Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-627w-fp5f-x4qx | The Reuse Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'reuse_… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-5647-2cr4-4573 | The Posts Navigation Links for Sections and Headings – Free by WP Masters plugin for WordPress is v… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-546r-87jx-5rwj | The Visit Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. … | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-25qp-vg38-c324 | The Import Export For WooCommerce plugin for WordPress is vulnerable to unauthorized modification o… | 2025-11-04T06:31:12Z | 2025-11-04T06:31:12Z |
| ghsa-xr5c-327f-pm5q | The Bootstrap Multi-language Responsive Portfolio plugin for WordPress is vulnerable to Stored Cros… | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-rw6r-rw4v-3j2m | Multiple plugins for WordPress with the Jewel Theme Recommended Plugins Library are vulnerable to U… | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-rpw8-5v4g-qxv7 | The Elegance Menu plugin for WordPress is vulnerable to Local File Inclusion in all versions up to,… | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-rhmc-39gv-4g4r | Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCT… | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-qxjh-59hj-xh63 | Memory corruption while processing a GP command response. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-qjrh-fggh-8wwp | The Footnotes Made Easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugi… | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-q2g7-9rcv-3q63 | Information disclosure while processing message from client with invalid payload. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-pvq2-7x57-qm26 | Memory corruption when triggering a subsystem crash with an out-of-range identifier. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-mm84-8qpx-gvch | Memory corruption while accessing a buffer during IOCTL processing. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-jrc6-q6c9-jj82 | The EM Beer Manager plugin for WordPress is vulnerable to arbitrary file upload leading to remote c… | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-jcc7-q72r-qjwh | Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-h646-5v7r-px43 | Memory corruption while processing client message during device management. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-cwq6-ffmr-m8r5 | Memory corruption while processing large input data from a remote source via a communication interface. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-c43p-c7jp-97pv | Memory corruption while processing request sent from GVM. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-84r5-v95q-856f | Memory corruption while processing audio streaming operations. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-6c5m-fv99-g9g5 | Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-26gg-89xw-hgwx | Memory corruption while performing encryption and decryption commands. | 2025-11-04T06:31:11Z | 2025-11-04T06:31:11Z |
| ghsa-p692-pf3m-wv4j | The Label Plugins plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions … | 2025-11-04T06:31:10Z | 2025-11-04T06:31:10Z |
| ghsa-p3wr-7qrc-fwp9 | The CE21 Suite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions… | 2025-11-04T06:31:10Z | 2025-11-04T06:31:10Z |
| ghsa-8pw2-chg7-6hcp | Information disclosure while registering commands from clients with diag through diagHal. | 2025-11-04T06:31:10Z | 2025-11-04T06:31:11Z |
| ghsa-7h4r-7c2q-4767 | The ViaAds plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, … | 2025-11-04T06:31:10Z | 2025-11-04T06:31:10Z |
| ghsa-5qc4-8254-wgvg | The WP Global Screen Options plugin for WordPress is vulnerable to Cross-Site Request Forgery in al… | 2025-11-04T06:31:10Z | 2025-11-04T06:31:10Z |
