Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-ch75-8925-99f9 | The Easy Upload Files During Checkout plugin for WordPress is vulnerable to arbitrary JavaScript fi… | 2025-11-04T15:31:35Z | 2025-11-04T15:31:35Z |
| ghsa-4288-2xw7-pwj3 | A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability al… | 2025-11-04T15:31:35Z | 2025-11-05T17:48:27Z |
| ghsa-2wgx-vx28-xj47 | A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability al… | 2025-11-04T15:31:35Z | 2025-11-05T17:48:27Z |
| ghsa-xc93-q32j-cpcg | Jellysweep uses uncontrolled data in image cache API endpoint | 2025-11-04T14:30:22Z | 2025-11-07T16:40:49Z |
| ghsa-w48v-8pqw-vj5q | The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More plugin f… | 2025-11-04T12:30:19Z | 2025-11-04T12:30:19Z |
| ghsa-rgx4-r686-q8hp | The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution (f… | 2025-11-04T12:30:19Z | 2025-11-04T12:30:19Z |
| ghsa-32wm-p53q-684m | An Insecure Direct Object Reference (IDOR) vulnerability exists in the vehicleId parameter, allowin… | 2025-11-04T12:30:19Z | 2025-11-10T21:30:31Z |
| ghsa-xfp6-6hcf-pxmv | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-xc4v-px56-ffcm | In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This cou… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-wj47-wfm8-hj4g | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-v54w-8g4p-5f5m | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-rc8c-8rr9-cjj8 | In charger, there is a possible out of bounds write due to a missing bounds check. This could lead … | 2025-11-04T09:31:16Z | 2025-11-04T15:31:35Z |
| ghsa-pgj8-cqf2-v643 | In pda, there is a possible escalation of privilege due to use after free. This could lead to local… | 2025-11-04T09:31:16Z | 2025-11-04T21:31:34Z |
| ghsa-mr93-x45c-452v | In apusys, there is a possible memory corruption due to use after free. This could lead to local es… | 2025-11-04T09:31:16Z | 2025-11-04T21:31:34Z |
| ghsa-hq6m-98jg-5pq7 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T18:31:58Z |
| ghsa-h9gw-8vj6-p53w | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-ghx5-r834-wpjq | In preloader, there is a possible escalation of privilege due to an insecure default value. This co… | 2025-11-04T09:31:16Z | 2025-11-04T18:31:57Z |
| ghsa-g76h-fppr-42rm | In wlan STA driver, there is a possible out of bounds read due to a race condition. This could lead… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-8w39-8w74-7cr2 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T21:31:34Z |
| ghsa-8rfm-grwq-grhj | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-8hj4-v8cq-7cq7 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-87vm-96cg-xm6h | In wlan STA driver, there is a possible out of bounds write due to an incorrect bounds check. This … | 2025-11-04T09:31:16Z | 2025-11-04T18:31:57Z |
| ghsa-76gj-cmrv-mpmv | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T18:31:57Z |
| ghsa-6943-x92f-9fh2 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T21:31:34Z |
| ghsa-5p4x-8r2p-h43p | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T21:31:34Z |
| ghsa-4xwg-fxhm-6r9c | In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to lo… | 2025-11-04T09:31:16Z | 2025-11-05T00:31:32Z |
| ghsa-4whx-2x44-g86g | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T18:31:58Z |
| ghsa-4qwc-hr6c-mgjj | In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This cou… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-3w28-c3v9-22gp | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T21:31:34Z |
