Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-grcx-5pw5-xxrw | The Crypto Payment Gateway with Payeer for WooCommerce plugin for WordPress is vulnerable to paymen… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-fp8q-xhc3-w5c8 | The clubmember plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-f29q-2rg8-rqm2 | The Associados Amazon Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in al… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-cx6v-gm6w-p423 | The LMB^Box Smileys plugin for WordPress is vulnerable to Cross-Site Request Forgery in all version… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-cw7m-pr9p-fp7m | The Simple User Capabilities plugin for WordPress is vulnerable to Privilege Escalation due to a mi… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-c9cf-gx4r-55f7 | The Pagerank Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Cross-Site… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-c55w-6gvp-96m8 | The LinkedIn Resume plugin for WordPress is vulnerable to Cross-Site Request Forgery in all version… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-8fg7-5vqq-795m | The All in One Time Clock Lite plugin for WordPress is vulnerable to unauthorized access due to a m… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-7jjj-fhq5-2gq3 | The SH Contextual Help plugin for WordPress is vulnerable to Cross-Site Request Forgery in all vers… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-6h2j-h2vw-282c | The Centangle-Team plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:13Z |
| ghsa-627w-fp5f-x4qx | The Reuse Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'reuse_… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-5647-2cr4-4573 | The Posts Navigation Links for Sections and Headings – Free by WP Masters plugin for WordPress is v… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-546r-87jx-5rwj | The Visit Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. … | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-25qp-vg38-c324 | The Import Export For WooCommerce plugin for WordPress is vulnerable to unauthorized modification o… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-xr5c-327f-pm5q | The Bootstrap Multi-language Responsive Portfolio plugin for WordPress is vulnerable to Stored Cros… | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-rw6r-rw4v-3j2m | Multiple plugins for WordPress with the Jewel Theme Recommended Plugins Library are vulnerable to U… | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-rpw8-5v4g-qxv7 | The Elegance Menu plugin for WordPress is vulnerable to Local File Inclusion in all versions up to,… | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-rhmc-39gv-4g4r | Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCT… | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-qxjh-59hj-xh63 | Memory corruption while processing a GP command response. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-qjrh-fggh-8wwp | The Footnotes Made Easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugi… | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-q2g7-9rcv-3q63 | Information disclosure while processing message from client with invalid payload. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-pvq2-7x57-qm26 | Memory corruption when triggering a subsystem crash with an out-of-range identifier. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-mm84-8qpx-gvch | Memory corruption while accessing a buffer during IOCTL processing. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-jrc6-q6c9-jj82 | The EM Beer Manager plugin for WordPress is vulnerable to arbitrary file upload leading to remote c… | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-jcc7-q72r-qjwh | Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-h646-5v7r-px43 | Memory corruption while processing client message during device management. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-cwq6-ffmr-m8r5 | Memory corruption while processing large input data from a remote source via a communication interface. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-c43p-c7jp-97pv | Memory corruption while processing request sent from GVM. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-84r5-v95q-856f | Memory corruption while processing audio streaming operations. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-6c5m-fv99-g9g5 | Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-56231 | N/A | Tonec Internet Download Manager 6.42.41.1 and ear… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T20:24:57.560Z |
