Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-2fh7-g5h4-3598 | In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to… | 2025-11-04T09:31:16Z | 2025-11-04T18:31:57Z |
| ghsa-vh6r-gfvr-6mqr | In ims service, there is a possible out of bounds write due to a missing bounds check. This could l… | 2025-11-04T09:31:15Z | 2025-11-04T18:31:56Z |
| ghsa-3fxq-vfm3-v9wf | In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead… | 2025-11-04T09:31:15Z | 2025-11-04T18:31:56Z |
| ghsa-x5h5-7m64-x9xm | The MapMap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, … | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-wqmw-2cq3-rr6p | The WP Carticon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'carticon… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-vj5f-vg3r-fvh8 | The Free Quotation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin sett… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-rhxj-9r87-4xrm | The Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One plugin for WordPres… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-qwj5-jf76-vpjr | The DominoKit plugin for WordPress is vulnerable to unauthorized access due to a missing capability… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-mjm5-cr6q-x25r | The Simple User Capabilities plugin for WordPress is vulnerable to unauthorized modification of dat… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-m6v3-xvp5-5g2q | The service employed by Everything, running as SYSTEM, communicates with the lower privileged Every… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-jxvj-4752-7c25 | The Social Media WPCF7 Stop Words plugin for WordPress is vulnerable to Cross-Site Request Forgery … | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-jxcx-x35q-5pgm | The Nari Accountant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via account s… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-hg85-w9x6-p4fq | The Extensions for Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-h8rw-xxqw-q838 | The Top Bar Notification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all ve… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-grcx-5pw5-xxrw | The Crypto Payment Gateway with Payeer for WooCommerce plugin for WordPress is vulnerable to paymen… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-fp8q-xhc3-w5c8 | The clubmember plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-f29q-2rg8-rqm2 | The Associados Amazon Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in al… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-cx6v-gm6w-p423 | The LMB^Box Smileys plugin for WordPress is vulnerable to Cross-Site Request Forgery in all version… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-cw7m-pr9p-fp7m | The Simple User Capabilities plugin for WordPress is vulnerable to Privilege Escalation due to a mi… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-c9cf-gx4r-55f7 | The Pagerank Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Cross-Site… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-c55w-6gvp-96m8 | The LinkedIn Resume plugin for WordPress is vulnerable to Cross-Site Request Forgery in all version… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-8fg7-5vqq-795m | The All in One Time Clock Lite plugin for WordPress is vulnerable to unauthorized access due to a m… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-7jjj-fhq5-2gq3 | The SH Contextual Help plugin for WordPress is vulnerable to Cross-Site Request Forgery in all vers… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-6h2j-h2vw-282c | The Centangle-Team plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:13Z |