| ghsa-2fh7-g5h4-3598 | In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to… | 2025-11-04T09:31:16Z | 2025-11-04T18:31:57Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-55155 | MantisBT: Authentication bypass for some passwords due… |
mantisbt |
mantisbt |
2025-11-04T20:48:03.428Z | 2025-11-04T21:03:12.088Z | |
| cve-2025-48884 | Galette is vulnerable to XSS through Document Type |
galette |
galette |
2025-11-04T20:44:29.193Z | 2025-11-04T21:03:39.940Z | |
| cve-2025-48076 | Galette is vulnerable to Cross-site Scripting |
galette |
galette |
2025-11-04T20:40:09.121Z | 2025-11-04T21:04:06.991Z | |
| cve-2025-47776 | MantisBT: Authentication bypass for some passwords due… |
mantisbt |
mantisbt |
2025-11-04T20:31:01.759Z | 2025-11-05T18:48:23.378Z | |
| cve-2025-32786 | GLPI Inventory Plugin is Vulnerable to Unauthenticated… |
glpi-project |
glpi-inventory-plugin |
2025-11-04T20:18:43.581Z | 2025-11-05T18:48:29.572Z | |
| cve-2025-23358 | 8.2 (v3.1) | NVIDIA NVApp for Windows contains a vulnerability… |
NVIDIA |
NVApp |
2025-11-04T19:47:35.156Z | 2025-11-05T04:55:51.900Z |
| cve-2025-33176 | 6.2 (v3.1) | NVIDIA RunAI for all platforms contains a vulnera… |
NVIDIA |
RunAI |
2025-11-04T19:46:41.310Z | 2025-11-04T20:10:14.826Z |
| cve-2025-12108 | 9.3 (v4.0) | Missing Authentication for Critical Function Survision… |
Survision |
License Plate Recognition Camera |
2025-11-04T18:43:54.147Z | 2025-11-05T14:46:47.761Z |
| cve-2025-64322 | N/A | Incorrect Permission Assignment for Critical Reso… |
Salesforce |
Agentforce Vibes Extension |
2025-11-04T18:33:19.118Z | 2025-11-11T05:12:06.968Z |
| cve-2025-64321 | N/A | Improper Neutralization of Input Used for LLM Pro… |
Salesforce |
Agentforce Vibes Extension |
2025-11-04T18:30:39.497Z | 2025-11-11T05:09:50.301Z |
| cve-2025-64320 | N/A | Improper Neutralization of Input Used for LLM Pro… |
Salesforce |
Agentforce Vibes Extension |
2025-11-04T18:27:32.096Z | 2025-11-05T14:32:23.386Z |
| cve-2025-64319 | N/A | Incorrect Permission Assignment for Critical Reso… |
Salesforce |
Mulesoft Anypoint Code Builder |
2025-11-04T18:22:51.106Z | 2025-11-11T05:05:19.757Z |
| cve-2025-64318 | N/A | Improper Neutralization of Input Used for LLM Pro… |
Salesforce |
Mulesoft Anypoint Code Builder |
2025-11-04T18:19:33.473Z | 2025-11-11T04:48:57.876Z |
| cve-2025-10875 | N/A | Improper Neutralization of Input Used for LLM Pro… |
Salesforce |
Mulesoft Anypoint Code Builder |
2025-11-04T18:14:28.677Z | 2025-11-05T14:33:29.924Z |
| cve-2025-61956 | 10 (v4.0) 10 (v3.1) | Missing Authentication for Critical Function in Radiom… |
Radiometrics |
VizAir |
2025-11-04T16:15:05.012Z | 2025-11-04T16:26:27.186Z |
| cve-2025-54863 | 10 (v4.0) 10 (v3.1) | Insufficiently Protected Credentials in Radiometrics VizAir |
Radiometrics |
VizAir |
2025-11-04T16:13:03.327Z | 2025-11-04T16:31:15.814Z |
| cve-2025-61945 | 10 (v4.0) 10 (v3.1) | Missing Authentication for Critical Function in Radiom… |
Radiometrics |
VizAir |
2025-11-04T16:10:49.931Z | 2025-11-05T14:34:04.566Z |
| cve-2025-12184 | MeetingList <= 0.11 - Authenticated (Admin+) Stored Cr… |
rboatright |
MeetingList |
2025-11-04T14:25:04.104Z | 2025-11-04T14:35:54.765Z | |
| cve-2025-12682 | Easy Upload Files During Checkout <= 2.9.8 - Unauthent… |
fahadmahmood |
Easy Upload Files During Checkout |
2025-11-04T13:47:35.380Z | 2025-11-04T14:16:38.630Z | |
| cve-2025-12695 | 5.9 (v3.1) | Insecure configuration in DSPy lead to arbitrary file … |
|
|
2025-11-04T13:24:42.358Z | 2025-11-04T14:19:33.945Z |
| cve-2025-41345 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:18:42.706Z | 2025-11-04T14:35:54.374Z |