| cve-2025-55343 | N/A | Quipux 4.0.1 through e1774ac allows authenticated… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-05T19:20:45.969Z |
| cve-2025-55342 | N/A | Quipux 4.0.1 through e1774ac allows enumeration o… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-06T17:01:19.835Z |
| cve-2025-55341 | N/A | Cross Site Scripting vulnerability in Quipux 4.0.… |
n/a |
n/a |
2025-11-05T00:00:00.000Z | 2025-11-06T17:03:33.164Z |
| cve-2025-64110 | Cursor: Authentication Bypass Possible via New Cursori… |
cursor |
cursor |
2025-11-04T23:24:46.313Z | 2025-11-07T14:26:39.262Z | |
| cve-2025-64109 | Cursor CLI Beta: Command Injection via Untrusted MCP C… |
cursor |
cursor |
2025-11-04T23:09:49.147Z | 2025-11-07T14:26:45.734Z | |
| cve-2025-64108 | Cursor's Sensitive File Modification can Lead to NTFS … |
cursor |
cursor |
2025-11-04T22:58:53.745Z | 2025-11-07T14:26:51.902Z | |
| cve-2025-64107 | Cursor is Vulnerable to Path Manipulation Using Backsl… |
cursor |
cursor |
2025-11-04T22:51:42.609Z | 2025-11-07T14:26:57.543Z | |
| cve-2025-59596 | 6 (v4.0) | CVE-2025-59596 is a denial-of-service vulnerabili… |
Absolute Security |
Secure Access |
2025-11-04T22:51:31.244Z | 2025-11-05T14:18:58.843Z |
| cve-2025-64106 | Cursor: Speedbump Modal Bypass in MCP Server Deep-Link |
cursor |
cursor |
2025-11-04T22:48:14.832Z | 2025-11-05T18:47:55.509Z | |
| cve-2025-59595 | 8.2 (v4.0) | CVE-2025-59595 is an internally discovered denial… |
Absolute |
Secure Access |
2025-11-04T22:46:38.884Z | 2025-11-04T22:57:45.870Z |
| cve-2025-62722 | LinkAce: Stored XSS Vulnerability in Link Title Field … |
Kovah |
LinkAce |
2025-11-04T22:31:46.582Z | 2025-11-05T18:48:01.239Z | |
| cve-2025-62721 | LinkAce: Authorization Bypass Allows Unauthorized Acce… |
Kovah |
LinkAce |
2025-11-04T22:07:09.103Z | 2025-11-05T18:48:07.596Z | |
| cve-2025-62720 | LinkAce: Data Exfiltration via Export Functions Allow … |
Kovah |
LinkAce |
2025-11-04T22:03:09.147Z | 2025-11-05T18:48:12.856Z | |
| cve-2025-62719 | LinkAce: Limited Server-Side Request Forgery (SSRF) in… |
Kovah |
LinkAce |
2025-11-04T21:57:15.828Z | 2025-11-05T18:48:18.084Z | |
| cve-2025-54526 | 7.8 (v3.1) 8.4 (v4.0) | Fuji Electric Monitouch V-SFT-6 Stack-based Buffer Overflow |
Fuji Electric |
Monitouch V-SFT-6 |
2025-11-04T21:37:56.067Z | 2025-11-04T21:46:06.843Z |
| cve-2025-62715 | ClipBucket v5: Stored XSS via Collection Tags |
MacWarrior |
clipbucket-v5 |
2025-11-04T21:37:32.650Z | 2025-11-04T21:45:26.091Z | |
| cve-2025-54496 | 7.8 (v3.1) 8.4 (v4.0) | Fuji Electric Monitouch V-SFT-6 Heap-based Buffer Overflow |
Fuji Electric |
Monitouch V-SFT-6 |
2025-11-04T21:36:46.018Z | 2025-11-04T21:46:35.254Z |
| cve-2025-62520 | MantisBT unauthorized disclosure of private project co… |
mantisbt |
mantisbt |
2025-11-04T21:31:13.261Z | 2025-11-04T21:48:13.191Z | |
| cve-2025-62507 | Redis: Bug in XACKDEL may lead to stack overflow and p… |
redis |
redis |
2025-11-04T21:24:44.802Z | 2025-11-06T04:55:34.815Z | |
| cve-2025-62369 | Xibo CMS: Remote Code Execution through module templates |
xibosignage |
xibo-cms |
2025-11-04T21:18:38.880Z | 2025-11-05T14:29:33.887Z | |
| cve-2025-55155 | MantisBT: Authentication bypass for some passwords due… |
mantisbt |
mantisbt |
2025-11-04T20:48:03.428Z | 2025-11-04T21:03:12.088Z | |
| cve-2025-48884 | Galette is vulnerable to XSS through Document Type |
galette |
galette |
2025-11-04T20:44:29.193Z | 2025-11-04T21:03:39.940Z | |
| cve-2025-48076 | Galette is vulnerable to Cross-site Scripting |
galette |
galette |
2025-11-04T20:40:09.121Z | 2025-11-04T21:04:06.991Z | |
| cve-2025-47776 | MantisBT: Authentication bypass for some passwords due… |