| ghsa-627w-fp5f-x4qx | The Reuse Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'reuse_… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-5647-2cr4-4573 | The Posts Navigation Links for Sections and Headings – Free by WP Masters plugin for WordPress is v… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-546r-87jx-5rwj | The Visit Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. … | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-25qp-vg38-c324 | The Import Export For WooCommerce plugin for WordPress is vulnerable to unauthorized modification o… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-xr5c-327f-pm5q | The Bootstrap Multi-language Responsive Portfolio plugin for WordPress is vulnerable to Stored Cros… | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-rw6r-rw4v-3j2m | Multiple plugins for WordPress with the Jewel Theme Recommended Plugins Library are vulnerable to U… | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-41114 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:10:31.829Z | 2025-11-04T18:32:18.961Z |
| cve-2025-41113 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:10:12.086Z | 2025-11-04T18:51:57.285Z |
| cve-2025-41112 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:09:53.897Z | 2025-11-04T14:18:59.923Z |
| cve-2025-41111 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:08:40.472Z | 2025-11-04T14:19:54.307Z |
| cve-2025-12045 | Orbit Fox Companion <= 3.0.2 - Authenticated (Author+)… |
themeisle |
Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More |
2025-11-04T11:19:27.966Z | 2025-11-04T18:53:30.602Z | |
| cve-2025-12493 | ShopLentor <= 3.2.5 - Unauthenticated Local PHP File I… |
devitemsllc |
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution (formerly WooLentor) |
2025-11-04T11:19:27.403Z | 2025-11-04T20:13:56.143Z | |
| cve-2025-11690 | 8.5 (v3.1) | IDOR vulnerability in the CFMOTO RIDE API |
CFMOTO |
RIDE |
2025-11-04T10:25:45.416Z | 2025-11-10T18:24:47.168Z |
| cve-2025-20749 | N/A | In charger, there is a possible out of bounds wri… |
MediaTek, Inc. |
MT6789, MT6835, MT6855, MT6878, MT6879, MT6886, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8169, MT8188, MT8195, MT8196, MT8781, MT8796 |
2025-11-04T06:20:51.979Z | 2025-11-05T04:55:28.632Z |
| cve-2025-20748 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:20:23.128Z | 2025-11-05T04:55:29.380Z |
| cve-2025-20741 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:20:21.366Z | 2025-11-05T04:55:30.330Z |
| cve-2025-20747 | N/A | In gnss service, there is a possible out of bound… |
MediaTek, Inc. |
MT2718, MT2737, MT6835, MT6878, MT6886, MT6897, MT6899, MT6982, MT6985, MT6986, MT6986D, MT6989, MT6990, MT6991, MT8676, MT8678, MT8755, MT8893 |
2025-11-04T06:20:19.607Z | 2025-11-05T04:55:31.133Z |
| cve-2025-20746 | N/A | In gnss service, there is a possible out of bound… |
MediaTek, Inc. |
MT2718, MT2737, MT6835, MT6878, MT6886, MT6897, MT6899, MT6982, MT6985, MT6986, MT6986D, MT6989, MT6990, MT6991, MT8676, MT8678, MT8755, MT8893 |
2025-11-04T06:20:17.860Z | 2025-11-05T04:55:32.792Z |
| cve-2025-20739 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:20:16.025Z | 2025-11-05T04:55:33.598Z |
| cve-2025-20738 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:20:14.296Z | 2025-11-05T04:55:34.374Z |
| cve-2025-20736 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:20:12.530Z | 2025-11-05T04:55:35.164Z |
| cve-2025-20734 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:20:10.764Z | 2025-11-05T04:55:51.084Z |
| cve-2025-20732 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:20:08.954Z | 2025-11-05T04:55:50.276Z |
| cve-2025-20731 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:20:07.276Z | 2025-11-05T04:55:49.411Z |
| cve-2025-20729 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:20:05.491Z | 2025-11-05T04:55:48.589Z |