| cve-2025-41344 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:18:20.077Z | 2025-11-04T15:04:57.015Z |
| cve-2025-41343 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:18:05.093Z | 2025-11-04T15:07:08.054Z |
| cve-2025-41342 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:17:51.179Z | 2025-11-04T15:17:43.690Z |
| cve-2025-41341 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:17:34.546Z | 2025-11-04T15:25:52.763Z |
| cve-2025-41340 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:17:18.268Z | 2025-11-04T15:33:20.238Z |
| cve-2025-41339 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:16:56.280Z | 2025-11-04T15:56:59.396Z |
| cve-2025-41338 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:16:37.282Z | 2025-11-04T16:34:56.240Z |
| cve-2025-41337 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:16:20.518Z | 2025-11-04T16:59:06.244Z |
| cve-2025-41336 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:16:02.887Z | 2025-11-04T17:05:55.761Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-64107 | Cursor is Vulnerable to Path Manipulation Using Backsl… |
cursor |
cursor |
2025-11-04T22:51:42.609Z | 2025-11-07T14:26:57.543Z | |
| cve-2025-64106 | Cursor: Speedbump Modal Bypass in MCP Server Deep-Link |
cursor |
cursor |
2025-11-04T22:48:14.832Z | 2025-11-05T18:47:55.509Z | |
| cve-2025-62722 | LinkAce: Stored XSS Vulnerability in Link Title Field … |
Kovah |
LinkAce |
2025-11-04T22:31:46.582Z | 2025-11-05T18:48:01.239Z | |
| cve-2025-59596 | 6 (v4.0) | CVE-2025-59596 is a denial-of-service vulnerabili… |
Absolute Security |
Secure Access |
2025-11-04T22:51:31.244Z | 2025-11-05T14:18:58.843Z |
| cve-2025-59595 | 8.2 (v4.0) | CVE-2025-59595 is an internally discovered denial… |
Absolute |
Secure Access |
2025-11-04T22:46:38.884Z | 2025-11-04T22:57:45.870Z |
| cve-2025-62721 | LinkAce: Authorization Bypass Allows Unauthorized Acce… |
Kovah |
LinkAce |
2025-11-04T22:07:09.103Z | 2025-11-05T18:48:07.596Z | |
| cve-2025-62720 | LinkAce: Data Exfiltration via Export Functions Allow … |
Kovah |
LinkAce |
2025-11-04T22:03:09.147Z | 2025-11-05T18:48:12.856Z | |
| cve-2025-62719 | LinkAce: Limited Server-Side Request Forgery (SSRF) in… |
Kovah |
LinkAce |
2025-11-04T21:57:15.828Z | 2025-11-05T18:48:18.084Z | |
| cve-2025-62715 | ClipBucket v5: Stored XSS via Collection Tags |
MacWarrior |
clipbucket-v5 |
2025-11-04T21:37:32.650Z | 2025-11-04T21:45:26.091Z | |
| cve-2025-62520 | MantisBT unauthorized disclosure of private project co… |
mantisbt |
mantisbt |
2025-11-04T21:31:13.261Z | 2025-11-04T21:48:13.191Z | |
| cve-2025-62507 | Redis: Bug in XACKDEL may lead to stack overflow and p… |
redis |
redis |
2025-11-04T21:24:44.802Z | 2025-11-06T04:55:34.815Z | |
| cve-2025-62369 | Xibo CMS: Remote Code Execution through module templates |
xibosignage |
xibo-cms |
2025-11-04T21:18:38.880Z | 2025-11-05T14:29:33.887Z | |
| cve-2025-56230 | N/A | Tencent Docs Desktop 3.9.20 and earlier suffers f… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:38:15.979Z |
| cve-2025-54526 | 7.8 (v3.1) 8.4 (v4.0) | Fuji Electric Monitouch V-SFT-6 Stack-based Buffer Overflow |
Fuji Electric |
Monitouch V-SFT-6 |
2025-11-04T21:37:56.067Z | 2025-11-04T21:46:06.843Z |
| cve-2025-54496 | 7.8 (v3.1) 8.4 (v4.0) | Fuji Electric Monitouch V-SFT-6 Heap-based Buffer Overflow |
Fuji Electric |
Monitouch V-SFT-6 |
2025-11-04T21:36:46.018Z | 2025-11-04T21:46:35.254Z |
| cve-2025-55155 | MantisBT: Authentication bypass for some passwords due… |
mantisbt |
mantisbt |
2025-11-04T20:48:03.428Z | 2025-11-04T21:03:12.088Z | |
| cve-2025-54335 | N/A | An issue was discovered in the GPU driver in Sams… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:27:24.521Z |