mantisbt |
mantisbt |
2025-11-04T20:31:01.759Z | 2025-11-05T18:48:23.378Z | |
| cve-2025-32786 | GLPI Inventory Plugin is Vulnerable to Unauthenticated… |
glpi-project |
glpi-inventory-plugin |
2025-11-04T20:18:43.581Z | 2025-11-05T18:48:29.572Z | |
| cve-2025-23358 | 8.2 (v3.1) | NVIDIA NVApp for Windows contains a vulnerability… |
NVIDIA |
NVApp |
2025-11-04T19:47:35.156Z | 2025-11-05T04:55:51.900Z |
| cve-2025-33176 | 6.2 (v3.1) | NVIDIA RunAI for all platforms contains a vulnera… |
NVIDIA |
RunAI |
2025-11-04T19:46:41.310Z | 2025-11-04T20:10:14.826Z |
| cve-2025-12108 | 9.3 (v4.0) | Missing Authentication for Critical Function Survision… |
Survision |
License Plate Recognition Camera |
2025-11-04T18:43:54.147Z | 2025-11-05T14:46:47.761Z |
| cve-2025-64322 | N/A | Incorrect Permission Assignment for Critical Reso… |
Salesforce |
Agentforce Vibes Extension |
2025-11-04T18:33:19.118Z | 2025-11-11T05:12:06.968Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-12108 | 9.3 (v4.0) | Missing Authentication for Critical Function Survision… |
Survision |
License Plate Recognition Camera |
2025-11-04T18:43:54.147Z | 2025-11-05T14:46:47.761Z |
| cve-2025-10875 | N/A | Improper Neutralization of Input Used for LLM Pro… |
Salesforce |
Mulesoft Anypoint Code Builder |
2025-11-04T18:14:28.677Z | 2025-11-05T14:33:29.924Z |
| cve-2025-54333 | N/A | An issue was discovered in NPU in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T20:02:17.865Z |
| cve-2025-54325 | N/A | An issue was discovered in VTS in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T20:36:14.961Z |
| cve-2025-61956 | 10 (v4.0) 10 (v3.1) | Missing Authentication for Critical Function in Radiom… |
Radiometrics |
VizAir |
2025-11-04T16:15:05.012Z | 2025-11-04T16:26:27.186Z |
| cve-2025-61945 | 10 (v4.0) 10 (v3.1) | Missing Authentication for Critical Function in Radiom… |
Radiometrics |
VizAir |
2025-11-04T16:10:49.931Z | 2025-11-05T14:34:04.566Z |
| cve-2025-60925 | N/A | codeshare v1.0.0 was discovered to contain an inf… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T16:40:03.055Z |
| cve-2025-54863 | 10 (v4.0) 10 (v3.1) | Insufficiently Protected Credentials in Radiometrics VizAir |
Radiometrics |
VizAir |
2025-11-04T16:13:03.327Z | 2025-11-04T16:31:15.814Z |
| cve-2025-54332 | N/A | An issue was discovered in NPU in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T19:59:59.474Z |
| cve-2025-54331 | N/A | An issue was discovered in NPU in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T19:57:07.265Z |
| cve-2025-54330 | N/A | An issue was discovered in NPU in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T19:54:36.141Z |
| cve-2025-54329 | N/A | An issue was discovered in NAS in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T16:58:31.436Z |
| cve-2025-54323 | N/A | An issue was discovered in the camera in Samsung … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T20:27:01.989Z |
| cve-2025-63294 | N/A | WorkDo HRM SaaS HR and Payroll Tool 8.1 is affect… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T15:52:40.974Z |
| cve-2025-12184 | MeetingList <= 0.11 - Authenticated (Admin+) Stored Cr… |
rboatright |
MeetingList |
2025-11-04T14:25:04.104Z | 2025-11-04T14:35:54.765Z | |
| cve-2025-41345 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:18:42.706Z | 2025-11-04T14:35:54.374Z |
| cve-2025-41344 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:18:20.077Z | 2025-11-04T15:04:57.015Z |
| cve-2025-41343 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:18:05.093Z | 2025-11-04T15:07:08.054Z |
| cve-2025-41342 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:17:51.179Z | 2025-11-04T15:17:43.690Z |
| cve-2025-41341 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:17:34.546Z | 2025-11-04T15:25:52.763Z |
| cve-2025-41340 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:17:18.268Z | 2025-11-04T15:33:20.238Z |
| cve-2025-41339 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:16:56.280Z | 2025-11-04T15:56:59.396Z |
| cve-2025-41338 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:16:37.282Z | 2025-11-04T16:34:56.240Z |