| cve-2025-20745 | N/A | In apusys, there is a possible memory corruption … |
MediaTek, Inc. |
MT2718, MT6989, MT6991, MT8370, MT8390, MT8395, MT8676, MT8678, MT87920 |
2025-11-04T06:20:03.095Z | 2025-11-05T04:55:47.647Z |
| cve-2025-20744 | N/A | In pda, there is a possible escalation of privile… |
MediaTek, Inc. |
MT6899, MT6991, MT8793 |
2025-11-04T06:19:59.710Z | 2025-11-05T04:55:45.818Z |
| cve-2025-20743 | N/A | In clkdbg, there is a possible escalation of priv… |
MediaTek, Inc. |
MT2718, MT6761, MT6765, MT6768, MT6781, MT6853, MT6877, MT6886, MT6893, MT6897, MT6899, MT6983, MT6989, MT6991, MT8113, MT8163, MT8168, MT8169, MT8183, MT8186, MT8188, MT8195, MT8196, MT8321, MT8365, MT8385, MT8390, MT8391, MT8512, MT8516, MT8519, MT8676, MT8678, MT8695, MT8696, MT8698, MT8755, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788E, MT8791T, MT8792, MT8793, MT8796, MT8797, MT8798, MT8873, MT8883, MT8893 |
2025-11-04T06:19:57.990Z | 2025-11-05T04:55:44.828Z |
| cve-2025-20742 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7603, MT7615, MT7622, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:19:56.287Z | 2025-11-05T04:55:43.910Z |
| cve-2025-20740 | N/A | In wlan STA driver, there is a possible out of bo… |
MediaTek, Inc. |
MT7902, MT7920, MT7921, MT7922, MT7925, MT7927 |
2025-11-04T06:19:54.584Z | 2025-11-04T15:04:25.506Z |
| cve-2025-20737 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:19:52.883Z | 2025-11-05T04:55:42.993Z |
| cve-2025-20735 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:19:50.999Z | 2025-11-05T04:55:42.073Z |
| cve-2025-20733 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:19:49.117Z | 2025-11-05T04:55:41.224Z |
| cve-2025-20730 | N/A | In preloader, there is a possible escalation of p… |
MediaTek, Inc. |
MT2737, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6990, MT6991, MT8188, MT8195, MT8676, MT8678, MT8696 |
2025-11-04T06:19:47.152Z | 2025-11-05T04:55:40.432Z |
| cve-2025-20728 | N/A | In wlan STA driver, there is a possible out of bo… |
MediaTek, Inc. |
MT7902, MT7920, MT7921, MT7922, MT7925, MT7927 |
2025-11-04T06:19:45.290Z | 2025-11-05T04:55:39.588Z |
| cve-2025-20725 | N/A | In ims service, there is a possible out of bounds… |
MediaTek, Inc. |
MT2735, MT2737, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769K, MT6769S, MT6769T, MT6769Z, MT6771, MT6833, MT6833P, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8766R, MT8768, MT8771, MT8786, MT8788, MT8788E, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8893 |
2025-11-04T06:19:43.569Z | 2025-11-05T04:55:37.570Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-54327 | N/A | An issue was discovered in VTS in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:23:00.335Z |
| cve-2025-49494 | N/A | An issue was discovered in Samsung Mobile Process… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T20:08:30.860Z |
| cve-2025-33176 | 6.2 (v3.1) | NVIDIA RunAI for all platforms contains a vulnera… |
NVIDIA |
RunAI |
2025-11-04T19:46:41.310Z | 2025-11-04T20:10:14.826Z |
| cve-2025-23358 | 8.2 (v3.1) | NVIDIA NVApp for Windows contains a vulnerability… |
NVIDIA |
NVApp |
2025-11-04T19:47:35.156Z | 2025-11-05T04:55:51.900Z |
| cve-2025-64322 | N/A | Incorrect Permission Assignment for Critical Reso… |
Salesforce |
Agentforce Vibes Extension |
2025-11-04T18:33:19.118Z | 2025-11-11T05:12:06.968Z |
| cve-2025-64321 | N/A | Improper Neutralization of Input Used for LLM Pro… |
Salesforce |
Agentforce Vibes Extension |
2025-11-04T18:30:39.497Z | 2025-11-11T05:09:50.301Z |
| cve-2025-64320 | N/A | Improper Neutralization of Input Used for LLM Pro… |
Salesforce |
Agentforce Vibes Extension |
2025-11-04T18:27:32.096Z | 2025-11-05T14:32:23.386Z |
| cve-2025-64319 | N/A | Incorrect Permission Assignment for Critical Reso… |