| cve-2025-52910 | N/A | An issue was discovered in the GPU in Samsung Mob… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T14:56:51.459Z |
| cve-2025-48884 | Galette is vulnerable to XSS through Document Type |
galette |
galette |
2025-11-04T20:44:29.193Z | 2025-11-04T21:03:39.940Z | |
| cve-2025-48076 | Galette is vulnerable to Cross-site Scripting |
galette |
galette |
2025-11-04T20:40:09.121Z | 2025-11-04T21:04:06.991Z | |
| cve-2025-47776 | MantisBT: Authentication bypass for some passwords due… |
mantisbt |
mantisbt |
2025-11-04T20:31:01.759Z | 2025-11-05T18:48:23.378Z | |
| cve-2025-32786 | GLPI Inventory Plugin is Vulnerable to Unauthenticated… |
glpi-project |
glpi-inventory-plugin |
2025-11-04T20:18:43.581Z | 2025-11-05T18:48:29.572Z | |
| cve-2025-27374 | N/A | An issue was discovered in the Secure Boot compon… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:28:56.141Z |
| cve-2024-56426 | N/A | An issue was discovered in Samsung Mobile Process… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:25:22.139Z |
| cve-2025-61431 | N/A | A reflected cross-site scripted (XSS) vulnerabili… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:14:00.631Z |
| cve-2025-54327 | N/A | An issue was discovered in VTS in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:23:00.335Z |
| cve-2025-49494 | N/A | An issue was discovered in Samsung Mobile Process… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T20:08:30.860Z |
| cve-2025-33176 | 6.2 (v3.1) | NVIDIA RunAI for all platforms contains a vulnera… |
NVIDIA |
RunAI |
2025-11-04T19:46:41.310Z | 2025-11-04T20:10:14.826Z |
| cve-2025-23358 | 8.2 (v3.1) | NVIDIA NVApp for Windows contains a vulnerability… |
NVIDIA |
NVApp |
2025-11-04T19:47:35.156Z | 2025-11-05T04:55:51.900Z |
| cve-2025-64322 | N/A | Incorrect Permission Assignment for Critical Reso… |
Salesforce |
Agentforce Vibes Extension |
2025-11-04T18:33:19.118Z | 2025-11-11T05:12:06.968Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-148968 | Malicious code in uninstall-sadr-odin-nconf (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148967 | Malicious code in uninstall-quasar-webdriverio-gridsome (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148966 | Malicious code in uninstall-protractor-xerxes-galaxy (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148965 | Malicious code in uninstall-prompts-carpo-auriga (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148964 | Malicious code in uninstall-perseus-duplex-uninstall (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148963 | Malicious code in uninstall-octans-procyon-soap (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148962 | Malicious code in uninstall-magellan-enif-nashira (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148961 | Malicious code in uninstall-local-meissa-miranda (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148960 | Malicious code in uninstall-inquirer-vega-graphql (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148959 | Malicious code in uninstall-html-webpack-plugin-leda-upgrade (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148958 | Malicious code in uninstall-helios-geckodriver-cressida (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148957 | Malicious code in uninstall-helios-aldebaran-colors (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148956 | Malicious code in uninstall-figures-epimetheus-auriga (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148955 | Malicious code in uninstall-comet-orbit-oauth (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148954 | Malicious code in uninstall-browserify-ganymede-postcss-loader (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148953 | Malicious code in uninstall-axios-node-sass-exec (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148952 | Malicious code in uninstall-apollo-gacrux-dependencies (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148951 | Malicious code in uninstall-acamar-supervisor-cassini (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148949 | Malicious code in umbriel-umbra-centauri-chariklo (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148948 | Malicious code in umbriel-transform-galaxy-pavo (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148947 | Malicious code in umbriel-style-loader-commitizen-spectron (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148946 | Malicious code in umbriel-promise-castor-spectron-webdriver (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148945 | Malicious code in umbriel-orbit-firebase-vuepress (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148944 | Malicious code in umbriel-mongodb-pegasus-rocket (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148943 | Malicious code in umbriel-install-cygnus-markdown (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148942 | Malicious code in umbriel-indus-cache-prettier-plugin-markdown (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148941 | Malicious code in umbriel-hyperion-ignite-quasar (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148940 | Malicious code in umbriel-fornax-antd-gatsby (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148939 | Malicious code in umbriel-equinox-corvus-public (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148938 | Malicious code in umbriel-dactyl-solis-publish (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:12834 | Red Hat Security Advisory: python3.12-setuptools security update | 2025-08-05T03:40:27+00:00 | 2025-11-07T03:32:27+00:00 |
| rhsa-2025:12882 | Red Hat Security Advisory: jq security update | 2025-08-05T03:18:37+00:00 | 2025-11-11T09:29:53+00:00 |
| rhsa-2025:12862 | Red Hat Security Advisory: gdk-pixbuf2 security update | 2025-08-05T03:14:02+00:00 | 2025-11-07T18:35:42+00:00 |
| rhsa-2025:12831 | Red Hat Security Advisory: opentelemetry-collector security update | 2025-08-05T02:08:27+00:00 | 2025-11-11T20:39:00+00:00 |
| rhsa-2025:12850 | Red Hat Security Advisory: opentelemetry-collector security update | 2025-08-05T01:36:07+00:00 | 2025-11-11T20:38:55+00:00 |
| rhsa-2025:12891 | Red Hat Security Advisory: Red Hat multicluster global hub 1.4.2 security update | 2025-08-05T00:44:17+00:00 | 2025-11-11T20:38:55+00:00 |
| rhsa-2025:12789 | Red Hat Security Advisory: redis:6 security update | 2025-08-04T18:48:31+00:00 | 2025-11-11T16:22:56+00:00 |
| rhsa-2025:12769 | Red Hat Security Advisory: redis:6 security update | 2025-08-04T18:11:36+00:00 | 2025-11-11T16:22:56+00:00 |
| rhsa-2025:12768 | Red Hat Security Advisory: redis:6 security update | 2025-08-04T18:10:21+00:00 | 2025-11-11T16:22:57+00:00 |
| rhsa-2025:12772 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update | 2025-08-04T18:02:56+00:00 | 2025-11-07T21:40:52+00:00 |
| rhsa-2025:12748 | Red Hat Security Advisory: glibc security update | 2025-08-04T17:33:16+00:00 | 2025-11-06T23:41:52+00:00 |
| rhsa-2025:12752 | Red Hat Security Advisory: kernel security update | 2025-08-04T16:59:36+00:00 | 2025-11-11T11:27:17+00:00 |
| rhsa-2025:12746 | Red Hat Security Advisory: kernel security update | 2025-08-04T16:42:16+00:00 | 2025-11-11T11:27:17+00:00 |
