T19:26:14.228Z |
| cve-2025-61084 | N/A | MDaemon Mail Server 23.5.2 validates SPF, DKIM, a… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T15:13:15.646Z |
| cve-2025-60784 | N/A | A vulnerability in the XiaozhangBang Voluntary Li… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T21:01:51.302Z |
| cve-2025-60753 | N/A | An issue was discovered in libarchive bsdtar befo… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T15:44:31.278Z |
| cve-2025-59716 | N/A | ownCloud Guests before 0.12.5 allows unauthentica… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T20:10:32.262Z |
| cve-2025-57244 | N/A | OpenKM Community Edition 6.3.12 is vulnerable to … |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T19:57:23.140Z |
| cve-2025-57130 | An Incorrect Access Control vulnerability in the … |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T16:20:49.984Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-46784 | A denial of service vulnerability exists in the l… |
Entr'ouvert |
Lasso |
2025-11-05T14:56:57.782Z | 2025-11-05T22:34:21.323Z | |
| cve-2025-46705 | A denial of service vulnerability exists in the g… |
Entr'ouvert |
Lasso |
2025-11-05T14:56:55.535Z | 2025-11-05T22:36:34.501Z | |
| cve-2025-46404 | A denial of service vulnerability exists in the l… |
Entr'ouvert |
Lasso |
2025-11-05T14:56:59.671Z | 2025-11-05T22:36:18.932Z | |
| cve-2025-3125 | 6.7 (v3.1) | Authenticated Arbitrary File Upload in Multiple WSO2 P… |
WSO2 |
WSO2 Identity Server |
2025-11-05T14:49:44.597Z | 2025-11-05T18:59:01.426Z |
| cve-2025-12497 | Premium Portfolio Features for Phlox theme <= 2.3.10 -… |
averta |
Premium Portfolio Features for Phlox theme |
2025-11-05T11:24:40.177Z | 2025-11-05T15:03:20.522Z | |
| cve-2025-11745 | Ad Inserter <= 2.8.7 - Authenticated (Contributor+) St… |
spacetime |
Ad Inserter – Ad Manager & AdSense Ads |
2025-11-05T11:24:40.781Z | 2025-11-05T11:24:40.781Z | |
| cve-2025-58337 | Apache Doris-MCP-Server: Improper Access Control resul… |
Apache Software Foundation |
Apache Doris-MCP-Server |
2025-11-05T09:26:36.573Z | 2025-11-06T15:55:05.901Z | |
| cve-2025-12469 | FunnelKit Automations – Email Marketing Automation and… |
amans2k |
FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce |
2025-11-05T09:27:40.199Z | 2025-11-05T15:39:59.784Z | |
| cve-2025-12468 | FunnelKit Automations – Email Marketing Automation and… |
amans2k |
FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce |
2025-11-05T09:27:39.398Z | 2025-11-05T15:43:54.382Z | |
| cve-2025-12192 | The Events Calendar <= 6.15.9 - Sysinfo Key Incorrect … |
stellarwp |
The Events Calendar |
2025-11-05T09:27:40.562Z | 2025-11-05T15:15:28.224Z | |
| cve-2025-11987 | Visual Link Preview <= 2.2.7 - Authenticated (Contribu… |
brechtvds |
Visual Link Preview |
2025-11-05T09:27:39.799Z | 2025-11-05T15:43:22.991Z | |
| cve-2025-11820 | Graphina – Elementor Charts and Graphs <= 3.1.8 - Auth… |
iqonicdesign |
Graphina – Charts and Graphs For Elementor |
2025-11-05T09:27:38.778Z | 2025-11-05T15:44:24.788Z | |
| cve-2025-55108 | 9.5 (v4.0) 10 (v3.1) | BMC Control-M/Agent default configuration does not enf… |
BMC |
Control-M/Agent |
2025-11-05T09:07:29.915Z | 2025-11-06T04:55:31.161Z |
| cve-2025-12677 | KiotViet Sync <= 1.8.5 - Unauthenticated Webhook Key E… |
mykiot |
KiotViet Sync |
2025-11-05T07:27:55.399Z | 2025-11-05T14:21:40.476Z | |
| cve-2025-12676 | KiotViet Sync <= 1.8.5 - Use of Hard-coded Password to… |
mykiot |
KiotViet Sync |
2025-11-05T07:27:56.492Z | 2025-11-05T14:20:41.378Z | |
| cve-2025-12675 | KiotViet Sync <= 1.8.5 - Missing Authorization to Auth… |
mykiot |