Salesforce |
Mulesoft Anypoint Code Builder |
2025-11-04T18:22:51.106Z | 2025-11-11T05:05:19.757Z |
| cve-2025-64318 | N/A | Improper Neutralization of Input Used for LLM Pro… |
Salesforce |
Mulesoft Anypoint Code Builder |
2025-11-04T18:19:33.473Z | 2025-11-11T04:48:57.876Z |
| cve-2025-54334 | N/A | An issue was discovered in the NPU driver in Sams… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T20:38:20.142Z |
| cve-2025-52513 | N/A | An issue was discovered in Samsung Mobile Process… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T20:37:11.807Z |
| cve-2025-52512 | N/A | An issue was discovered in Samsung Mobile Process… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:21:10.214Z |
| cve-2025-12108 | 9.3 (v4.0) | Missing Authentication for Critical Function Survision… |
Survision |
License Plate Recognition Camera |
2025-11-04T18:43:54.147Z | 2025-11-05T14:46:47.761Z |
| cve-2025-10875 | N/A | Improper Neutralization of Input Used for LLM Pro… |
Salesforce |
Mulesoft Anypoint Code Builder |
2025-11-04T18:14:28.677Z | 2025-11-05T14:33:29.924Z |
| cve-2025-54333 | N/A | An issue was discovered in NPU in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T20:02:17.865Z |
| cve-2025-54325 | N/A | An issue was discovered in VTS in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T20:36:14.961Z |
| cve-2025-61956 | 10 (v4.0) 10 (v3.1) | Missing Authentication for Critical Function in Radiom… |
Radiometrics |
VizAir |
2025-11-04T16:15:05.012Z | 2025-11-04T16:26:27.186Z |
| cve-2025-61945 | 10 (v4.0) 10 (v3.1) | Missing Authentication for Critical Function in Radiom… |
Radiometrics |
VizAir |
2025-11-04T16:10:49.931Z | 2025-11-05T14:34:04.566Z |
| cve-2025-60925 | N/A | codeshare v1.0.0 was discovered to contain an inf… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T16:40:03.055Z |
| cve-2025-54863 | 10 (v4.0) 10 (v3.1) | Insufficiently Protected Credentials in Radiometrics VizAir |
Radiometrics |
VizAir |
2025-11-04T16:13:03.327Z | 2025-11-04T16:31:15.814Z |
| cve-2025-54332 | N/A | An issue was discovered in NPU in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T19:59:59.474Z |
| cve-2025-54331 | N/A | An issue was discovered in NPU in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T19:57:07.265Z |
| cve-2025-54330 | N/A | An issue was discovered in NPU in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T19:54:36.141Z |
| cve-2025-54329 | N/A | An issue was discovered in NAS in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T16:58:31.436Z |
| cve-2025-54323 | N/A | An issue was discovered in the camera in Samsung … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T20:27:01.989Z |
| cve-2025-63294 | N/A | WorkDo HRM SaaS HR and Payroll Tool 8.1 is affect… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T15:52:40.974Z |
| cve-2025-12184 | MeetingList <= 0.11 - Authenticated (Admin+) Stored Cr… |
rboatright |
MeetingList |
2025-11-04T14:25:04.104Z | 2025-11-04T14:35:54.765Z | |
| cve-2025-41345 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:18:42.706Z | 2025-11-04T14:35:54.374Z |
| cve-2025-41344 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:18:20.077Z | 2025-11-04T15:04:57.015Z |
| cve-2025-41343 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:18:05.093Z | 2025-11-04T15:07:08.054Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-148847 | Malicious code in typeorm-karma-zenobia-inquirer (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148846 | Malicious code in typeorm-gridsome-vega-writable (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148845 | Malicious code in typeorm-fornax-centaurus-eridanus (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148844 | Malicious code in typeorm-fomalhaut-testcafe-link (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148843 | Malicious code in typeorm-flare-fomalhaut-csv (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148842 | Malicious code in typeorm-css-loader-draco-docusaurus (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148841 | Malicious code in typeorm-cressida-cz-conventional-changelog-markdown-pdf (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148840 | Malicious code in typeorm-comet-carpo-foundation (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148839 | Malicious code in typeorm-chalk-eslint-config-geckodriver (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148838 | Malicious code in typeorm-bulma-optimize-css-assets-webpack-plugin-nodejs (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148837 | Malicious code in typeorm-barnard-pino-pretty-prompts (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148836 | Malicious code in typeorm-astro-playwright-hercules (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148835 | Malicious code in typeorm-antares-geckodriver-auth0 (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148834 | Malicious code in triton-xml-ganymede-janus (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148833 | Malicious code in triton-winston-sequelize-kaus (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148832 | Malicious code in triton-webdriverio-hyperion-capella (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148831 | Malicious code in triton-webdriver-mocha-hercules-sails (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148830 | Malicious code in triton-warp-sadr-nightmare (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148829 | Malicious code in triton-taurus-callisto-yaml (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148828 | Malicious code in triton-sirius-redis-eslint (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148827 | Malicious code in triton-scripts-cygnus-css-loader (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148826 | Malicious code in triton-radiant-lynx-frontend (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148825 | Malicious code in triton-publish-pm2-auriga (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148824 | Malicious code in triton-public-duplex-await (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148823 | Malicious code in triton-phoebe-lint-staged-postcss (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148822 | Malicious code in triton-phenomic-halley-sagitta (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148821 | Malicious code in triton-pegasus-less-loader-antares (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148820 | Malicious code in triton-mira-regulus-betelgeuse (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148819 | Malicious code in triton-html-webpack-plugin-semantic-ui-cygnus (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148818 | Malicious code in triton-global-unuk-inquirer (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:11802 | Red Hat Security Advisory: nodejs:22 security update | 2025-07-28T02:10:35+00:00 | 2025-11-12T02:19:17+00:00 |
| rhsa-2025:11803 | Red Hat Security Advisory: nodejs:22 security update | 2025-07-28T01:55:01+00:00 | 2025-11-12T02:19:20+00:00 |
| rhsa-2025:11801 | Red Hat Security Advisory: git security update | 2025-07-28T01:45:10+00:00 | 2025-11-06T23:41:43+00:00 |
| rhsa-2025:11794 | Red Hat Security Advisory: git security update | 2025-07-28T01:28:55+00:00 | 2025-11-06T23:41:42+00:00 |
| rhsa-2025:11800 | Red Hat Security Advisory: git security update | 2025-07-28T01:24:00+00:00 | 2025-11-06T23:41:43+00:00 |
| rhsa-2025:11797 | Red Hat Security Advisory: firefox security update | 2025-07-28T01:21:50+00:00 | 2025-11-06T23:41:43+00:00 |