| rhsa-2025:12751 | Red Hat Security Advisory: tigervnc security update | 2025-08-04T16:35:43+00:00 | 2025-11-06T22:02:11+00:00 |
| rhsa-2025:12749 | Red Hat Security Advisory: sqlite security update | 2025-08-04T16:35:34+00:00 | 2025-11-12T02:19:24+00:00 |
| rhsa-2025:12753 | Red Hat Security Advisory: kernel-rt security update | 2025-08-04T16:27:12+00:00 | 2025-11-11T11:27:18+00:00 |
| rhsa-2025:12521 | Red Hat Security Advisory: sqlite security update | 2025-08-04T15:41:21+00:00 | 2025-11-12T02:19:24+00:00 |
| rhsa-2025:12519 | Red Hat Security Advisory: python-requests security update | 2025-08-04T15:20:03+00:00 | 2025-11-11T13:20:50+00:00 |
| rhsa-2025:12527 | Red Hat Security Advisory: virt:rhel and virt-devel:rhel security update | 2025-08-04T15:19:47+00:00 | 2025-11-06T23:41:52+00:00 |
| rhsa-2025:12662 | Red Hat Security Advisory: kernel security update | 2025-08-04T15:19:46+00:00 | 2025-11-11T20:29:37+00:00 |
| rhsa-2025:12523 | Red Hat Security Advisory: unbound security update | 2025-08-04T15:19:40+00:00 | 2025-11-06T23:41:53+00:00 |
| rhsa-2025:12525 | Red Hat Security Advisory: kernel-rt security update | 2025-08-04T15:19:38+00:00 | 2025-11-11T08:53:35+00:00 |
| rhsa-2025:12524 | Red Hat Security Advisory: redis security update | 2025-08-04T15:19:36+00:00 | 2025-11-11T16:22:54+00:00 |
| rhsa-2025:12526 | Red Hat Security Advisory: kernel security update | 2025-08-04T15:19:33+00:00 | 2025-11-11T08:53:37+00:00 |
| rhsa-2025:12522 | Red Hat Security Advisory: sqlite security update | 2025-08-04T15:19:33+00:00 | 2025-11-12T02:19:20+00:00 |
| rhsa-2025:12520 | Red Hat Security Advisory: unbound security update | 2025-08-04T15:19:32+00:00 | 2025-11-06T23:41:50+00:00 |
| rhsa-2025:12623 | Red Hat Security Advisory: kernel security update | 2025-08-04T15:19:31+00:00 | 2025-11-06T23:14:36+00:00 |
| rhsa-2025:12511 | Red Hat Security Advisory: Streams for Apache Kafka 3.0.0 release and security update | 2025-08-01T17:42:40+00:00 | 2025-11-11T16:09:05+00:00 |
| rhsa-2025:12478 | Red Hat Security Advisory: redis security update | 2025-08-01T05:56:27+00:00 | 2025-11-11T16:23:02+00:00 |
| rhsa-2025:12499 | Red Hat Security Advisory: pcs security update | 2025-08-01T03:23:42+00:00 | 2025-11-06T22:56:20+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-32988 | Gnutls: vulnerability in gnutls othername san export | 2025-07-02T00:00:00.000Z | 2025-07-25T00:00:00.000Z |
| msrc_cve-2025-32023 | Redis allows out of bounds writes in hyperloglog commands leading to RCE | 2025-07-02T00:00:00.000Z | 2025-07-29T00:00:00.000Z |
| msrc_cve-2025-23266 | NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service. | 2025-07-02T00:00:00.000Z | 2025-09-04T04:21:49.000Z |
| msrc_cve-2025-23048 | Apache HTTP Server: mod_ssl access control bypass with session resumption | 2025-07-02T00:00:00.000Z | 2025-07-18T00:00:00.000Z |
| msrc_cve-2025-1735 | pgsql extension does not check for errors during escaping | 2025-07-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-1220 | Null byte termination in hostnames | 2025-07-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2024-58266 | The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate command injection. | 2025-07-02T00:00:00.000Z | 2025-09-04T03:03:00.000Z |
| msrc_cve-2024-48916 | Ceph is vulnerable to authentication bypass through RadosGW | 2025-07-02T00:00:00.000Z | 2025-08-11T00:00:00.000Z |
| msrc_cve-2024-47252 | Apache HTTP Server: mod_ssl error log variable escaping | 2025-07-02T00:00:00.000Z | 2025-07-18T00:00:00.000Z |