| ghsa-5m5x-66vw-r2rp | The CE21 Suite plugin for WordPress is vulnerable to unauthorized plugin settings update due to a m… | 2025-11-04T06:31:10Z | 2025-11-04T06:31:10Z |
| ghsa-7fcr-c9xh-j9h5 | The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross-S… | 2025-11-04T03:30:30Z | 2025-11-04T03:30:30Z |
| ghsa-x9rq-6f8f-hfxp | A privacy issue was addressed by moving sensitive data. This issue is fixed in watchOS 26.1, iOS 26… | 2025-11-04T03:30:29Z | 2025-11-05T21:31:01Z |
| ghsa-x562-c4w5-864v | The issue was addressed by adding additional logic. This issue is fixed in watchOS 26.1, iOS 26.1 a… | 2025-11-04T03:30:29Z | 2025-11-05T21:31:00Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-20738 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:20:14.296Z | 2025-11-05T04:55:34.374Z |
| cve-2025-20736 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:20:12.530Z | 2025-11-05T04:55:35.164Z |
| cve-2025-20734 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:20:10.764Z | 2025-11-05T04:55:51.084Z |
| cve-2025-20732 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:20:08.954Z | 2025-11-05T04:55:50.276Z |
| cve-2025-20731 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:20:07.276Z | 2025-11-05T04:55:49.411Z |
| cve-2025-20729 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:20:05.491Z | 2025-11-05T04:55:48.589Z |
| cve-2025-20745 | N/A | In apusys, there is a possible memory corruption … |
MediaTek, Inc. |
MT2718, MT6989, MT6991, MT8370, MT8390, MT8395, MT8676, MT8678, MT87920 |
2025-11-04T06:20:03.095Z | 2025-11-05T04:55:47.647Z |
| cve-2025-20744 | N/A | In pda, there is a possible escalation of privile… |
MediaTek, Inc. |
MT6899, MT6991, MT8793 |
2025-11-04T06:19:59.710Z | 2025-11-05T04:55:45.818Z |
| cve-2025-20743 | N/A | In clkdbg, there is a possible escalation of priv… |
MediaTek, Inc. |
MT2718, MT6761, MT6765, MT6768, MT6781, MT6853, MT6877, MT6886, MT6893, MT6897, MT6899, MT6983, MT6989, MT6991, MT8113, MT8163, MT8168, MT8169, MT8183, MT8186, MT8188, MT8195, MT8196, MT8321, MT8365, MT8385, MT8390, MT8391, MT8512, MT8516, MT8519, MT8676, MT8678, MT8695, MT8696, MT8698, MT8755, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788E, MT8791T, MT8792, MT8793, MT8796, MT8797, MT8798, MT8873, MT8883, MT8893 |
2025-11-04T06:19:57.990Z | 2025-11-05T04:55:44.828Z |
| cve-2025-20742 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7603, MT7615, MT7622, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:19:56.287Z | 2025-11-05T04:55:43.910Z |
| cve-2025-20740 | N/A | In wlan STA driver, there is a possible out of bo… |
MediaTek, Inc. |
MT7902, MT7920, MT7921, MT7922, MT7925, MT7927 |
2025-11-04T06:19:54.584Z | 2025-11-04T15:04:25.506Z |
| cve-2025-20737 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:19:52.883Z | 2025-11-05T04:55:42.993Z |
| cve-2025-20735 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:19:50.999Z | 2025-11-05T04:55:42.073Z |
| cve-2025-20733 | N/A | In wlan AP driver, there is a possible out of bou… |
MediaTek, Inc. |
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 |
2025-11-04T06:19:49.117Z | 2025-11-05T04:55:41.224Z |
| cve-2025-20730 | N/A | In preloader, there is a possible escalation of p… |
MediaTek, Inc. |
MT2737, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6990, MT6991, MT8188, MT8195, MT8676, MT8678, MT8696 |
2025-11-04T06:19:47.152Z | 2025-11-05T04:55:40.432Z |
| cve-2025-20728 | N/A | In wlan STA driver, there is a possible out of bo… |
MediaTek, Inc. |
MT7902, MT7920, MT7921, MT7922, MT7925, MT7927 |
2025-11-04T06:19:45.290Z | 2025-11-05T04:55:39.588Z |
| cve-2025-20725 | N/A | In ims service, there is a possible out of bounds… |
MediaTek, Inc. |
MT2735, MT2737, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769K, MT6769S, MT6769T, MT6769Z, MT6771, MT6833, MT6833P, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8766R, MT8768, MT8771, MT8786, MT8788, MT8788E, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8893 |