KiotViet Sync |
2025-11-05T07:27:56.886Z | 2025-11-05T14:13:37.640Z | |
| cve-2025-12674 | KiotViet Sync <= 1.8.5 - Unauthenticated Arbitrary Fil… |
mykiot |
KiotViet Sync |
2025-11-05T07:27:56.065Z | 2025-11-05T14:21:06.844Z | |
| cve-2025-10622 | 8 (v3.1) | Foreman: os command injection via ct_location and fcct… |
Red Hat |
Red Hat Satellite 6.15 for RHEL 8 |
2025-11-05T07:32:14.390Z | 2025-11-06T21:06:37.850Z |
| cve-2025-64151 | 6.7 (v3.0) 8.4 (v4.0) | Multiple Roboticsware products provided by Roboti… |
Roboticsware PTE. LTD. |
FA-Panel6 |
2025-11-05T06:19:25.053Z | 2025-11-05T17:08:42.226Z |
| cve-2025-62225 | 6.7 (v3.0) 8.4 (v4.0) | Optical Disc Archive Software provided by Sony Co… |
Sony Corporation |
Optical Disc Archive Software (for Windows) |
2025-11-05T06:19:44.575Z | 2025-11-05T16:42:44.405Z |
| cve-2025-12388 | B Carousel Block – Responsive Image and Content Carous… |
bplugins |
Carousel Block – Responsive Image and Content Carousel |
2025-11-05T06:35:01.390Z | 2025-11-05T14:23:30.683Z | |
| cve-2025-12384 | Document Embedder – Embed PDFs, Word, Excel, and Other… |
bplugins |
Document Embedder – Embed PDFs, Word, Excel, and Other Files |
2025-11-05T06:35:02.300Z | 2025-11-05T14:22:37.337Z | |
| cve-2025-12139 | File Manager for Google Drive – Integrate Google Drive… |
princeahmed |
File Manager for Google Drive – Integrate Google Drive |
2025-11-05T06:35:00.585Z | 2025-11-05T14:35:34.262Z | |
| cve-2025-11917 | WPeMatico RSS Feed Fetcher <= 2.8.11 - Authenticated (… |
etruel |
WPeMatico RSS Feed Fetcher |
2025-11-05T06:34:59.886Z | 2025-11-05T15:45:19.848Z | |
| cve-2025-11373 | Popup and Slider Builder by Depicter – Add Email colle… |
averta |
Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel |
2025-11-05T06:35:00.978Z | 2025-11-05T14:24:11.253Z | |
| cve-2025-6027 | N/A | Ace User Management <= 2.0.3 - Subscriber+ Authenticat… |
Unknown |
Ace User Management |
2025-11-05T06:00:07.919Z | 2025-11-05T18:35:20.331Z |
| cve-2025-21079 | 7.1 (v3.1) | Improper input validation in Samsung Members prio… |
Samsung Mobile |
Samsung Members |
2025-11-05T05:41:01.576Z | 2025-11-05T17:09:18.091Z |
| cve-2025-21078 | 8.8 (v3.1) | Use of insufficiently random value of secretKey i… |
Samsung Mobile |
Smart Switch |
2025-11-05T05:41:00.294Z | 2025-11-06T04:55:33.954Z |
| cve-2025-21077 | 3.3 (v3.1) | Improper input validation in Samsung Email prior … |
Samsung Mobile |
Samsung Email |
2025-11-05T05:40:58.968Z | 2025-11-07T14:26:08.837Z |
| cve-2025-21076 | 5.5 (v3.1) | Improper handling of insufficient permissions or … |
Samsung Mobile |
Samsung Account |
2025-11-05T05:40:57.790Z | 2025-11-07T14:26:14.798Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-0000-amazon-inspector-ea703e4ae5834db4 | Malicious code in meteor-pulsar-prompts-test (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea6fae893ca9d8e8 | Malicious code in typeorm-umbriel-phenomic-sirius (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea6ec642046a778f | Malicious code in chalk-ursa-leda-pegasus (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea6bee7aa7b2d9c8 | Malicious code in kronos-async-library-io (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea68645694de9a18 | Malicious code in run-script-update-tethys-jovian (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea682a7772329c27 | Malicious code in framework-rigel-xenos-jest (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea66277b18e096e1 | Malicious code in oauth-barnard-resolvers-cosmiconfig (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea5240b3ede1f920 | Malicious code in relay-xenon-arcturus-canopus (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea51c59828653ba5 | Malicious code in eclipse-frontend-janus-mira (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea43da98149058de | Malicious code in wezen-magellan-cassini-auth (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea3f1b19c53e089c | Malicious code in nodemon-thuban-child-process-element-ui (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea3e18f836ea20c7 | Malicious code in winston-phoebe-aquarius-aurora (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea326df72c38f7ac | Malicious code in buffer-norma-fornax-sedna (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea2fcbba4aafcd87 | Malicious code in query-bellatrix-helmet-spectron-webdriver (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea2dba0f2f9be6ad | Malicious code in terser-webpack-plugin-csv-transform-native (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea2d95071968989c | Malicious code in transform-start-halley-cassini (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea277790b8fe234a | Malicious code in envconfig-nconf-magellan-gemini (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea1ef2938b730cd9 | Malicious code in stop-websockets-spica-antd (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea1a18f9f0dce5f0 | Malicious code in mensa-halley-bootstrap-rocket (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-ea094eb5bef67aa6 | Malicious code in lint-staged-link-promise-iota (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-e9ffff8cf6a504a5 | Malicious code in soap-pavo-terser-got (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-e9f9bf5aeb826785 | Malicious code in cache-shelljs-europa-kinetic (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-e9f900c6a3ea209c | Malicious code in chromedriver-aldebaran-helmet-bunyan (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-e9f77ad82d11d28f | Malicious code in cli-xerxes-less-gulp (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-e9f0d0334ae7410a | Malicious code in umbra-octans-soap-jekyll (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-e9ddfcaa81c5d467 | Malicious code in babel-jasmine-castor-sqlite (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-e9dc5b75c820f660 | Malicious code in prettier-plugin-markdown-proxima-webdriver-manager-kastra (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-e9db60a5246fcddf | Malicious code in callisto-readable-europa-pegasus (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-e9d6db8fd657c403 | Malicious code in pipe-umbra-mira-concurrently (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-0000-amazon-inspector-e9cd593eb7cd0784 | Malicious code in titan-polaris-wolf-standard (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:13604 | Red Hat Security Advisory: python-requests security update | 2025-08-11T10:27:10+00:00 | 2025-11-11T13:20:49+00:00 |
| rhsa-2025:13598 | Red Hat Security Advisory: kernel security update | 2025-08-11T10:17:25+00:00 | 2025-11-11T09:06:15+00:00 |
| rhsa-2025:13589 | Red Hat Security Advisory: kernel security update | 2025-08-11T09:52:50+00:00 | 2025-11-11T09:06:13+00:00 |
| rhsa-2025:13590 | Red Hat Security Advisory: kernel-rt security update | 2025-08-11T09:43:30+00:00 | 2025-11-11T09:06:13+00:00 |
| rhsa-2025:13578 | Red Hat Security Advisory: python3.11-setuptools security update | 2025-08-11T07:49:30+00:00 | 2025-11-07T03:32:29+00:00 |
| rhsa-2025:13577 | Red Hat Security Advisory: unbound security update | 2025-08-11T07:48:10+00:00 | 2025-11-06T23:42:00+00:00 |