| cve-2025-41337 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:16:20.518Z | 2025-11-04T16:59:06.244Z |
| cve-2025-41336 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:16:02.887Z | 2025-11-04T17:05:55.761Z |
| cve-2025-41335 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:15:43.266Z | 2025-11-04T18:27:43.720Z |
| cve-2025-12695 | 5.9 (v3.1) | Insecure configuration in DSPy lead to arbitrary file … |
|
|
2025-11-04T13:24:42.358Z | 2025-11-04T14:19:33.945Z |
| cve-2025-12682 | Easy Upload Files During Checkout <= 2.9.8 - Unauthent… |
fahadmahmood |
Easy Upload Files During Checkout |
2025-11-04T13:47:35.380Z | 2025-11-04T14:16:38.630Z | |
| cve-2025-41114 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:10:31.829Z | 2025-11-04T18:32:18.961Z |
| cve-2025-41113 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:10:12.086Z | 2025-11-04T18:51:57.285Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-148907 | Malicious code in ultra-sass-loader-pegasus-auriga (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148906 | Malicious code in ultra-rehype-deimos-sequelize (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148905 | Malicious code in ultra-postgres-publish-fornax (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148904 | Malicious code in ultra-playwright-flare-thuban (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148903 | Malicious code in ultra-perseus-betelgeuse-leda (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148902 | Malicious code in ultra-node-config-parcel-registry (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148901 | Malicious code in ultra-nightwatch-commitizen-javascript (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148900 | Malicious code in ultra-less-bulma-bulma (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148899 | Malicious code in ultra-init-spectron-package (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148898 | Malicious code in ultra-hyperion-cors-convict (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148897 | Malicious code in ultra-gridsome-aldebaran-nebula (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148896 | Malicious code in ultra-graphql-xo-deimos (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148895 | Malicious code in ultra-gemini-miranda-antares (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148894 | Malicious code in ultra-gemini-elara-update (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148893 | Malicious code in ultra-exec-event-miranda (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148892 | Malicious code in ultra-eslint-plugin-levels-titan (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148891 | Malicious code in ultra-dynamo-foundation-install (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148890 | Malicious code in ultra-deneb-hermes-relay (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148889 | Malicious code in ultra-bunyan-cygnus-adonis (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148888 | Malicious code in ultra-bootes-async-morgan (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148887 | Malicious code in ultra-auriga-gulp-gulp (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148886 | Malicious code in ultra-altair-janus-subscription (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148885 | Malicious code in uglify-js-upgrade-scorpius-cors (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148884 | Malicious code in uglify-js-supervisor-avior-wolf (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148883 | Malicious code in uglify-js-spectron-colors-server (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148882 | Malicious code in uglify-js-schema-spica-arcturus (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148881 | Malicious code in uglify-js-restart-delphinus-hugo (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148880 | Malicious code in uglify-js-quito-ursa-fomalhaut (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148879 | Malicious code in uglify-js-query-rest-triton (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148878 | Malicious code in uglify-js-quantum-vuepress-publish (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:12302 | Red Hat Security Advisory: firefox security update | 2025-07-30T11:23:03+00:00 | 2025-11-06T23:41:51+00:00 |