2025-11-04T06:19:43.569Z | 2025-11-05T04:55:37.570Z |
| cve-2025-20726 | N/A | In Modem, there is a possible out of bounds write… |
MediaTek, Inc. |
MT2735, MT2737, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769K, MT6769S, MT6769T, MT6769Z, MT6771, MT6813, MT6833, MT6833P, MT6835, MT6835T, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6878, MT6878M, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT6991, MT8666, MT8667, MT8673, MT8675, MT8676, MT8678, MT8765, MT8766, MT8766R, MT8768, MT8771, MT8786, MT8788, MT8788E, MT8791, MT8791T, MT8792, MT8793, MT8795T, MT8797, MT8798, MT8863, MT8873, MT8883, MT8893 |
2025-11-04T06:19:41.827Z | 2025-11-05T04:55:36.771Z |
| cve-2025-20727 | N/A | In Modem, there is a possible out of bounds write… |
MediaTek, Inc. |
MT2735, MT2737, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769K, MT6769S, MT6769T, MT6769Z, MT6771, MT6813, MT6833, MT6833P, MT6835, MT6835T, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6878, MT6878M, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT6991, MT8666, MT8667, MT8673, MT8675, MT8676, MT8678, MT8765, MT8766, MT8766R, MT8768, MT8771, MT8786, MT8788, MT8788E, MT8791, MT8791T, MT8792, MT8793, MT8795T, MT8797, MT8798, MT8863, MT8873, MT8883, MT8893 |
2025-11-04T06:19:40.087Z | 2025-11-05T04:55:35.978Z |
| cve-2025-12396 | Clubmember <= 0.2 - Authenticated (Admin+) Stored Cros… |
alaminopu |
clubmember |
2025-11-04T04:27:24.287Z | 2025-11-04T14:41:45.820Z | |
| cve-2025-11812 | Reuse Builder <= 1.7 - Authenticated (Contributor+) St… |
redq |
Reuse Builder |
2025-11-04T04:27:23.926Z | 2025-11-04T14:56:24.438Z | |
| cve-2025-12403 | Associados Amazon Plugin <= 0.8 - Cross-Site Request F… |
revokee |
Associados Amazon Plugin |
2025-11-04T04:27:23.574Z | 2025-11-04T14:58:40.263Z | |
| cve-2025-11753 | Multi-language Responsive Portfolio WordPress <= 1.0 -… |
augustinfotech |
Bootstrap Multi-language Responsive Portfolio |
2025-11-04T04:27:23.226Z | 2025-11-04T14:56:56.689Z | |
| cve-2025-12158 | Simple User Capabilities <= 1.0 - Missing Authorizatio… |
tanvirahmed1984 |
Simple User Capabilities |
2025-11-04T04:27:22.881Z | 2025-11-04T15:01:57.048Z | |
| cve-2025-12452 | Visit Counter 1.0 - Cross-Site Request Forgery to Stor… |
bestiadurmiente |
Visit Counter |
2025-11-04T04:27:22.522Z | 2025-11-04T15:08:35.205Z | |
| cve-2025-11733 | Footnotes Made Easy <= 3.0.7 - Unauthenticated Stored … |
lumiblog |
Footnotes Made Easy |
2025-11-04T04:27:22.165Z | 2025-11-04T15:10:40.025Z | |
| cve-2025-12065 | WP Carticon <= 1.0.0 - Authenticated (Admin+) Stored C… |
carticon |
WP Carticon |
2025-11-04T04:27:21.798Z | 2025-11-04T15:10:58.084Z | |
| cve-2025-12371 | Nari Accountant <= 1.0.12 - Authenticated (Editor+) St… |
shakhi |
Nari Accountant |
2025-11-04T04:27:21.431Z | 2025-11-04T15:15:44.559Z | |
| cve-2025-12389 | Import Export For WooCommerce <= 1.6.2 - Missing Autho… |
sidngr |
Import Export For WooCommerce |
2025-11-04T04:27:21.061Z | 2025-11-04T15:20:23.287Z | |
| cve-2025-11704 | Elegance Menu <= 1.9 - Authenticated (Contributor+) Lo… |
impacttechlab |
Elegance Menu |
2025-11-04T04:27:20.117Z | 2025-11-04T15:51:56.144Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-61945 | 10 (v4.0) 10 (v3.1) | Missing Authentication for Critical Function in Radiom… |
Radiometrics |
VizAir |
2025-11-04T16:10:49.931Z | 2025-11-05T14:34:04.566Z |
| cve-2025-60925 | N/A | codeshare v1.0.0 was discovered to contain an inf… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T16:40:03.055Z |
| cve-2025-54863 | 10 (v4.0) 10 (v3.1) | Insufficiently Protected Credentials in Radiometrics VizAir |
Radiometrics |
VizAir |
2025-11-04T16:13:03.327Z | 2025-11-04T16:31:15.814Z |
| cve-2025-54332 | N/A | An issue was discovered in NPU in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T19:59:59.474Z |
| cve-2025-54331 | N/A | An issue was discovered in NPU in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T19:57:07.265Z |
