Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-gqhv-vchr-9qq9 | A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability al… | 2025-11-04T15:31:35Z | 2025-11-05T17:48:27Z |
| ghsa-ch75-8925-99f9 | The Easy Upload Files During Checkout plugin for WordPress is vulnerable to arbitrary JavaScript fi… | 2025-11-04T15:31:35Z | 2025-11-04T15:31:35Z |
| ghsa-4288-2xw7-pwj3 | A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability al… | 2025-11-04T15:31:35Z | 2025-11-05T17:48:27Z |
| ghsa-2wgx-vx28-xj47 | A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability al… | 2025-11-04T15:31:35Z | 2025-11-05T17:48:27Z |
| ghsa-xc93-q32j-cpcg | Jellysweep uses uncontrolled data in image cache API endpoint | 2025-11-04T14:30:22Z | 2025-11-07T16:40:49Z |
| ghsa-w48v-8pqw-vj5q | The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More plugin f… | 2025-11-04T12:30:19Z | 2025-11-04T12:30:19Z |
| ghsa-rgx4-r686-q8hp | The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution (f… | 2025-11-04T12:30:19Z | 2025-11-04T12:30:19Z |
| ghsa-32wm-p53q-684m | An Insecure Direct Object Reference (IDOR) vulnerability exists in the vehicleId parameter, allowin… | 2025-11-04T12:30:19Z | 2025-11-10T21:30:31Z |
| ghsa-xfp6-6hcf-pxmv | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-xc4v-px56-ffcm | In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This cou… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-wj47-wfm8-hj4g | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-v54w-8g4p-5f5m | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-rc8c-8rr9-cjj8 | In charger, there is a possible out of bounds write due to a missing bounds check. This could lead … | 2025-11-04T09:31:16Z | 2025-11-04T15:31:35Z |
| ghsa-pgj8-cqf2-v643 | In pda, there is a possible escalation of privilege due to use after free. This could lead to local… | 2025-11-04T09:31:16Z | 2025-11-04T21:31:34Z |
| ghsa-mr93-x45c-452v | In apusys, there is a possible memory corruption due to use after free. This could lead to local es… | 2025-11-04T09:31:16Z | 2025-11-04T21:31:34Z |
| ghsa-hq6m-98jg-5pq7 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T18:31:58Z |
| ghsa-h9gw-8vj6-p53w | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-ghx5-r834-wpjq | In preloader, there is a possible escalation of privilege due to an insecure default value. This co… | 2025-11-04T09:31:16Z | 2025-11-04T18:31:57Z |
| ghsa-g76h-fppr-42rm | In wlan STA driver, there is a possible out of bounds read due to a race condition. This could lead… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-8w39-8w74-7cr2 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T21:31:34Z |
| ghsa-8rfm-grwq-grhj | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-8hj4-v8cq-7cq7 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-87vm-96cg-xm6h | In wlan STA driver, there is a possible out of bounds write due to an incorrect bounds check. This … | 2025-11-04T09:31:16Z | 2025-11-04T18:31:57Z |
| ghsa-76gj-cmrv-mpmv | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T18:31:57Z |
| ghsa-6943-x92f-9fh2 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T21:31:34Z |
| ghsa-5p4x-8r2p-h43p | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T21:31:34Z |
| ghsa-4xwg-fxhm-6r9c | In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to lo… | 2025-11-04T09:31:16Z | 2025-11-05T00:31:32Z |
| ghsa-4whx-2x44-g86g | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T18:31:58Z |