| rhsa-2025:13575 | Red Hat Security Advisory: unbound security update | 2025-08-11T07:37:35+00:00 | 2025-11-06T23:41:59+00:00 |
| rhsa-2025:13576 | Red Hat Security Advisory: unbound security update | 2025-08-11T07:35:50+00:00 | 2025-11-06T23:42:00+00:00 |
| rhsa-2025:12323 | Red Hat Security Advisory: OpenShift Container Platform 4.12.79 bug fix and security update | 2025-08-07T18:02:35+00:00 | 2025-11-11T16:22:16+00:00 |
| rhsa-2025:13464 | Red Hat Security Advisory: libxml2 security update | 2025-08-07T16:06:15+00:00 | 2025-11-06T23:41:59+00:00 |
| rhsa-2025:13269 | Red Hat Security Advisory: Satellite 6.17.3 Async Update | 2025-08-07T14:20:10+00:00 | 2025-11-06T22:56:27+00:00 |
| rhsa-2025:13428 | Red Hat Security Advisory: libxml2 security update | 2025-08-07T13:37:10+00:00 | 2025-11-06T23:14:39+00:00 |
| rhsa-2025:13429 | Red Hat Security Advisory: libxml2 security update | 2025-08-07T13:27:50+00:00 | 2025-11-06T23:14:38+00:00 |
| rhsa-2025:13010 | Red Hat Security Advisory: Red Hat build of Quarkus 3.20.2 release and security update | 2025-08-07T10:54:22+00:00 | 2025-11-11T16:22:03+00:00 |
| rhsa-2025:13012 | Red Hat Security Advisory: Red Hat build of Quarkus 3.15.6 release and security update | 2025-08-07T10:51:36+00:00 | 2025-11-11T16:22:03+00:00 |
| rhsa-2025:13335 | Red Hat Security Advisory: Insights proxy Container Image | 2025-08-07T07:50:20+00:00 | 2025-11-11T16:23:02+00:00 |
| rhsa-2025:13276 | Red Hat Security Advisory: updated RHEL-8 based Middleware Containers container images | 2025-08-07T06:31:06+00:00 | 2025-11-06T23:41:57+00:00 |
| rhsa-2025:13315 | Red Hat Security Advisory: gdk-pixbuf2 security update | 2025-08-07T06:30:49+00:00 | 2025-11-07T18:35:43+00:00 |
| rhsa-2025:13312 | Red Hat Security Advisory: libxml2 security update | 2025-08-07T05:32:29+00:00 | 2025-11-06T23:41:58+00:00 |
| rhsa-2025:13314 | Red Hat Security Advisory: libxml2 security update | 2025-08-07T05:31:09+00:00 | 2025-11-06T23:41:59+00:00 |
| rhsa-2025:13311 | Red Hat Security Advisory: libxml2 security update | 2025-08-07T05:26:59+00:00 | 2025-11-06T23:41:58+00:00 |
| rhsa-2025:13313 | Red Hat Security Advisory: libxml2 security update | 2025-08-07T05:24:59+00:00 | 2025-11-06T23:41:58+00:00 |
| rhsa-2025:13310 | Red Hat Security Advisory: libxml2 security update | 2025-08-07T04:47:29+00:00 | 2025-11-06T23:41:58+00:00 |
| rhsa-2025:13308 | Red Hat Security Advisory: libxml2 security update | 2025-08-07T04:45:04+00:00 | 2025-11-06T23:41:57+00:00 |
| rhsa-2025:13309 | Red Hat Security Advisory: libxml2 security update | 2025-08-07T04:44:19+00:00 | 2025-11-06T23:41:57+00:00 |
| rhsa-2025:13307 | Red Hat Security Advisory: pcs security update | 2025-08-07T03:28:18+00:00 | 2025-11-06T22:56:23+00:00 |
| rhsa-2025:12325 | Red Hat Security Advisory: OpenShift Container Platform 4.12.79 security and extras update | 2025-08-07T00:32:00+00:00 | 2025-11-06T22:56:19+00:00 |
| rhsa-2025:12372 | Red Hat Security Advisory: OpenShift Container Platform 4.15.56 security and extras update | 2025-08-06T22:56:24+00:00 | 2025-11-06T22:56:20+00:00 |
| rhsa-2025:12439 | Red Hat Security Advisory: OpenShift Container Platform 4.17.37 security and extras update | 2025-08-06T22:53:00+00:00 | 2025-11-06T22:56:20+00:00 |