| cve-2025-54330 | N/A | An issue was discovered in NPU in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T19:54:36.141Z |
| cve-2025-54329 | N/A | An issue was discovered in NAS in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T16:58:31.436Z |
| cve-2025-54323 | N/A | An issue was discovered in the camera in Samsung … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T20:27:01.989Z |
| cve-2025-63294 | N/A | WorkDo HRM SaaS HR and Payroll Tool 8.1 is affect… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T15:52:40.974Z |
| cve-2025-12184 | MeetingList <= 0.11 - Authenticated (Admin+) Stored Cr… |
rboatright |
MeetingList |
2025-11-04T14:25:04.104Z | 2025-11-04T14:35:54.765Z | |
| cve-2025-41345 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:18:42.706Z | 2025-11-04T14:35:54.374Z |
| cve-2025-41344 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:18:20.077Z | 2025-11-04T15:04:57.015Z |
| cve-2025-41343 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:18:05.093Z | 2025-11-04T15:07:08.054Z |
| cve-2025-41342 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:17:51.179Z | 2025-11-04T15:17:43.690Z |
| cve-2025-41341 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:17:34.546Z | 2025-11-04T15:25:52.763Z |
| cve-2025-41340 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:17:18.268Z | 2025-11-04T15:33:20.238Z |
| cve-2025-41339 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:16:56.280Z | 2025-11-04T15:56:59.396Z |
| cve-2025-41338 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:16:37.282Z | 2025-11-04T16:34:56.240Z |
| cve-2025-41337 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:16:20.518Z | 2025-11-04T16:59:06.244Z |
| cve-2025-41336 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:16:02.887Z | 2025-11-04T17:05:55.761Z |
| cve-2025-41335 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:15:43.266Z | 2025-11-04T18:27:43.720Z |
| cve-2025-12695 | 5.9 (v3.1) | Insecure configuration in DSPy lead to arbitrary file … |
|
|
2025-11-04T13:24:42.358Z | 2025-11-04T14:19:33.945Z |
| cve-2025-12682 | Easy Upload Files During Checkout <= 2.9.8 - Unauthent… |
fahadmahmood |
Easy Upload Files During Checkout |
2025-11-04T13:47:35.380Z | 2025-11-04T14:16:38.630Z | |
| cve-2025-41114 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:10:31.829Z | 2025-11-04T18:32:18.961Z |
| cve-2025-41113 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:10:12.086Z | 2025-11-04T18:51:57.285Z |
| cve-2025-41112 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:09:53.897Z | 2025-11-04T14:18:59.923Z |
| cve-2025-41111 | 8.7 (v4.0) | Missing Authorization vulnerability in CanalDenuncia.app |
CanalDenuncia |
CanalDenuncia.app |
2025-11-04T13:08:40.472Z | 2025-11-04T14:19:54.307Z |
| cve-2025-12493 | ShopLentor <= 3.2.5 - Unauthenticated Local PHP File I… |
devitemsllc |
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution (formerly WooLentor) |
2025-11-04T11:19:27.403Z | 2025-11-04T20:13:56.143Z | |
| cve-2025-12045 | Orbit Fox Companion <= 3.0.2 - Authenticated (Author+)… |
themeisle |
Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More |
2025-11-04T11:19:27.966Z | 2025-11-04T18:53:30.602Z | |
| cve-2025-11690 | 8.5 (v3.1) | IDOR vulnerability in the CFMOTO RIDE API |
CFMOTO |
RIDE |
2025-11-04T10:25:45.416Z | 2025-11-10T18:24:47.168Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-148817 | Malicious code in triton-ganymede-janus-miranda (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148816 | Malicious code in triton-enif-rimraf-pino-pretty (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148815 | Malicious code in triton-dynamo-draco-subscription (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148814 | Malicious code in triton-duplex-jsonp-native (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148813 | Malicious code in triton-dotenv-safe-typeorm-vulcan (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148812 | Malicious code in triton-cosmos-await-element-ui (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148811 | Malicious code in triton-convict-yakutsk-gulp (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148810 | Malicious code in triton-child-process-apollo-loop (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148809 | Malicious code in triton-changelog-xenos-chakra-ui (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148808 | Malicious code in triton-build-cli-react-bootstrap (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148807 | Malicious code in triton-bellatrix-dactyl-cressida (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148806 | Malicious code in triton-antares-less-loader-gulp (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148805 | Malicious code in transport-ursa-lyra-yakutsk (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148804 | Malicious code in transport-upgrade-google-package (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148803 | Malicious code in transport-stream-nebula-phoebe (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148802 | Malicious code in transport-sedna-reveal-md-vuetify (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148801 | Malicious code in transport-sass-loader-csv-kaus (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148800 | Malicious code in transport-remark-dorado-ignite (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148799 | Malicious code in transport-promise-proxima-spectron-webdriver (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148798 | Malicious code in transport-procyon-enceladus-perseus (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148797 | Malicious code in transport-postgres-slidev-install (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148796 | Malicious code in transport-playwright-zenobia-orbit (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148795 | Malicious code in transport-phoenix-sagitta-andromeda (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148794 | Malicious code in transport-nextjs-antares-yaml (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148793 | Malicious code in transport-mensa-tool-yakutsk (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148792 | Malicious code in transport-lynx-transform-webdriver-mocha (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148791 | Malicious code in transport-izar-antares-typeorm (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148790 | Malicious code in transport-install-unuk-deimos (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148789 | Malicious code in transport-indus-orbit-forever (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| mal-2025-148788 | Malicious code in transport-hyperion-luna-loglevel (npm) | 2025-11-12T04:29:11Z | 2025-11-12T04:29:11Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:11545 | Red Hat Security Advisory: perl security update | 2025-07-22T18:22:26+00:00 | 2025-11-06T23:14:29+00:00 |
| rhsa-2025:11363 | Red Hat Security Advisory: OpenShift Container Platform 4.19.5 bug fix and security update | 2025-07-22T15:13:13+00:00 | 2025-11-10T13:52:40+00:00 |
| rhsa-2025:11537 | Red Hat Security Advisory: sudo security update | 2025-07-22T14:28:00+00:00 | 2025-11-11T09:29:56+00:00 |
| rhsa-2025:11533 | Red Hat Security Advisory: git security update | 2025-07-22T12:03:30+00:00 | 2025-11-06T22:35:16+00:00 |
| rhsa-2025:11487 | Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage | 2025-07-21T19:25:21+00:00 | 2025-11-11T16:22:45+00:00 |
| rhsa-2025:11479 | Red Hat Security Advisory: ACS 4.7 enhancement and security update | 2025-07-21T18:31:30+00:00 | 2025-11-11T20:38:51+00:00 |
| rhsa-2025:11473 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update | 2025-07-21T17:07:33+00:00 | 2025-11-07T20:55:48+00:00 |