| ghsa-4qwc-hr6c-mgjj | In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This cou… | 2025-11-04T09:31:16Z | 2025-11-04T15:31:34Z |
| ghsa-3w28-c3v9-22gp | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This c… | 2025-11-04T09:31:16Z | 2025-11-04T21:31:34Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-33176 | 6.2 (v3.1) | NVIDIA RunAI for all platforms contains a vulnera… |
NVIDIA |
RunAI |
2025-11-04T19:46:41.310Z | 2025-11-04T20:10:14.826Z |
| cve-2025-12108 | 9.3 (v4.0) | Missing Authentication for Critical Function Survision… |
Survision |
License Plate Recognition Camera |
2025-11-04T18:43:54.147Z | 2025-11-05T14:46:47.761Z |
| cve-2025-64322 | N/A | Incorrect Permission Assignment for Critical Reso… |
Salesforce |
Agentforce Vibes Extension |
2025-11-04T18:33:19.118Z | 2025-11-11T05:12:06.968Z |
| cve-2025-64321 | N/A | Improper Neutralization of Input Used for LLM Pro… |
Salesforce |
Agentforce Vibes Extension |
2025-11-04T18:30:39.497Z | 2025-11-11T05:09:50.301Z |
| cve-2025-64320 | N/A | Improper Neutralization of Input Used for LLM Pro… |
Salesforce |
Agentforce Vibes Extension |
2025-11-04T18:27:32.096Z | 2025-11-05T14:32:23.386Z |
| cve-2025-64319 | N/A | Incorrect Permission Assignment for Critical Reso… |
Salesforce |
Mulesoft Anypoint Code Builder |
2025-11-04T18:22:51.106Z | 2025-11-11T05:05:19.757Z |
| cve-2025-64318 | N/A | Improper Neutralization of Input Used for LLM Pro… |
Salesforce |
Mulesoft Anypoint Code Builder |
2025-11-04T18:19:33.473Z | 2025-11-11T04:48:57.876Z |
| cve-2025-10875 | N/A | Improper Neutralization of Input Used for LLM Pro… |
Salesforce |
Mulesoft Anypoint Code Builder |
2025-11-04T18:14:28.677Z | 2025-11-05T14:33:29.924Z |
| cve-2025-61956 | 10 (v4.0) 10 (v3.1) | Missing Authentication for Critical Function in Radiom… |
Radiometrics |
VizAir |
2025-11-04T16:15:05.012Z | 2025-11-04T16:26:27.186Z |
| cve-2025-54863 | 10 (v4.0) 10 (v3.1) | Insufficiently Protected Credentials in Radiometrics VizAir |
Radiometrics |
VizAir |
2025-11-04T16:13:03.327Z | 2025-11-04T16:31:15.814Z |
| cve-2025-61945 | 10 (v4.0) 10 (v3.1) | Missing Authentication for Critical Function in Radiom… |
Radiometrics |
VizAir |
2025-11-04T16:10:49.931Z | 2025-11-05T14:34:04.566Z |
| cve-2025-12184 | MeetingList <= 0.11 - Authenticated (Admin+) Stored Cr… |
rboatright |
MeetingList |
2025-11-04T14:25:04.104Z | 2025-11-04T14:35:54.765Z | |
| cve-2025-12682 | Easy Upload Files During Checkout <= 2.9.8 - Unauthent… |
fahadmahmood |
Easy Upload Files During Checkout |
2025-11-04T13:47:35.380Z | 2025-11-04T14:16:38.630Z | |
| cve-2025-12695 | 5.9 (v3.1) | Insecure configuration in DSPy lead to arbitrary file … |
|
|
2025-11-04T13:24:42.358Z | 2025-11-04T14:19:33.945Z |
| cve-2025-41345 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:18:42.706Z | 2025-11-04T14:35:54.374Z |
| cve-2025-41344 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:18:20.077Z | 2025-11-04T15:04:57.015Z |
| cve-2025-41343 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:18:05.093Z | 2025-11-04T15:07:08.054Z |
| cve-2025-41342 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:17:51.179Z | 2025-11-04T15:17:43.690Z |
| cve-2025-41341 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:17:34.546Z | 2025-11-04T15:25:52.763Z |
| cve-2025-41340 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:17:18.268Z | 2025-11-04T15:33:20.238Z |
| cve-2025-41339 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:16:56.280Z | 2025-11-04T15:56:59.396Z |
| cve-2025-41338 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:16:37.282Z | 2025-11-04T16:34:56.240Z |