| rhsa-2025:11796 | Red Hat Security Advisory: git security update | 2025-07-28T01:20:45+00:00 | 2025-11-06T23:41:43+00:00 |
| rhsa-2025:11795 | Red Hat Security Advisory: git security update | 2025-07-28T01:17:10+00:00 | 2025-11-06T23:41:43+00:00 |
| rhsa-2025:11793 | Red Hat Security Advisory: git security update | 2025-07-24T23:10:17+00:00 | 2025-11-06T23:41:42+00:00 |
| rhsa-2025:11748 | Red Hat Security Advisory: firefox security update | 2025-07-24T15:45:22+00:00 | 2025-11-06T23:41:42+00:00 |
| rhsa-2025:11747 | Red Hat Security Advisory: firefox security update | 2025-07-24T15:21:41+00:00 | 2025-11-06T23:41:42+00:00 |
| rhsa-2025:11749 | Red Hat Security Advisory: Updated 8.1 container image is now available: security and bug fix update | 2025-07-24T15:20:25+00:00 | 2025-11-11T20:38:53+00:00 |
| rhsa-2025:11688 | Red Hat Security Advisory: git security update | 2025-07-24T08:08:30+00:00 | 2025-11-06T23:41:41+00:00 |
| rhsa-2025:11686 | Red Hat Security Advisory: git security update | 2025-07-24T07:49:46+00:00 | 2025-11-06T23:41:41+00:00 |
| rhsa-2025:11352 | Red Hat Security Advisory: OpenShift Container Platform 4.15.55 packages and security update | 2025-07-23T17:25:28+00:00 | 2025-11-11T20:38:50+00:00 |
| rhsa-2025:11662 | Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Jaeger) 3.5.1 release | 2025-07-23T16:11:26+00:00 | 2025-11-06T22:45:13+00:00 |
| rhsa-2025:11645 | Red Hat Security Advisory: Red Hat Single Sign-On 7.6.12 security update | 2025-07-23T15:31:23+00:00 | 2025-11-11T16:05:02+00:00 |
| rhsa-2025:11638 | Red Hat Security Advisory: Red Hat Single Sign-On 7.6.12 security update on RHEL 7 | 2025-07-23T15:27:18+00:00 | 2025-11-11T16:05:01+00:00 |
| rhsa-2025:11640 | Red Hat Security Advisory: Red Hat Single Sign-On 7.6.12 security update on RHEL 9 | 2025-07-23T15:25:23+00:00 | 2025-11-11T16:05:02+00:00 |
| rhsa-2025:11636 | Red Hat Security Advisory: Red Hat Single Sign-On 7.6.12 for OpenShift image security update | 2025-07-23T15:24:53+00:00 | 2025-11-11T16:05:00+00:00 |
| rhsa-2025:11639 | Red Hat Security Advisory: Red Hat Single Sign-On 7.6.12 security update on RHEL 8 | 2025-07-23T15:24:23+00:00 | 2025-11-11T16:05:01+00:00 |
| rhsa-2025:11534 | Red Hat Security Advisory: git security update | 2025-07-23T14:25:28+00:00 | 2025-11-06T22:35:16+00:00 |
| rhsa-2025:11607 | Red Hat Security Advisory: python3-setuptools security update | 2025-07-23T11:40:03+00:00 | 2025-11-07T03:32:22+00:00 |
| rhsa-2025:11584 | Red Hat Security Advisory: python-setuptools security update | 2025-07-23T05:34:57+00:00 | 2025-11-07T03:32:21+00:00 |
| rhsa-2025:11580 | Red Hat Security Advisory: libxml2 security update | 2025-07-23T05:06:37+00:00 | 2025-11-07T18:40:12+00:00 |
| rhsa-2025:11573 | Red Hat Security Advisory: Multicluster engine for Kubernetes 2.7.5 security updates and bug fixes | 2025-07-23T03:56:43+00:00 | 2025-11-11T16:21:40+00:00 |
| rhsa-2025:11570 | Red Hat Security Advisory: kernel security update | 2025-07-23T00:30:32+00:00 | 2025-11-08T06:49:23+00:00 |
| rhsa-2025:11571 | Red Hat Security Advisory: kernel security update | 2025-07-23T00:28:12+00:00 | 2025-11-06T23:14:29+00:00 |
| rhsa-2025:11572 | Red Hat Security Advisory: kernel-rt security update | 2025-07-23T00:18:22+00:00 | 2025-11-06T23:14:30+00:00 |
| rhsa-2025:11545 | Red Hat Security Advisory: perl security update | 2025-07-22T18:22:26+00:00 | 2025-11-06T23:14:29+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-38039 | net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38038 | cpufreq: amd-pstate: Remove unnecessary driver_lock in set_boost | 2025-06-02T00:00:00.000Z | 2025-09-04T01:29:23.000Z |
| msrc_cve-2025-38037 | vxlan: Annotate FDB data races | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38036 | drm/xe/vf: Perform early GT MMIO initialization to read GMDID | 2025-06-02T00:00:00.000Z | 2025-09-04T01:49:55.000Z |