| rhsa-2025:11474 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 security update | 2025-07-21T16:58:36+00:00 | 2025-11-07T20:55:48+00:00 |
| rhsa-2025:11463 | Red Hat Security Advisory: fence-agents security update | 2025-07-21T15:43:08+00:00 | 2025-11-07T03:32:17+00:00 |
| rhsa-2025:11464 | Red Hat Security Advisory: fence-agents security update | 2025-07-21T15:02:38+00:00 | 2025-11-07T03:32:19+00:00 |
| rhsa-2025:11462 | Red Hat Security Advisory: git security update | 2025-07-21T14:51:13+00:00 | 2025-11-06T22:35:16+00:00 |
| rhsa-2025:11453 | Red Hat Security Advisory: redis security update | 2025-07-21T12:39:07+00:00 | 2025-11-11T16:22:52+00:00 |
| rhsa-2025:11455 | Red Hat Security Advisory: kernel security update | 2025-07-21T12:01:02+00:00 | 2025-11-11T09:06:10+00:00 |
| rhsa-2025:11456 | Red Hat Security Advisory: kernel-rt security update | 2025-07-21T11:31:52+00:00 | 2025-11-11T09:06:10+00:00 |
| rhsa-2025:10868 | Red Hat Security Advisory: OpenJDK 11.0.28 ELS Security Update for Windows Builds | 2025-07-21T09:09:46+00:00 | 2025-11-11T12:34:21+00:00 |
| rhsa-2025:11428 | Red Hat Security Advisory: kernel security update | 2025-07-21T09:08:17+00:00 | 2025-11-11T08:53:31+00:00 |
| rhsa-2025:10866 | Red Hat Security Advisory: OpenJDK 11.0.28 ELS Security Update for Portable Linux Builds | 2025-07-21T09:07:37+00:00 | 2025-11-11T12:34:21+00:00 |
| rhsa-2025:11424 | Red Hat Security Advisory: python-setuptools security update | 2025-07-21T08:37:07+00:00 | 2025-11-07T03:32:11+00:00 |
| rhsa-2025:11427 | Red Hat Security Advisory: python-setuptools security update | 2025-07-21T08:29:32+00:00 | 2025-11-07T03:32:16+00:00 |
| rhsa-2025:11425 | Red Hat Security Advisory: python-setuptools security update | 2025-07-21T08:20:37+00:00 | 2025-11-07T03:32:13+00:00 |
| rhsa-2025:11426 | Red Hat Security Advisory: python-setuptools security update | 2025-07-21T08:18:57+00:00 | 2025-11-07T03:32:14+00:00 |
| rhsa-2025:10865 | Red Hat Security Advisory: java-11-openjdk ELS security update | 2025-07-21T05:45:02+00:00 | 2025-11-11T12:34:19+00:00 |
| rhsa-2025:11411 | Red Hat Security Advisory: kernel security update | 2025-07-21T04:16:44+00:00 | 2025-11-11T08:42:56+00:00 |
| rhsa-2025:11402 | Red Hat Security Advisory: avahi security update | 2025-07-21T02:20:49+00:00 | 2025-11-11T09:29:52+00:00 |
| rhsa-2025:11401 | Red Hat Security Advisory: valkey security update | 2025-07-21T01:24:54+00:00 | 2025-11-11T16:22:53+00:00 |
| rhsa-2025:11396 | Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.4.5 security and bug fix update | 2025-07-18T15:51:18+00:00 | 2025-11-12T08:20:36+00:00 |
| rhsa-2025:10862 | Red Hat Security Advisory: java-1.8.0-openjdk security update | 2025-07-18T09:57:57+00:00 | 2025-11-11T12:34:18+00:00 |
| rhsa-2025:10782 | Red Hat Security Advisory: OpenShift Container Platform 4.16.44 packages and security update | 2025-07-18T09:40:47+00:00 | 2025-11-11T20:38:50+00:00 |
| rhsa-2025:10861 | Red Hat Security Advisory: java-1.8.0-openjdk security update | 2025-07-18T08:45:45+00:00 | 2025-11-11T12:34:17+00:00 |
| rhsa-2025:10768 | Red Hat Security Advisory: OpenShift Container Platform 4.18.20 packages and security update | 2025-07-18T08:33:56+00:00 | 2025-11-11T20:38:48+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-4969 | Libsoup: off-by-one out-of-bounds read in find_boundary() in soup-multipart.c | 2025-05-02T00:00:00.000Z | 2025-09-04T00:56:39.000Z |
| msrc_cve-2025-4948 | Libsoup: integer underflow in soup_multipart_new_from_message() leading to denial of service in libsoup | 2025-05-02T00:00:00.000Z | 2025-08-12T00:00:00.000Z |
| msrc_cve-2025-4947 | QUIC certificate check skip with wolfSSL | 2025-05-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-48938 | Prevent GitHub CLI and extensions from executing arbitrary commands from compromised GitHub Enterprise Server | 2025-05-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-48060 | AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt) | 2025-05-02T00:00:00.000Z | 2025-07-29T00:00:00.000Z |