| cve-2025-41337 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:16:20.518Z | 2025-11-04T16:59:06.244Z |
| cve-2025-41336 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:16:02.887Z | 2025-11-04T17:05:55.761Z |
| cve-2025-41335 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:15:43.266Z | 2025-11-04T18:27:43.720Z |
| cve-2025-41114 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:10:31.829Z | 2025-11-04T18:32:18.961Z |
| cve-2025-41113 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:10:12.086Z | 2025-11-04T18:51:57.285Z |
| cve-2025-41112 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:09:53.897Z | 2025-11-04T14:18:59.923Z |
| cve-2025-41111 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:08:40.472Z | 2025-11-04T14:19:54.307Z |
| cve-2025-12045 | Orbit Fox Companion <= 3.0.2 - Authenticated (Author+)… |
themeisle |
Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More |
2025-11-04T11:19:27.966Z | 2025-11-04T18:53:30.602Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-64108 | Cursor's Sensitive File Modification can Lead to NTFS … |
cursor |
cursor |
2025-11-04T22:58:53.745Z | 2025-11-07T14:26:51.902Z | |
| cve-2025-64107 | Cursor is Vulnerable to Path Manipulation Using Backsl… |
cursor |
cursor |
2025-11-04T22:51:42.609Z | 2025-11-07T14:26:57.543Z | |
| cve-2025-64106 | Cursor: Speedbump Modal Bypass in MCP Server Deep-Link |
cursor |
cursor |
2025-11-04T22:48:14.832Z | 2025-11-05T18:47:55.509Z | |
| cve-2025-62722 | LinkAce: Stored XSS Vulnerability in Link Title Field … |
Kovah |
LinkAce |
2025-11-04T22:31:46.582Z | 2025-11-05T18:48:01.239Z | |
| cve-2025-59596 | 6 (v4.0) | CVE-2025-59596 is a denial-of-service vulnerabili… |
Absolute Security |
Secure Access |
2025-11-04T22:51:31.244Z | 2025-11-05T14:18:58.843Z |
| cve-2025-59595 | 8.2 (v4.0) | CVE-2025-59595 is an internally discovered denial… |
Absolute |
Secure Access |
2025-11-04T22:46:38.884Z | 2025-11-04T22:57:45.870Z |
| cve-2025-62721 | LinkAce: Authorization Bypass Allows Unauthorized Acce… |
Kovah |
LinkAce |
2025-11-04T22:07:09.103Z | 2025-11-05T18:48:07.596Z | |
| cve-2025-62720 | LinkAce: Data Exfiltration via Export Functions Allow … |
Kovah |
LinkAce |
2025-11-04T22:03:09.147Z | 2025-11-05T18:48:12.856Z | |
| cve-2025-62719 | LinkAce: Limited Server-Side Request Forgery (SSRF) in… |
Kovah |
LinkAce |
2025-11-04T21:57:15.828Z | 2025-11-05T18:48:18.084Z | |
| cve-2025-62715 | ClipBucket v5: Stored XSS via Collection Tags |
MacWarrior |
clipbucket-v5 |
2025-11-04T21:37:32.650Z | 2025-11-04T21:45:26.091Z | |
| cve-2025-62520 | MantisBT unauthorized disclosure of private project co… |
mantisbt |
mantisbt |
2025-11-04T21:31:13.261Z | 2025-11-04T21:48:13.191Z | |
| cve-2025-62507 | Redis: Bug in XACKDEL may lead to stack overflow and p… |
redis |
redis |
2025-11-04T21:24:44.802Z | 2025-11-06T04:55:34.815Z | |
| cve-2025-62369 | Xibo CMS: Remote Code Execution through module templates |
xibosignage |
xibo-cms |
2025-11-04T21:18:38.880Z | 2025-11-05T14:29:33.887Z | |
| cve-2025-56230 | N/A | Tencent Docs Desktop 3.9.20 and earlier suffers f… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:38:15.979Z |
| cve-2025-54526 | 7.8 (v3.1) 8.4 (v4.0) | Fuji Electric Monitouch V-SFT-6 Stack-based Buffer Overflow |
Fuji Electric |
Monitouch V-SFT-6 |
2025-11-04T21:37:56.067Z | 2025-11-04T21:46:06.843Z |
| cve-2025-54496 | 7.8 (v3.1) 8.4 (v4.0) | Fuji Electric Monitouch V-SFT-6 Heap-based Buffer Overflow |
Fuji Electric |
Monitouch V-SFT-6 |