| rhsa-2025:12293 | Red Hat Security Advisory: virt:rhel and virt-devel:rhel security update | 2025-07-30T10:37:12+00:00 | 2025-11-06T23:41:49+00:00 |
| rhsa-2025:12280 | Red Hat Security Advisory: jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base security update | 2025-07-30T09:55:57+00:00 | 2025-11-07T20:55:48+00:00 |
| rhsa-2025:12281 | Red Hat Security Advisory: jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base security update | 2025-07-30T09:53:38+00:00 | 2025-11-07T20:55:49+00:00 |
| rhsa-2025:12283 | Red Hat Security Advisory: jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base security update | 2025-07-30T09:49:42+00:00 | 2025-11-07T20:55:50+00:00 |
| rhsa-2025:12282 | Red Hat Security Advisory: jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base security update | 2025-07-30T09:45:07+00:00 | 2025-11-07T20:55:49+00:00 |
| rhsa-2025:12278 | Red Hat Security Advisory: firefox security update | 2025-07-30T09:42:47+00:00 | 2025-11-06T23:41:48+00:00 |
| rhsa-2025:12240 | Red Hat Security Advisory: libxml2 security update | 2025-07-30T07:16:46+00:00 | 2025-11-07T18:40:17+00:00 |
| rhsa-2025:12239 | Red Hat Security Advisory: libxml2 security update | 2025-07-30T07:14:41+00:00 | 2025-11-07T18:40:16+00:00 |
| rhsa-2025:12241 | Red Hat Security Advisory: libxml2 security update | 2025-07-30T07:10:57+00:00 | 2025-11-07T18:40:18+00:00 |
| rhsa-2025:12238 | Red Hat Security Advisory: kernel security update | 2025-07-30T06:08:26+00:00 | 2025-11-06T23:14:33+00:00 |
| rhsa-2025:12237 | Red Hat Security Advisory: libxml2 security update | 2025-07-30T05:36:37+00:00 | 2025-11-07T18:40:16+00:00 |
| rhsa-2025:12234 | Red Hat Security Advisory: virt:rhel and virt-devel:rhel security update | 2025-07-30T04:09:12+00:00 | 2025-11-06T23:41:48+00:00 |
| rhsa-2025:12209 | Red Hat Security Advisory: kernel security update | 2025-07-29T17:01:05+00:00 | 2025-11-11T20:31:03+00:00 |
| rhsa-2025:12199 | Red Hat Security Advisory: libxml2 security update | 2025-07-29T16:02:55+00:00 | 2025-11-07T18:40:14+00:00 |
| rhsa-2025:12187 | Red Hat Security Advisory: thunderbird security update | 2025-07-29T15:37:55+00:00 | 2025-11-06T23:41:47+00:00 |
| rhsa-2025:12188 | Red Hat Security Advisory: thunderbird security update | 2025-07-29T15:32:30+00:00 | 2025-11-06T23:41:47+00:00 |
| rhsa-2025:12098 | Red Hat Security Advisory: libxml2 security update | 2025-07-29T13:52:26+00:00 | 2025-11-07T18:40:13+00:00 |
| rhsa-2025:12111 | Red Hat Security Advisory: libtpms security update | 2025-07-29T13:44:09+00:00 | 2025-11-06T23:41:47+00:00 |
| rhsa-2025:12112 | Red Hat Security Advisory: libtpms security update | 2025-07-29T13:34:58+00:00 | 2025-11-06T23:41:47+00:00 |
| rhsa-2025:12100 | Red Hat Security Advisory: libtpms security update | 2025-07-29T13:18:54+00:00 | 2025-11-06T23:41:47+00:00 |
| rhsa-2025:12099 | Red Hat Security Advisory: libxml2 security update | 2025-07-29T13:04:04+00:00 | 2025-11-07T18:40:13+00:00 |
| rhsa-2025:12064 | Red Hat Security Advisory: unbound security update | 2025-07-29T09:32:59+00:00 | 2025-11-06T23:41:46+00:00 |
| rhsa-2025:12056 | Red Hat Security Advisory: perl security update | 2025-07-29T08:53:04+00:00 | 2025-11-06T23:14:32+00:00 |
| rhsa-2025:12044 | Red Hat Security Advisory: firefox security update | 2025-07-29T08:15:29+00:00 | 2025-11-06T23:41:46+00:00 |
| rhsa-2025:12046 | Red Hat Security Advisory: firefox security update | 2025-07-29T08:12:34+00:00 | 2025-11-06T23:41:46+00:00 |
| rhsa-2025:12045 | Red Hat Security Advisory: firefox security update | 2025-07-29T08:09:24+00:00 | 2025-11-06T23:41:46+00:00 |
| rhsa-2025:12036 | Red Hat Security Advisory: sqlite security update | 2025-07-29T08:00:29+00:00 | 2025-11-12T02:19:20+00:00 |
| rhsa-2025:12020 | Red Hat Security Advisory: python-setuptools security update | 2025-07-29T05:20:43+00:00 | 2025-11-07T03:32:25+00:00 |