| msrc_cve-2025-4802 | Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo). | 2025-05-02T00:00:00.000Z | 2025-09-04T00:02:07.000Z |
| msrc_cve-2025-47291 | containerd CRI plugin: Incorrect cgroup hierarchy assignment for containers running in usernamespaced Kubernetes pods. | 2025-05-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-47279 | undici Denial of Service attack via bad certificate data | 2025-05-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-47273 | setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write | 2025-05-02T00:00:00.000Z | 2025-06-13T00:00:00.000Z |
| msrc_cve-2025-47268 | ping in iputils before 20250602 allows a denial of service | 2025-05-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-46836 | net-tools Stack-based Buffer Overflow vulnerability | 2025-05-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-46712 | Erlang/OTP SSH Has Strict KEX Violations | 2025-05-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-46569 | OPA server Data API HTTP path injection of Rego | 2025-05-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-4598 | Systemd-coredump: race condition that allows a local attacker to crash a suid program and gain read access to the resulting core dump | 2025-05-02T00:00:00.000Z | 2025-09-03T22:03:26.000Z |
| msrc_cve-2025-4574 | Crossbeam-channel: crossbeam-channel vulnerable to double free on drop | 2025-05-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-4516 | Use-after-free in "unicode_escape" decoder with error handler | 2025-05-02T00:00:00.000Z | 2025-07-18T00:00:00.000Z |
| msrc_cve-2025-44905 | hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function. | 2025-05-02T00:00:00.000Z | 2025-09-04T04:59:10.000Z |
| msrc_cve-2025-4476 | Libsoup: null pointer dereference in libsoup may lead to denial of service | 2025-05-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-4432 | Ring: some aes functions may panic when overflow checking is enabled in ring | 2025-05-02T00:00:00.000Z | 2025-08-06T00:00:00.000Z |
| msrc_cve-2025-4373 | Glib: buffer underflow on glib through glib/gstring.c via function g_string_insert_unichar | 2025-05-02T00:00:00.000Z | 2025-09-04T02:58:55.000Z |
| msrc_cve-2025-4287 | PyTorch nccl.py torch.cuda.nccl.reduce denial of service | 2025-05-02T00:00:00.000Z | 2025-09-03T23:22:19.000Z |
| msrc_cve-2025-4207 | PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation | 2025-05-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-40909 | Perl threads have a working directory race condition where file operations may target unintended paths | 2025-05-02T00:00:00.000Z | 2025-07-29T00:00:00.000Z |
| msrc_cve-2025-40775 | DNS message with invalid TSIG causes an assertion failure | 2025-05-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-37998 | openvswitch: Fix unsafe attribute parsing in output_userspace() | 2025-05-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-37997 | netfilter: ipset: fix region locking in hash types | 2025-05-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-37995 | module: ensure that kobject_put() is safe for module type kobjects | 2025-05-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-37994 | usb: typec: ucsi: displayport: Fix NULL pointer access | 2025-05-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-37992 | net_sched: Flush gso_skb list too during ->change() | 2025-05-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-37990 | wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() | 2025-05-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2018-000106 | User-friendly SVN vulnerable to cross-site scripting | 2018-10-09T16:27+09:00 | 2019-07-11T18:00+09:00 |
| jvndb-2018-000103 | Music Center for PC improperly verifies software update files | 2018-10-09T16:22+09:00 | 2019-07-26T15:57+09:00 |