2025-11-04T21:36:46.018Z | 2025-11-04T21:46:35.254Z |
| cve-2025-55155 | MantisBT: Authentication bypass for some passwords due… |
mantisbt |
mantisbt |
2025-11-04T20:48:03.428Z | 2025-11-04T21:03:12.088Z | |
| cve-2025-54335 | N/A | An issue was discovered in the GPU driver in Sams… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:27:24.521Z |
| cve-2025-52910 | N/A | An issue was discovered in the GPU in Samsung Mob… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T14:56:51.459Z |
| cve-2025-48884 | Galette is vulnerable to XSS through Document Type |
galette |
galette |
2025-11-04T20:44:29.193Z | 2025-11-04T21:03:39.940Z | |
| cve-2025-48076 | Galette is vulnerable to Cross-site Scripting |
galette |
galette |
2025-11-04T20:40:09.121Z | 2025-11-04T21:04:06.991Z | |
| cve-2025-47776 | MantisBT: Authentication bypass for some passwords due… |
mantisbt |
mantisbt |
2025-11-04T20:31:01.759Z | 2025-11-05T18:48:23.378Z | |
| cve-2025-32786 | GLPI Inventory Plugin is Vulnerable to Unauthenticated… |
glpi-project |
glpi-inventory-plugin |
2025-11-04T20:18:43.581Z | 2025-11-05T18:48:29.572Z | |
| cve-2025-27374 | N/A | An issue was discovered in the Secure Boot compon… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:28:56.141Z |
| cve-2024-56426 | N/A | An issue was discovered in Samsung Mobile Process… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:25:22.139Z |
| cve-2025-61431 | N/A | A reflected cross-site scripted (XSS) vulnerabili… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:14:00.631Z |
| cve-2025-54327 | N/A | An issue was discovered in VTS in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:23:00.335Z |
| cve-2025-49494 | N/A | An issue was discovered in Samsung Mobile Process… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T20:08:30.860Z |
| cve-2025-33176 | 6.2 (v3.1) | NVIDIA RunAI for all platforms contains a vulnera… |
NVIDIA |
RunAI |
2025-11-04T19:46:41.310Z | 2025-11-04T20:10:14.826Z |
| cve-2025-23358 | 8.2 (v3.1) | NVIDIA NVApp for Windows contains a vulnerability… |
NVIDIA |
NVApp |
2025-11-04T19:47:35.156Z | 2025-11-05T04:55:51.900Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-148877 | Malicious code in uglify-js-pegasus-proxima-superagent (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148876 | Malicious code in uglify-js-nuxtjs-karma-atlas (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148875 | Malicious code in uglify-js-nestjs-fornax-husky (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148874 | Malicious code in uglify-js-hexo-zenobia-child-process (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148873 | Malicious code in uglify-js-europa-chakra-ui-dagda (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148872 | Malicious code in uglify-js-eslint-callisto-meissa (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148871 | Malicious code in uglify-js-despina-quark-graphql (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148870 | Malicious code in uglify-js-dagda-await-parcel (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148869 | Malicious code in uglify-js-child-process-meissa-firebase (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148868 | Malicious code in uglify-js-chalk-spica-zenith (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148867 | Malicious code in uglify-js-bunyan-solis-neptune (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148866 | Malicious code in uglify-js-blaze-rocket-dorado (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148865 | Malicious code in uglify-js-apollo-cosmos-karma (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148864 | Malicious code in typeorm-xenos-hermes-iota (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148863 | Malicious code in typeorm-unuk-dotenv-cache (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148862 | Malicious code in typeorm-uninstall-rigel-sadr (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148861 | Malicious code in typeorm-umbriel-phenomic-sirius (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148860 | Malicious code in typeorm-typeorm-development-apollo (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148859 | Malicious code in typeorm-toml-mocha-capella (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148858 | Malicious code in typeorm-superagent-leda-registry (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148857 | Malicious code in typeorm-subscription-perseus-acamar (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148856 | Malicious code in typeorm-quito-kronos-toml (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148855 | Malicious code in typeorm-puppeteer-gacrux-europa (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148854 | Malicious code in typeorm-pipe-dynamo-jwt (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148853 | Malicious code in typeorm-odin-server-aldebaran (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148852 | Malicious code in typeorm-node-sass-karma-schema (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148851 | Malicious code in typeorm-mui-scripts-fornax (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148850 | Malicious code in typeorm-materialize-meissa-event (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148849 | Malicious code in typeorm-lynx-subscription-sagitta (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148848 | Malicious code in typeorm-loglevel-xo-luna (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:12036 | Red Hat Security Advisory: sqlite security update | 2025-07-29T08:00:29+00:00 | 2025-11-12T02:19:20+00:00 |
| rhsa-2025:12020 | Red Hat Security Advisory: python-setuptools security update | 2025-07-29T05:20:43+00:00 | 2025-11-07T03:32:25+00:00 |
| rhsa-2025:12016 | Red Hat Security Advisory: Red Hat build of Keycloak 26.2.6 Images Security Update | 2025-07-29T01:44:31+00:00 | 2025-11-07T21:37:42+00:00 |
| rhsa-2025:12015 | Red Hat Security Advisory: Red Hat build of Keycloak 26.2.6 Security Update | 2025-07-29T01:35:22+00:00 | 2025-11-07T21:37:40+00:00 |
| rhsa-2025:11675 | Red Hat Security Advisory: OpenShift Container Platform 4.19.6 security and extras update | 2025-07-29T01:19:50+00:00 | 2025-11-06T22:56:18+00:00 |
| rhsa-2025:12013 | Red Hat Security Advisory: rsync security update | 2025-07-29T00:20:18+00:00 | 2025-11-08T04:24:27+00:00 |
| rhsa-2025:12010 | Red Hat Security Advisory: sqlite security update | 2025-07-28T22:12:48+00:00 | 2025-11-12T02:19:18+00:00 |
| rhsa-2025:12008 | Red Hat Security Advisory: redis:7 security update | 2025-07-28T20:02:47+00:00 | 2025-11-11T16:22:52+00:00 |
| rhsa-2025:12006 | Red Hat Security Advisory: redis:6 security update | 2025-07-28T19:45:42+00:00 | 2025-11-11T16:22:53+00:00 |
| rhsa-2025:11992 | Red Hat Security Advisory: sqlite security update | 2025-07-28T18:19:49+00:00 | 2025-11-12T02:19:18+00:00 |
| rhsa-2025:11984 | Red Hat Security Advisory: python-setuptools security update | 2025-07-28T16:52:07+00:00 | 2025-11-07T03:32:24+00:00 |