| rhsa-2025:12016 | Red Hat Security Advisory: Red Hat build of Keycloak 26.2.6 Images Security Update | 2025-07-29T01:44:31+00:00 | 2025-11-07T21:37:42+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-49176 | Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in big requests extension | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-49175 | Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-49133 | Libtpms contains a possible out-of-bound access and abort due to HMAC signing issue | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-49112 | setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow | 2025-06-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-48387 | tar-fs has issue where extract can write outside the specified dir with a specific tarball | 2025-06-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-47950 | CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification | 2025-06-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-47712 | Nbd: nbdkit: integer overflow triggers an assertion resulting in denial of service | 2025-06-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-47711 | Nbdkit: nbdkit-server: off-by-one error when processing block status may lead to a denial of service | 2025-06-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-4748 | Absolute path traversal in zip:unzip/1,2 | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-4673 | Sensitive headers not cleared on cross-origin redirect in net/http | 2025-06-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-4565 | Unbounded recursion in Python Protobuf | 2025-06-02T00:00:00.000Z | 2025-08-14T00:00:00.000Z |
| msrc_cve-2025-4563 | Nodes can bypass dynamic resource allocation authorization checks | 2025-06-02T00:00:00.000Z | 2025-09-03T22:06:56.000Z |
| msrc_cve-2025-4517 | Arbitrary writes via tarfile realpath overflow | 2025-06-02T00:00:00.000Z | 2025-07-18T00:00:00.000Z |
| msrc_cve-2025-4435 | Tarfile extracts filtered members when errorlevel=0 | 2025-06-02T00:00:00.000Z | 2025-09-04T03:03:02.000Z |
| msrc_cve-2025-4330 | Extraction filter bypass for linking outside extraction directory | 2025-06-02T00:00:00.000Z | 2025-07-18T00:00:00.000Z |
| msrc_cve-2025-4138 | Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory | 2025-06-02T00:00:00.000Z | 2025-07-18T00:00:00.000Z |
| msrc_cve-2025-40914 | Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow | 2025-06-02T00:00:00.000Z | 2025-09-04T04:05:27.000Z |
| msrc_cve-2025-38090 | drivers/rapidio/rio_cm.c: prevent possible heap overwrite | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38089 | sunrpc: handle SVC_GARBAGE during svc auth processing as auth error | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38088 | powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38087 | net/sched: fix use-after-free in taprio_dev_notifier | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38086 | net: ch9200: fix uninitialised access during mii_nway_restart | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38085 | mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38084 | mm/hugetlb: unshare page tables during VMA split, not before | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38083 | net_sched: prio: fix a race in prio_tune() | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38082 | gpio: virtuser: fix potential out-of-bound write | 2025-06-02T00:00:00.000Z | 2025-09-04T01:55:27.000Z |
| msrc_cve-2025-38081 | spi-rockchip: Fix register out of bounds access | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38080 | drm/amd/display: Increase block_sequence array size | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38079 | crypto: algif_hash - fix double free in hash_accept | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38078 | ALSA: pcm: Fix race of buffer access at PCM OSS layer | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2019-000045 | Multiple vulnerabilities in Access analysis CGI An-Analyzer | 2019-07-05T15:28+09:00 | 2019-07-05T15:28+09:00 |
| jvndb-2019-000044 | The management console of iDoors Reader vulnerable to authentication bypass | 2019-07-01T14:31+09:00 | 2019-10-04T15:45+09:00 |