| msrc_cve-2025-38035 | nvmet-tcp: don't restore null sk_state_change | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38034 | btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38029 | kasan: avoid sleepable page allocation from atomic context | 2025-06-02T00:00:00.000Z | 2025-09-04T02:14:45.000Z |
| msrc_cve-2025-38022 | RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem | 2025-06-02T00:00:00.000Z | 2025-09-04T00:31:51.000Z |
| msrc_cve-2025-38011 | drm/amdgpu: csa unmap use uninterruptible lock | 2025-06-02T00:00:00.000Z | 2025-09-04T01:44:30.000Z |
| msrc_cve-2025-38004 | can: bcm: add locking for bcm_op runtime updates | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38003 | can: bcm: add missing rcu read protection for procfs content | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38001 | net_sched: hfsc: Address reentrant enqueue adding class to eltree twice | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-38000 | sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() | 2025-06-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-32463 | Sudo before 1.9.17p1 allows local users to obtain root access | 2025-06-02T00:00:00.000Z | 2025-07-17T00:00:00.000Z |
| msrc_cve-2025-32462 | Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL | 2025-06-02T00:00:00.000Z | 2025-07-17T00:00:00.000Z |
| msrc_cve-2025-30360 | webpack-dev-server users' source code may be stolen when they access a malicious web site with non-Chromium based browser | 2025-06-02T00:00:00.000Z | 2025-09-04T05:10:20.000Z |
| msrc_cve-2025-30359 | webpack-dev-server users' source code may be stolen when they access a malicious web site | 2025-06-02T00:00:00.000Z | 2025-09-04T04:45:07.000Z |
| msrc_cve-2025-22874 | Usage of ExtKeyUsageAny disables policy validation in crypto/x509 | 2025-06-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-20260 | ClamAV PDF Scanning Buffer Overflow Vulnerability | 2025-06-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-0913 | Inconsistent handling of O_CREATE|O_EXCL on Unix and Windows in os in syscall | 2025-06-02T00:00:00.000Z | 2025-09-03T22:32:05.000Z |
| msrc_cve-2024-6174 | When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration. | 2025-06-02T00:00:00.000Z | 2025-07-15T00:00:00.000Z |
| msrc_cve-2024-47081 | Requests vulnerable to .netrc credentials leak via malicious URLs | 2025-06-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2024-12718 | Bypass extraction filter to modify file metadata outside extraction directory | 2025-06-02T00:00:00.000Z | 2025-07-18T00:00:00.000Z |
| msrc_cve-2024-11584 | cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands. | 2025-06-02T00:00:00.000Z | 2025-07-15T00:00:00.000Z |
| msrc_cve-2022-50232 | arm64: set UXN on swapper page tables | 2025-06-02T00:00:00.000Z | 2025-09-04T01:37:56.000Z |
| msrc_cve-2022-50230 | arm64: set UXN on swapper page tables | 2025-06-02T00:00:00.000Z | 2025-09-04T02:27:11.000Z |
| msrc_cve-2025-5245 | GNU Binutils objdump debug.c debug_type_samep memory corruption | 2025-05-02T00:00:00.000Z | 2025-07-10T00:00:00.000Z |
| msrc_cve-2025-5244 | GNU Binutils ld elflink.c elf_gc_sweep memory corruption | 2025-05-02T00:00:00.000Z | 2025-07-10T00:00:00.000Z |
| msrc_cve-2025-5222 | Icu: stack buffer overflow in the srbroot::addtag function | 2025-05-02T00:00:00.000Z | 2025-08-14T00:00:00.000Z |
| msrc_cve-2025-5025 | No QUIC certificate pinning with wolfSSL | 2025-05-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2018-000126 | Multiple vulnerabilities in Cybozu Remote Service | 2018-12-10T14:26+09:00 | 2019-08-27T11:48+09:00 |
| jvndb-2018-000130 | Cybozu Garoon access restriction bypass vulnerability | 2018-12-10T14:14+09:00 | 2019-08-27T16:54+09:00 |