| jvndb-2018-000102 | Multiple vulnerabilities in Denbun | 2018-10-04T16:11+09:00 | 2019-07-11T16:02+09:00 |
| jvndb-2018-000101 | The installer of Baidu Browser may insecurely load Dynamic Link Libraries | 2018-10-03T15:02+09:00 | 2019-08-27T10:39+09:00 |
| jvndb-2018-000100 | +Message App fails to verify SSL server certificates | 2018-09-27T16:52+09:00 | 2019-08-27T17:22+09:00 |
| jvndb-2018-000097 | Multiple FXC network devices vulnerable to cross-site scripting | 2018-09-13T13:57+09:00 | 2019-08-27T11:30+09:00 |
| jvndb-2018-000099 | Cybozu Garoon vulnerable to directory traversal | 2018-09-10T14:01+09:00 | 2019-07-26T15:28+09:00 |
| jvndb-2018-000092 | Multiple vulnerabilities in INplc | 2018-09-07T16:49+09:00 | 2019-08-28T09:51+09:00 |
| jvndb-2018-000095 | AttacheCase vulnerable to arbitrary script execution | 2018-08-31T15:59+09:00 | 2019-07-26T12:19+09:00 |
| jvndb-2018-000096 | QNAP Photo Station vulnerable to cross-site scripting | 2018-08-31T15:48+09:00 | 2019-07-25T16:09+09:00 |
| jvndb-2018-000094 | Movable Type vulnerable to cross-site scripting | 2018-08-30T17:34+09:00 | 2019-07-25T14:25+09:00 |
| jvndb-2018-000093 | Multiple script injection vulnerabilities in multiple Yamaha network devices | 2018-08-29T18:01+09:00 | 2019-08-27T17:53+09:00 |
| jvndb-2018-006460 | Path Traversal Vulnerability in Hitachi Automation Director | 2018-08-22T17:11+09:00 | 2018-08-22T17:11+09:00 |
| jvndb-2018-006459 | Path Traversal Vulnerability in JP1/Automatic Operation | 2018-08-22T17:11+09:00 | 2018-08-22T17:11+09:00 |
| jvndb-2018-000087 | The installer of Digital Paper App may insecurely load Dynamic Link Libraries | 2018-08-21T15:59+09:00 | 2019-07-25T16:17+09:00 |
| jvndb-2018-000091 | NoMachine App for Android vulnerable to environment variables alteration | 2018-08-17T13:49+09:00 | 2019-07-25T17:17+09:00 |
| jvndb-2018-006236 | Information Disclosure Vulnerability in Hitachi Command Suite | 2018-08-14T10:04+09:00 | 2019-07-24T17:02+09:00 |
| jvndb-2018-000086 | Multiple vulnerabilities in EC-CUBE Payment Module and GMO-PG Payment Module (PG Multi-Payment Service) for EC-CUBE | 2018-08-09T16:43+09:00 | 2018-08-09T16:43+09:00 |
| jvndb-2018-000089 | Multiple vulnerabilities in multiple I-O DATA network camera products | 2018-08-07T14:33+09:00 | 2019-07-25T16:00+09:00 |
| jvndb-2018-000090 | Multiple directory traversal vulnerabilities in AttacheCase | 2018-08-06T14:10+09:00 | 2019-07-25T14:32+09:00 |
| jvndb-2018-000085 | Multiple cross-site scripting vulnerabilities in GROWI | 2018-08-03T15:04+09:00 | 2019-07-05T17:13+09:00 |
| jvndb-2018-000084 | LINE MUSIC for Android fails to verify SSL server certificates | 2018-07-26T14:58+09:00 | 2019-07-25T17:28+09:00 |
| jvndb-2018-000083 | The installers of multiple Canon IT Solutions Inc. software programs may insecurely load Dynamic Link Libraries | 2018-07-24T14:43+09:00 | 2019-07-26T12:05+09:00 |
| jvndb-2018-000073 | Installer of ChatWork Desktop App for Windows may insecurely load Dynamic Link Libraries | 2018-07-23T14:28+09:00 | 2019-07-25T16:50+09:00 |
| jvndb-2018-000082 | WL-330NUL vulnerable to cross-site request forgery | 2018-07-20T15:41+09:00 | 2019-07-25T14:38+09:00 |
| jvndb-2018-000074 | DLL planting vulnerability in multiple Yayoi 17 Series products | 2018-07-20T15:41+09:00 | 2019-07-25T15:04+09:00 |
| jvndb-2018-000081 | Multiple vulnerabilities in ORCA(Online Receipt Computer Advantage) | 2018-07-18T15:35+09:00 | 2019-07-25T16:59+09:00 |
| jvndb-2018-000080 | Movable Type plugin MTAppjQuery vulnerable to PHP code execution | 2018-07-18T15:35+09:00 | 2019-07-26T15:23+09:00 |
| jvndb-2018-000078 | WordPress plugin "FV Flowplayer Video Player" vulnerable to cross-site scripting | 2018-07-17T12:27+09:00 | 2019-07-25T17:12+09:00 |
| jvndb-2018-000079 | Explzh vulnerable to directory traversal | 2018-07-13T14:47+09:00 | 2019-07-25T16:26+09:00 |
| ID | Description | Updated |
|---|