| rhsa-2025:11986 | Red Hat Security Advisory: Red Hat build of Keycloak 26.0.13 Images Update | 2025-07-28T16:45:24+00:00 | 2025-11-07T18:35:36+00:00 |
| rhsa-2025:11987 | Red Hat Security Advisory: Red Hat build of Keycloak 26.0.13 Update | 2025-07-28T16:43:46+00:00 | 2025-11-07T18:35:38+00:00 |
| rhsa-2025:11933 | Red Hat Security Advisory: sqlite security update | 2025-07-28T14:46:09+00:00 | 2025-11-12T02:19:18+00:00 |
| rhsa-2025:11696 | Red Hat Security Advisory: Red Hat JBoss Web Server 5.8.5 release and security update | 2025-07-28T13:56:27+00:00 | 2025-11-06T23:41:41+00:00 |
| rhsa-2025:11695 | Red Hat Security Advisory: Red Hat JBoss Web Server 5.8.5 release and security update | 2025-07-28T13:54:01+00:00 | 2025-11-06T23:41:41+00:00 |
| rhsa-2025:11889 | Red Hat Security Advisory: 7.1 container image is now available in the Red Hat Ecosystem Catalog. | 2025-07-28T10:55:23+00:00 | 2025-11-11T16:24:58+00:00 |
| rhsa-2025:11884 | Red Hat Security Advisory: unbound security update | 2025-07-28T10:47:26+00:00 | 2025-11-06T23:41:45+00:00 |
| rhsa-2025:11861 | Red Hat Security Advisory: kernel security update | 2025-07-28T10:31:41+00:00 | 2025-11-12T08:20:30+00:00 |
| rhsa-2025:11868 | Red Hat Security Advisory: python-setuptools security update | 2025-07-28T10:19:36+00:00 | 2025-11-07T03:32:23+00:00 |
| rhsa-2025:11849 | Red Hat Security Advisory: unbound security update | 2025-07-28T09:02:41+00:00 | 2025-11-06T23:41:44+00:00 |
| rhsa-2025:11855 | Red Hat Security Advisory: kernel security update | 2025-07-28T08:32:56+00:00 | 2025-11-12T08:20:30+00:00 |
| rhsa-2025:11850 | Red Hat Security Advisory: kernel security update | 2025-07-28T08:16:06+00:00 | 2025-11-06T23:34:27+00:00 |
| rhsa-2025:11851 | Red Hat Security Advisory: kernel-rt security update | 2025-07-28T08:09:01+00:00 | 2025-11-06T23:34:25+00:00 |
| rhsa-2025:11841 | Red Hat Security Advisory: qt5-qtbase security update | 2025-07-28T07:28:16+00:00 | 2025-11-06T23:41:44+00:00 |
| rhsa-2025:11830 | Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.18 security, enhancement & bug fix update | 2025-07-28T05:56:59+00:00 | 2025-11-11T16:22:16+00:00 |
| rhsa-2025:11814 | Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.19 security, enhancement & bug fix update | 2025-07-28T04:53:57+00:00 | 2025-11-11T20:49:10+00:00 |
| rhsa-2025:11810 | Red Hat Security Advisory: kernel security update | 2025-07-28T03:13:16+00:00 | 2025-11-11T11:27:16+00:00 |
| rhsa-2025:11804 | Red Hat Security Advisory: perl security update | 2025-07-28T02:32:35+00:00 | 2025-11-06T23:14:31+00:00 |
| rhsa-2025:11805 | Red Hat Security Advisory: perl security update | 2025-07-28T02:24:30+00:00 | 2025-11-06T23:14:34+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-38077 | platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38075 | scsi: target: iscsi: Fix timeout on deleted connection | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38074 | vhost-scsi: protect vq->log_used with vq->mutex | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38073 | block: fix race between set_blocksize and read paths | 2025-06-02T00:00:00.000Z | 2025-09-04T00:52:22.000Z |
| msrc_cve-2025-38072 | libnvdimm/labels: Fix divide error in nd_label_data_init() | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38071 | x86/mm: Check return value from memblock_phys_alloc_range() | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38070 | ASoC: sma1307: Add NULL check in sma1307_setting_loaded() | 2025-06-02T00:00:00.000Z | 2025-09-04T02:22:58.000Z |