| jvndb-2018-000122 | Multiple vulnerabilities in Panasonic BN-SDWBP3 | 2019-06-28T18:28+09:00 | 2019-08-27T17:46+09:00 |
| jvndb-2019-000043 | Multiple vulnerabilities in Hikari Denwa router/Home GateWay | 2019-06-27T15:36+09:00 | 2019-10-08T17:22+09:00 |
| jvndb-2019-000042 | WordPress Plugin "Custom CSS Pro" vulnerable to cross-site request forgery | 2019-06-24T14:27+09:00 | 2019-10-01T10:22+09:00 |
| jvndb-2019-000041 | WordPress Plugin "HTML5 Maps" vulnerable to cross-site request forgery | 2019-06-24T14:22+09:00 | 2019-10-01T10:24+09:00 |
| jvndb-2019-000040 | Multiple vulnerabilities in VAIO Update | 2019-06-21T14:22+09:00 | 2019-10-01T11:12+09:00 |
| jvndb-2019-000038 | WordPress Plugin "Personalized WooCommerce Cart Page" vulnerable to cross-site request forgery | 2019-06-19T14:13+09:00 | 2019-10-04T16:13+09:00 |
| jvndb-2019-000039 | WordPress Plugin "Related YouTube Videos" vulnerable to cross-site request forgery | 2019-06-17T14:55+09:00 | 2019-10-04T16:02+09:00 |
| jvndb-2019-000037 | A map plugin for Mincraft server "Dynmap" fails to restrict access permissions | 2019-06-13T13:57+09:00 | 2019-10-01T10:18+09:00 |
| jvndb-2019-000036 | WordPress Plugin "Contest Gallery" vulnerable to cross-site request forgery | 2019-06-12T14:21+09:00 | 2019-10-04T16:19+09:00 |
| jvndb-2019-000035 | Multiple vulnerabilities in WordPress Plugin "Online Lesson Booking" | 2019-06-10T15:33+09:00 | 2019-10-02T17:50+09:00 |
| jvndb-2019-000034 | Multiple vulnerabilities in WordPress Plugin "Attendance Manager" | 2019-06-10T15:31+09:00 | 2019-10-01T10:56+09:00 |
| jvndb-2019-000033 | Multiple vulnerabilities in GROWI | 2019-06-07T15:18+09:00 | 2019-10-01T10:46+09:00 |
| jvndb-2019-000032 | Joruri CMS 2017 vulnerable to cross-site scripting | 2019-06-07T15:09+09:00 | 2019-10-02T17:53+09:00 |
| jvndb-2019-000031 | Multiple vulnerabilities in Joruri Mail | 2019-06-07T15:03+09:00 | 2019-10-01T10:50+09:00 |
| jvndb-2019-004441 | Vulnerability in Cosminexus HTTP Server and Hitachi Web Server | 2019-06-03T13:55+09:00 | 2019-06-03T13:55+09:00 |
| jvndb-2019-000030 | Multiple vulnerabilities in WordPress Plugin "Zoho SalesIQ" | 2019-05-31T13:51+09:00 | 2019-10-01T10:54+09:00 |
| jvndb-2019-000029 | Android App "Tootdon for Mastodon" fails to verify SSL server certificates | 2019-05-24T15:13+09:00 | 2019-10-04T15:50+09:00 |
| jvndb-2019-000028 | WordPress plugin "WP Open Graph" vulnerable to cross-site request forgery | 2019-05-23T14:10+09:00 | 2019-10-01T11:11+09:00 |
| jvndb-2019-000027 | Apache Camel vulnerable to XML external entity injection (XXE) | 2019-05-22T14:37+09:00 | 2019-09-30T18:14+09:00 |
| jvndb-2019-003539 | DoS Vulnerability in Hitachi IT Operations Director, JP1/IT Desktop Management - Manager and JP1/IT Desktop Management 2 - Manager | 2019-05-20T15:38+09:00 | 2019-05-20T15:38+09:00 |
| jvndb-2019-003194 | Multiple Vulnerabilities in Hitachi Command Suite and Hitachi Infrastructure Analytics Advisor | 2019-05-13T15:25+09:00 | 2019-05-13T15:25+09:00 |
| jvndb-2019-000026 | Electronic reception and examination of application for radio licenses Offline may insecurely load Dynamic Link Libraries | 2019-05-10T14:55+09:00 | 2019-10-01T10:08+09:00 |
| jvndb-2019-000025 | Installer of Electronic reception and examination of application for radio licenses Online may insecurely load Dynamic Link Libraries | 2019-05-10T14:49+09:00 | 2019-10-01T10:11+09:00 |
| jvndb-2019-000024 | CREATE SD official App for Android fails to restrict access permissions | 2019-05-10T13:55+09:00 | 2019-12-27T18:07+09:00 |
| jvndb-2019-000023 | Multiple vulnerabilities in Cybozu Garoon | 2019-04-25T17:13+09:00 | 2023-11-08T16:39+09:00 |
| jvndb-2019-002892 | Multiple Vulnerabilities in Cosminexus | 2019-04-25T15:13+09:00 | 2019-04-25T15:13+09:00 |
| jvndb-2019-000022 | GNU Wget vulnerable to buffer overflow | 2019-04-03T14:58+09:00 | 2019-09-30T18:08+09:00 |
| jvndb-2019-000014 | The installer of Microsoft Teams may insecurely load Dynamic Link Libraries | 2019-04-02T14:18+09:00 | 2020-04-01T16:55+09:00 |
| ID | Description | Updated |
|---|