| rhsa-2025:13274 | Red Hat Security Advisory: Red Hat AMQ Broker 7.13.1 release and security update | 2025-08-06T16:17:31+00:00 | 2025-11-11T16:22:30+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-38182 | ublk: santizize the arguments from userspace when adding a device | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38181 | calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38180 | net: atm: fix /proc/net/atm/lec handling | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38174 | thunderbolt: Do not double dequeue a configuration request | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38173 | crypto: marvell/cesa - Handle zero-length skcipher requests | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38170 | arm64/fpsimd: Discard stale CPU state when handling SME traps | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38167 | fs/ntfs3: handle hdr_first_de() return value | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38166 | bpf: fix ktls panic with sockmap | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38165 | bpf, sockmap: Fix panic when calling skb_linearize | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38163 | f2fs: fix to do sanity check on sbi->total_valid_block_count | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38162 | netfilter: nft_set_pipapo: prevent overflow in lookup table allocation | 2025-07-02T00:00:00.000Z | 2025-09-04T01:32:26.000Z |
| msrc_cve-2025-38161 | RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38160 | clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38159 | wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38158 | hisi_acc_vfio_pci: fix XQE dma address error | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38157 | wifi: ath9k_htc: Abort software beacon handling if disabled | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38155 | wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38153 | net: usb: aqc111: fix error handling of usbnet read calls | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38149 | net: phy: clear phydev->devlink when the link is deleted | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38148 | net: phy: mscc: Fix memory leak when using one step timestamping | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38147 | calipso: Don't call calipso functions for AF_INET sk. | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38146 | net: openvswitch: Fix the dead loop of MPLS parse | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38145 | soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38143 | backlight: pm8941: Add NULL check in wled_configure() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38142 | hwmon: (asus-ec-sensors) check sensor index in read_string() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38140 | dm: limit swapping tables for devices with zone write plugs | 2025-07-02T00:00:00.000Z | 2025-09-04T01:41:02.000Z |
| msrc_cve-2025-38138 | dmaengine: ti: Add NULL check in udma_probe() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38136 | usb: renesas_usbhs: Reorder clock handling and power management in probe | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38135 | serial: Fix potential null-ptr-deref in mlb_usio_probe() | 2025-07-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38132 | coresight: holding cscfg_csdev_lock while removing cscfg from csdev | 2025-07-02T00:00:00.000Z | 2025-09-04T01:39:05.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2020-000051 | Multiple vulnerabilities in multiple PHP Factory products | 2020-07-31T16:29+09:00 | 2020-07-31T16:29+09:00 |
| jvndb-2020-000050 | FANUC i Series CNC vulnerable to denial-of-service (DoS) | 2020-07-31T14:29+09:00 | 2020-07-31T14:29+09:00 |
| jvndb-2020-000049 | TOYOTA MOTOR's Global TechStream vulnerable to buffer overflow | 2020-07-29T14:48+09:00 | 2020-10-08T18:08+09:00 |
| jvndb-2020-000047 | JavaFX WebEngine does not properly restrict Java method execution | 2020-07-28T15:47+09:00 | 2020-07-28T15:47+09:00 |