| jvndb-2018-000129 | Multiple vulnerabilities in i-FILTER | 2018-12-07T14:30+09:00 | 2019-08-27T11:45+09:00 |
| jvndb-2018-000128 | Multiple vulnerabilities in multiple SEIKO EPSON printers and scanners | 2018-12-06T16:19+09:00 | 2019-09-27T09:55+09:00 |
| jvndb-2018-010028 | Multiple Vulnerabilities in Hitachi Infrastructure Analytics Advisor | 2018-12-04T16:53+09:00 | 2019-01-24T18:35+09:00 |
| jvndb-2018-010027 | Problem with directory permissions in JP1/Operations Analytics | 2018-12-04T16:53+09:00 | 2019-01-24T18:36+09:00 |
| jvndb-2018-000123 | Panasonic applications register unquoted service paths | 2018-11-29T14:45+09:00 | 2019-09-27T10:31+09:00 |
| jvndb-2018-000125 | The installer of MARKET SPEED may insecurely load Dynamic Link Libraries | 2018-11-28T17:27+09:00 | 2019-08-28T10:01+09:00 |
| jvndb-2018-000127 | EC-CUBE vulnerable to open redirect | 2018-11-28T17:24+09:00 | 2019-08-28T09:42+09:00 |
| jvndb-2018-000124 | Multiple vulnerabilities in RICOH Interactive Whiteboard | 2018-11-27T15:26+09:00 | 2019-08-27T17:01+09:00 |
| jvndb-2018-009387 | Mizuho Bank Mizuho Direct App for Android fails to verify SSL server certificates | 2018-11-19T15:44+09:00 | 2019-08-27T16:48+09:00 |
| jvndb-2018-009328 | Multiple Vulnerabilities in JP1/VERITAS | 2018-11-15T17:16+09:00 | 2018-11-20T18:16+09:00 |
| jvndb-2018-000121 | Cybozu Dezie vulnerable to directory traversal | 2018-11-14T15:42+09:00 | 2019-08-27T12:25+09:00 |
| jvndb-2018-000120 | Multiple directory traversal vulnerabilities in Cybozu Office | 2018-11-14T15:38+09:00 | 2019-08-27T12:28+09:00 |
| jvndb-2018-000119 | Cybozu Mailwise vulnerable to directory traversal | 2018-11-14T15:34+09:00 | 2019-08-27T13:37+09:00 |
| jvndb-2018-000118 | The installer of Windows10 Fall Creators Update Modify module for Security Measures tool may insecurely load Dynamic Link Libraries | 2018-11-09T16:13+09:00 | 2019-08-27T18:03+09:00 |
| jvndb-2018-000117 | Multiple vulnerabilities in WordPress plugin "LearnPress" | 2018-11-09T16:13+09:00 | 2019-08-27T11:35+09:00 |
| jvndb-2018-000115 | WordPress plugin "Event Calendar WD" vulnerable to cross-site scripting | 2018-11-02T14:56+09:00 | 2019-08-27T15:15+09:00 |
| jvndb-2018-000116 | Mail app for iOS vulnerable to denial-of-service (DoS) | 2018-11-02T14:42+09:00 | 2018-11-02T14:42+09:00 |
| jvndb-2018-000114 | Confluence Server vulnerable to script injection | 2018-10-29T13:36+09:00 | 2018-10-29T13:36+09:00 |
| jvndb-2018-000113 | Multiple vulnerabilities in OpenDolphin | 2018-10-26T16:16+09:00 | 2019-07-26T14:35+09:00 |
| jvndb-2018-000111 | BlueStacks App Player fails to restrict access permissions | 2018-10-24T16:13+09:00 | 2019-08-27T10:35+09:00 |
| jvndb-2018-000112 | SecureCore Standard Edition vulnerable to authentication bypass | 2018-10-24T16:07+09:00 | 2019-08-06T17:34+09:00 |
| jvndb-2018-008573 | Multiple Vulnerabilities in Hitachi Infrastructure Analytics Advisor | 2018-10-23T15:15+09:00 | 2018-11-20T18:15+09:00 |
| jvndb-2018-008547 | Clickjacking Vulnerability in Hitachi Device Manager | 2018-10-23T13:53+09:00 | 2018-11-20T18:14+09:00 |
| jvndb-2018-000110 | Web Isolation vulnerable to cross-site scripting | 2018-10-19T14:45+09:00 | 2019-07-26T14:06+09:00 |
| jvndb-2018-000109 | Multiple vulnerabilities in YukiWiki | 2018-10-19T14:31+09:00 | 2019-08-27T10:32+09:00 |
| jvndb-2018-000104 | Multiple vulnerabilities in FileZen | 2018-10-15T15:26+09:00 | 2019-07-26T17:00+09:00 |
| jvndb-2018-000107 | OpenAM (Open Source Edition) vulnerable to session management | 2018-10-12T14:44+09:00 | 2019-09-26T18:10+09:00 |
| jvndb-2018-000105 | Metabase vulnerable to cross-site scripting | 2018-10-11T15:54+09:00 | 2019-07-26T17:49+09:00 |
| ID | Description | Updated |
|---|