| msrc_cve-2024-43204 | Apache HTTP Server: SSRF with mod_headers setting Content-Type header | 2025-07-02T00:00:00.000Z | 2025-07-18T00:00:00.000Z |
| msrc_cve-2024-42516 | Apache HTTP Server: HTTP response splitting | 2025-07-02T00:00:00.000Z | 2025-07-18T00:00:00.000Z |
| msrc_cve-2024-25178 | LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an out-of-bounds read in the stack-overflow handler in lj_state.c. | 2025-07-02T00:00:00.000Z | 2025-07-25T00:00:00.000Z |
| msrc_cve-2024-25177 | LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an unsinking of IR_FSTORE for NULL metatable, which leads to Denial of Service (DoS). | 2025-07-02T00:00:00.000Z | 2025-09-04T03:05:40.000Z |
| msrc_cve-2024-25176 | LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c. | 2025-07-02T00:00:00.000Z | 2025-07-25T00:00:00.000Z |
| msrc_cve-2023-53159 | The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::set_host. | 2025-07-02T00:00:00.000Z | 2025-09-04T03:10:43.000Z |
| msrc_cve-2023-53158 | The gix-transport crate before 0.36.1 for Rust allows command execution via the "gix clone 'ssh://-oProxyCommand=open$IFS" substring. NOTE: this was discovered before CVE-2024-32884, a similar vulnerability (involving a username field) that is more difficult to exploit. | 2025-07-02T00:00:00.000Z | 2025-09-04T03:13:40.000Z |
| msrc_cve-2023-53034 | ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans | 2025-07-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2023-52971 | MariaDB Server 10.10 through 10.11.* and 11.0 through 11.4.* crashes in JOIN::fix_all_splittings_in_plan. | 2025-07-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-6858 | HDF5 H5Centry.c H5C__flush_single_entry null pointer dereference | 2025-06-02T00:00:00.000Z | 2025-09-03T23:14:28.000Z |
| msrc_cve-2025-6857 | HDF5 H5Gnode.c H5G__node_cmp3 stack-based overflow | 2025-06-02T00:00:00.000Z | 2025-09-03T23:44:00.000Z |
| msrc_cve-2025-6856 | HDF5 H5FL.c H5FL__reg_gc_list use after free | 2025-06-02T00:00:00.000Z | 2025-09-03T23:34:37.000Z |
| msrc_cve-2025-6818 | HDF5 H5Ochunk.c H5O__chunk_protect heap-based overflow | 2025-06-02T00:00:00.000Z | 2025-09-03T23:20:07.000Z |
| msrc_cve-2025-6817 | HDF5 H5Centry.c H5C__load_entry resource consumption | 2025-06-02T00:00:00.000Z | 2025-09-03T23:30:01.000Z |
| msrc_cve-2025-6816 | HDF5 H5Ofsinfo.c H5O__fsinfo_encode heap-based overflow | 2025-06-02T00:00:00.000Z | 2025-09-03T23:25:02.000Z |
| msrc_cve-2025-6750 | HDF5 H5Omtime.c H5O__mtime_new_encode heap-based overflow | 2025-06-02T00:00:00.000Z | 2025-09-03T23:39:00.000Z |
| msrc_cve-2025-6516 | HDF5 H5Fint.c H5F_addr_decode_len heap-based overflow | 2025-06-02T00:00:00.000Z | 2025-09-03T22:29:38.000Z |
| msrc_cve-2025-6498 | HTACG tidy-html5 alloc.c defaultAlloc memory leak | 2025-06-02T00:00:00.000Z | 2025-09-03T22:10:38.000Z |
| msrc_cve-2025-6497 | HTACG tidy-html5 parser.c prvTidyParseNamespace assertion | 2025-06-02T00:00:00.000Z | 2025-09-03T22:14:40.000Z |
| msrc_cve-2025-6270 | HDF5 H5FSsection.c H5FS__sect_find_node heap-based overflow | 2025-06-02T00:00:00.000Z | 2025-09-03T21:56:58.000Z |
| msrc_cve-2025-6269 | HDF5 H5Cimage.c H5C__reconstruct_cache_entry heap-based overflow | 2025-06-02T00:00:00.000Z | 2025-09-03T21:52:17.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2020-000015 | Multiple vulnerabilities in Aterm WG2600HS | 2020-02-19T14:34+09:00 | 2020-02-19T14:34+09:00 |
| jvndb-2020-000012 | WordPress Plugin "Easy Property Listings" vulnerable to cross-site request forgery | 2020-02-18T13:42+09:00 | 2020-02-18T13:42+09:00 |
| jvndb-2020-001591 | Multiple vulnerabilities in TCP/IP function on Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000 | 2020-02-18T12:10+09:00 | 2020-02-18T12:10+09:00 |