| jvndb-2020-000048 | Multiple vulnerabilities in KonaWiki2 and KonaWiki3 | 2020-07-28T15:38+09:00 | 2020-07-28T15:38+09:00 |
| jvndb-2020-000046 | WordPress Plugin "Social Sharing Plugin" vulnerable to cross-site request forgery | 2020-07-22T14:24+09:00 | 2020-07-22T14:24+09:00 |
| jvndb-2020-006617 | Cross-site Scripting Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2020-07-14T10:40+09:00 | 2020-07-14T10:40+09:00 |
| jvndb-2020-006586 | Server Side Request Forgery Vulnerability in Hitachi Ops Center Analyzer viewpoint | 2020-07-13T14:25+09:00 | 2020-07-13T14:25+09:00 |
| jvndb-2020-006469 | Multiple vulnerabilities in TCP/IP function on Mitsubishi Electric GOT2000 series | 2020-07-09T15:46+09:00 | 2020-07-09T15:46+09:00 |
| jvndb-2020-000045 | SHIRASAGI vulnerable to open redirect | 2020-07-09T15:08+09:00 | 2020-07-09T15:08+09:00 |
| jvndb-2020-000043 | Android App "Mercari" (Japan version) vulnerable to arbitrary method execution of the Java object | 2020-07-08T16:04+09:00 | 2020-07-08T16:04+09:00 |
| jvndb-2020-000042 | Multiple vulnerabilities in Cybozu Garoon | 2020-06-29T16:17+09:00 | 2020-06-29T16:17+09:00 |
| jvndb-2020-006031 | DoS Vulnerability in Hitachi Device Manager | 2020-06-29T12:25+09:00 | 2020-06-29T12:25+09:00 |
| jvndb-2020-000040 | Chrome Extension for e-Tax Reception System vulnerable to arbitrary command execution | 2020-06-24T14:25+09:00 | 2020-06-24T14:25+09:00 |
| jvndb-2020-005854 | Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series vulnerable to cleartext transmission of sensitive information | 2020-06-24T10:32+09:00 | 2020-06-24T10:32+09:00 |
| jvndb-2020-005743 | Vulnerability in Cosminexus HTTP Server | 2020-06-22T15:40+09:00 | 2020-06-22T15:40+09:00 |
| jvndb-2020-000039 | EC-CUBE vulnerable to directory traversal | 2020-06-18T13:48+09:00 | 2020-06-18T13:48+09:00 |
| jvndb-2020-005443 | Path Traversal Vulnerability in Hitachi Automation Director and Hitachi Ops Center Automator | 2020-06-15T16:29+09:00 | 2020-06-15T16:29+09:00 |
| jvndb-2020-000038 | Multiple vulnerabilities in Zenphoto | 2020-06-11T17:17+09:00 | 2020-06-11T17:17+09:00 |
| jvndb-2020-000037 | Multiple SONY Wireless Headphones allow improper Bluetooth pairing | 2020-06-09T15:49+09:00 | 2020-06-09T15:49+09:00 |
| jvndb-2020-000036 | XACK DNS vulnerable to denial-of-service (DoS) | 2020-06-05T15:16+09:00 | 2020-06-05T15:16+09:00 |
| jvndb-2020-000035 | Multiples security updates for multiple Cybozu products | 2020-05-29T15:40+09:00 | 2020-05-29T15:40+09:00 |
| jvndb-2020-004667 | Privilege escalation vulnerability in Hitachi Ops Center Common Services | 2020-05-25T16:17+09:00 | 2020-05-25T16:17+09:00 |
| jvndb-2020-000034 | Cybozu Desktop for Windows vulenerable to arbitrary code execution | 2020-05-25T15:09+09:00 | 2020-05-25T15:09+09:00 |
| jvndb-2020-000033 | WordPress Plugin "Paid Memberships Pro" vulnerable to SQL injection | 2020-05-19T16:07+09:00 | 2020-05-19T16:07+09:00 |
| jvndb-2020-000032 | Panasonic Video Insight VMS vulnerable to arbitrary code execution | 2020-05-19T16:04+09:00 | 2020-06-26T12:19+09:00 |
| jvndb-2020-004476 | DoS Vulnerability in JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2 | 2020-05-19T10:38+09:00 | 2020-05-19T10:38+09:00 |
| jvndb-2020-004477 | Multiple Vulnerabilities in Hitachi Compute Systems Manager | 2020-05-19T10:33+09:00 | 2020-05-19T10:33+09:00 |
| jvndb-2020-000031 | BookStack vulnerable to cross-site scripting | 2020-05-13T18:06+09:00 | 2020-05-13T18:06+09:00 |
| jvndb-2020-000030 | Multiple vulnerabilities in Movable Type | 2020-05-13T17:59+09:00 | 2020-05-13T17:59+09:00 |
| ID | Description | Updated |
|---|