| msrc_cve-2025-38069 | PCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops | 2025-06-02T00:00:00.000Z | 2025-09-04T00:25:27.000Z |
| msrc_cve-2025-38068 | crypto: lzo - Fix compression buffer overrun | 2025-06-02T00:00:00.000Z | 2025-08-07T00:00:00.000Z |
| msrc_cve-2025-38067 | rseq: Fix segfault on registration when rseq_cs is non-zero | 2025-06-02T00:00:00.000Z | 2025-09-04T01:00:44.000Z |
| msrc_cve-2025-38066 | dm cache: prevent BUG_ON by blocking retries on failed device resumes | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38065 | orangefs: Do not truncate file size | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38064 | virtio: break and reset virtio devices on device_shutdown() | 2025-06-02T00:00:00.000Z | 2025-09-04T01:11:55.000Z |
| msrc_cve-2025-38063 | dm: fix unconditional IO throttle caused by REQ_PREFLUSH | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38062 | genirq/msi: Store the IOMMU IOVA directly in msi_desc instead of iommu_cookie | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38061 | net: pktgen: fix access outside of user given buffer in pktgen_thread_write() | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38060 | bpf: copy_verifier_state() should copy 'loop_entry' field | 2025-06-02T00:00:00.000Z | 2025-09-04T01:15:43.000Z |
| msrc_cve-2025-38059 | btrfs: avoid NULL pointer dereference if no valid csum tree | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38058 | __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38057 | espintcp: fix skb leaks | 2025-06-02T00:00:00.000Z | 2025-09-04T00:47:07.000Z |
| msrc_cve-2025-38052 | net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38051 | smb: client: Fix use-after-free in cifs_fill_dirent | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38048 | virtio_ring: Fix data race by tagging event_triggered as racy for KCSAN | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38047 | x86/fred: Fix system hang during S4 resume with FRED enabled | 2025-06-02T00:00:00.000Z | 2025-09-04T00:56:21.000Z |
| msrc_cve-2025-38045 | wifi: iwlwifi: fix debug actions order | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38044 | media: cx231xx: set device_caps for 417 | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38043 | firmware: arm_ffa: Set dma_mask for ffa devices | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38042 | dmaengine: ti: k3-udma-glue: Drop skip_fdq argument from k3_udma_glue_reset_rx_chn | 2025-06-02T00:00:00.000Z | 2025-09-04T02:03:55.000Z |
| msrc_cve-2025-38041 | clk: sunxi-ng: h616: Reparent GPU clock during frequency changes | 2025-06-02T00:00:00.000Z | 2025-09-04T01:05:50.000Z |
| msrc_cve-2025-38040 | serial: mctrl_gpio: split disable_ms into sync and no_sync APIs | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2019-000021 | API server used by JR East Japan train operation information push notification App for Android fails to restrict access permissions | 2019-04-01T15:42+09:00 | 2019-04-01T15:42+09:00 |
| jvndb-2019-000020 | PowerAct Pro Master Agent for Windows fails to restrict acess permissions | 2019-03-27T14:41+09:00 | 2019-09-27T10:38+09:00 |
| jvndb-2019-000018 | "an" App for iOS vulnerable to directory traversal | 2019-03-19T15:51+09:00 | 2019-09-26T17:56+09:00 |
| jvndb-2019-000019 | KinagaCMS vulnerable to cross-site scripting | 2019-03-15T17:03+09:00 | 2019-09-26T17:10+09:00 |
| jvndb-2019-000015 | iChain Insurance Wallet App for iOS vulnerable to directory traversal | 2019-03-12T14:28+09:00 | 2019-09-27T10:04+09:00 |