| jvndb-2020-001545 | Security information for Hitachi Disk Array Systems | 2020-02-14T15:34+09:00 | 2020-02-14T15:34+09:00 |
| jvndb-2020-000014 | ilbo App vulnerable to authentication bypass | 2020-02-14T13:43+09:00 | 2020-02-14T13:43+09:00 |
| jvndb-2020-000013 | Multiple Trend Micro products vulnerable to denial-of-service (DoS) | 2020-02-14T13:39+09:00 | 2020-03-06T13:56+09:00 |
| jvndb-2020-000011 | HtmlUnit vulenerable to arbitrary code execution | 2020-02-10T12:30+09:00 | 2020-02-10T12:30+09:00 |
| jvndb-2020-000009 | Movable Type vulnerable to cross-site scripting | 2020-02-06T12:29+09:00 | 2020-02-06T12:29+09:00 |
| jvndb-2019-012236 | Ghostscript access restriction bypass vulnerability | 2020-02-05T13:51+09:00 | 2020-02-13T16:36+09:00 |
| jvndb-2020-000008 | AWMS Mobile App vulnerable to improper server certificate verification | 2020-01-31T12:30+09:00 | 2021-04-12T13:30+09:00 |
| jvndb-2020-000007 | Android App "MyPallete" vulnerable to improper server certificate verification | 2020-01-28T15:59+09:00 | 2020-01-28T15:59+09:00 |
| jvndb-2020-000006 | Multiple Fuji Xerox mobile applications fails to verify SSL server certificates | 2020-01-21T13:55+09:00 | 2020-01-21T13:55+09:00 |
| jvndb-2020-000005 | Trend Micro Password Manager vulnerable to information disclosure | 2020-01-17T15:08+09:00 | 2020-01-17T15:08+09:00 |
| jvndb-2020-000004 | Trend Micro Password Manager vulnerable to information disclosure | 2020-01-17T15:01+09:00 | 2020-01-17T15:01+09:00 |
| jvndb-2020-000003 | Junos OS vulnerable to cross-site scripting | 2020-01-10T14:48+09:00 | 2020-01-10T14:48+09:00 |
| jvndb-2020-000002 | Junos OS vulnerable to directory traversal | 2020-01-10T14:48+09:00 | 2020-01-10T14:48+09:00 |
| jvndb-2020-000001 | F-RevoCRM vulnerable to cross-site scripting | 2020-01-08T14:22+09:00 | 2020-01-08T14:22+09:00 |
| jvndb-2019-013272 | Multiple Vulnerabilities in Hitachi Command Suite and Hitachi Infrastructure Analytics Advisor | 2019-12-24T16:02+09:00 | 2019-12-24T16:02+09:00 |
| jvndb-2019-013271 | Multiple Vulnerabilities in Hitachi Automation Director | 2019-12-24T16:02+09:00 | 2019-12-24T16:02+09:00 |
| jvndb-2019-013273 | DoS Vulnerability in Hitachi Compute Systems Manager | 2019-12-24T16:01+09:00 | 2019-12-24T16:01+09:00 |
| jvndb-2019-000078 | Multiple vulnerabilities in a-blog cms | 2019-12-20T15:43+09:00 | 2019-12-20T15:43+09:00 |
| jvndb-2019-000077 | Android App "NTV News24" fails to verify SSL server certificates | 2019-12-19T13:59+09:00 | 2019-12-19T13:59+09:00 |
| jvndb-2019-000076 | Multiple vulnerabilities in Cybozu Office | 2019-12-17T13:55+09:00 | 2019-12-17T13:55+09:00 |
| jvndb-2019-000074 | Athenz vulnerable to open redirect | 2019-12-12T15:00+09:00 | 2019-12-26T17:14+09:00 |
| jvndb-2019-000075 | Multiple vulnerabilities in "Custom Body Class" | 2019-12-12T14:55+09:00 | 2019-12-12T14:55+09:00 |
| jvndb-2019-000073 | Kinza vulnerable to cross-site scripting | 2019-12-11T09:56+09:00 | 2019-12-11T09:56+09:00 |
| jvndb-2019-000072 | Multiple MOTEX products vulnerable to privilege escalation | 2019-12-03T13:34+09:00 | 2019-12-03T13:34+09:00 |
| jvndb-2019-000071 | STAMP Workbench installer may insecurely load Dynamic Link Libraries | 2019-11-27T10:31+09:00 | 2019-11-27T10:31+09:00 |
| jvndb-2019-000070 | WordPress Plugin "WP Spell Check" vulnerable to cross-site request forgery | 2019-11-26T18:16+09:00 | 2019-11-26T18:16+09:00 |
| jvndb-2019-000069 | Movable Type vulnerable to open redirect | 2019-11-13T13:59+09:00 | 2019-11-13T13:59+09:00 |
| ID | Description | Updated |
|---|