| jvndb-2019-000017 | Dradis Community Edition and Dradis Professional Edition vulnerable to cross-site scripting | 2019-03-05T14:18+09:00 | 2019-09-27T09:54+09:00 |
| jvndb-2019-000016 | WordPress plugin "Smart Forms" vulnerable to cross-site request forgery | 2019-02-28T15:57+09:00 | 2019-09-27T09:59+09:00 |
| jvndb-2019-000013 | Windows 7 may insecurely load Dynamic Link Libraries | 2019-02-28T15:52+09:00 | 2019-09-27T10:09+09:00 |
| jvndb-2019-000012 | Multiple vulnerabilities in Nablarch | 2019-02-27T17:14+09:00 | 2019-09-27T10:15+09:00 |
| jvndb-2019-000011 | WordPress plugin "FormCraft" vulnerable to cross-site request forgery | 2019-02-26T14:46+09:00 | 2019-09-27T10:12+09:00 |
| jvndb-2019-001285 | DoS Vulnerability in JP1/Base | 2019-02-25T17:13+09:00 | 2019-02-25T17:13+09:00 |
| jvndb-2019-000010 | azure-umqtt-c vulnerable to denial-of-service (DoS) | 2019-02-20T16:59+09:00 | 2019-02-20T16:59+09:00 |
| jvndb-2019-000009 | Installer of Adobe Creative Cloud Desktop Application may insecurely load Dynamic Link Libraries | 2019-02-18T15:16+09:00 | 2019-10-01T10:15+09:00 |
| jvndb-2019-000008 | A vulnerability in V20 PRO L-01J that may cause a crash | 2019-02-12T17:23+09:00 | 2019-02-12T17:23+09:00 |
| jvndb-2019-000007 | OpenAM (Open Source Edition) vulnerable to open redirect | 2019-02-06T15:45+09:00 | 2019-08-28T11:00+09:00 |
| jvndb-2019-000006 | POWER EGG vulnerability where EL expression may be executed | 2019-02-05T14:09+09:00 | 2019-09-26T18:05+09:00 |
| jvndb-2019-000004 | UNLHA32.DLL, UNARJ32.DLL, LHMelting and LMLzh32.DLL may insecurely load Dynamic Link Libraries | 2019-01-31T15:46+09:00 | 2019-09-26T18:08+09:00 |
| jvndb-2019-000005 | The installers of UNLHA32.DLL, UNARJ32.DLL and LHMelting may insecurely load Dynamic Link Libraries | 2019-01-31T15:35+09:00 | 2019-08-28T12:08+09:00 |
| jvndb-2019-000003 | HOUSE GATE App for iOS vulnerable to directory traversal | 2019-01-24T15:37+09:00 | 2019-01-24T15:37+09:00 |
| jvndb-2019-001095 | Cross-site Scripting Vulnerability in Hitachi Device Manager | 2019-01-22T11:47+09:00 | 2019-01-24T18:38+09:00 |
| jvndb-2019-001094 | Information Disclosure Vulnerability in Hitachi Command Suite and Hitachi Infrastructure Analytics Advisor | 2019-01-22T11:47+09:00 | 2019-01-24T18:39+09:00 |
| jvndb-2019-000001 | WordPress plugin "spam-byebye" vulnerable to cross-site scripting | 2019-01-10T15:45+09:00 | 2019-08-28T09:54+09:00 |
| jvndb-2018-000137 | GROWI vulnerable to cross-site scripting | 2018-12-26T16:36+09:00 | 2019-08-27T15:07+09:00 |
| jvndb-2018-010851 | Clickjacking Vulnerability in Hitachi Automation Director | 2018-12-26T12:09+09:00 | 2019-01-24T18:37+09:00 |
| jvndb-2018-000135 | WordPress plugin "Google XML Sitemaps" vulnerable to cross-site scripting | 2018-12-25T16:19+09:00 | 2019-08-27T15:12+09:00 |
| jvndb-2018-000136 | Installer of Mapping Tool may insecurely load Dynamic Link Libraries | 2018-12-25T16:18+09:00 | 2019-08-27T16:36+09:00 |
| jvndb-2018-000133 | cordova-plugin-ionic-webview vulnerable to path traversal | 2018-12-21T14:17+09:00 | 2019-08-28T10:04+09:00 |
| jvndb-2018-000134 | PgpoolAdmin fails to restrict access permissions | 2018-12-21T14:10+09:00 | 2019-08-27T17:41+09:00 |
| jvndb-2018-000132 | Multiple vulnerabilities in Toshiba Lighting & Technology Corporation Home gateway | 2018-12-19T15:20+09:00 | 2019-08-28T10:45+09:00 |
| jvndb-2018-000131 | Multiple vulnerabilities in Aterm WF1200CR and Aterm WG1200CR | 2018-12-14T14:53+09:00 | 2019-08-27T11:33+09:00 |
| ID | Description | Updated |
|---|