Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-4973-frxh-rf9v | A logic issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.8.2, m… | 2025-11-04T03:30:26Z | 2025-11-04T18:31:52Z |
| ghsa-2379-hjpr-9mp3 | A potential vulnerability was reported in some Lenovo Tablets that could allow a local authenticate… | 2025-11-04T00:32:29Z | 2025-11-04T00:32:29Z |
| ghsa-6px2-j97p-2pf7 | IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 001, 24.0.1 through 24.0.1 … | 2025-11-04T00:32:28Z | 2025-11-04T00:32:28Z |
| ghsa-2mr3-pj2m-q569 | Nagios XI versions prior to 2024R1.1.3, under certain circumstances, disclose sensitive user accoun… | 2025-11-04T00:32:28Z | 2025-11-06T18:32:49Z |
| ghsa-fjw4-rpc3-849f | Nagios XI versions prior to 5.4.0 are vulnerable to cross-site scripting (XSS) via the jQuery Migra… | 2025-11-04T00:32:27Z | 2025-11-10T18:30:32Z |
| ghsa-82fj-7wxx-cmrc | Nagios XI versions prior to 5.8.7 using embedded Nagios Core are vulnerable to cross-site scripting… | 2025-11-04T00:32:27Z | 2025-11-07T15:31:27Z |
| ghsa-5359-gfvc-c3p7 | Nagios XI versions prior to 2024R1.1.3 contain a privilege escalation vulnerability in which an aut… | 2025-11-04T00:32:27Z | 2025-11-06T18:32:49Z |
| ghsa-434j-26h4-7637 | Deck Mate 2 is distributed with static, hard-coded credentials for the root shell and web user inte… | 2025-11-04T00:32:27Z | 2025-11-04T00:32:28Z |
| ghsa-7vjm-6qgq-3mrq | Shaman has soundness issues and is unmaintained | 2025-11-03T21:50:14Z | 2025-11-03T21:50:14Z |
| ghsa-h238-5mwf-8xw8 | lakeFS affected by unauthenticated access to API usage metrics | 2025-11-03T21:49:26Z | 2025-11-07T16:40:40Z |
| ghsa-j945-qm58-4gjx | motionEye vulnerable to RCE via unsanitized motion config parameter | 2025-11-03T21:48:19Z | 2025-11-03T21:48:19Z |
| ghsa-rjxg-8r3r-mfj4 | Grav CMS1.7.49.5 is vulnerable to Cross Site Scripting (XSS). | 2025-11-03T21:34:45Z | 2025-11-07T00:30:28Z |
| ghsa-jpw9-952g-5qcp | FairSketch Rise Ultimate Project Manager & CRM 3.9.4 is vulnerable to Insecure Permissions. A remot… | 2025-11-03T21:34:45Z | 2025-11-03T21:34:45Z |
| ghsa-fvx8-q97q-cw73 | lighttpd1.4.80 incorrectly merged trailer fields into headers after http request parsing. This beha… | 2025-11-03T21:34:45Z | 2025-11-12T15:31:28Z |
| ghsa-7vcx-r7wm-hfxx | The KMIP response parser built into mongo binaries is overly tolerant of certain malformed packets,… | 2025-11-03T21:34:45Z | 2025-11-03T21:34:45Z |
| ghsa-6p2w-vm5p-8648 | Directory traversal vulnerability in NextChat thru 2.16.0 due to the WebDAV proxy failing to canoni… | 2025-11-03T21:34:45Z | 2025-11-03T21:34:45Z |
| ghsa-7ggc-24wf-8f5x | IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to an XML external entity… | 2025-11-03T21:34:43Z | 2025-11-03T21:34:43Z |
| ghsa-5mj6-fm92-ww5m | Insider Threat Management (ITM) Server versions prior to 7.17.2 contain an authentication bypass vu… | 2025-11-03T21:34:43Z | 2025-11-07T03:30:25Z |
| ghsa-qv78-c8hc-438r | OpenMage vulnerable to XSS in Admin Notifications | 2025-11-03T20:24:10Z | 2025-11-06T23:13:18Z |
| ghsa-g582-8vwr-68h2 | MantisBT unauthorized disclosure of private project column configuration | 2025-11-03T20:13:26Z | 2025-11-05T20:55:17Z |
| ghsa-q747-c74m-69pr | MantisBT lacks verification when changing a user's email address | 2025-11-03T20:12:18Z | 2025-11-04T22:16:29Z |
| ghsa-wc69-r3fc-8r85 | Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/sign-in.php. | 2025-11-03T18:31:52Z | 2025-11-03T18:31:52Z |
| ghsa-qf9q-8wmm-xcvc | Open Source Social Network (OSSN) 8.6 is vulnerable to Cross Site Scripting (XSS) via the parameter… | 2025-11-03T18:31:52Z | 2025-11-03T21:34:43Z |
| ghsa-mqr8-57q4-g3p3 | A remote code execution (RCE) vulnerability in the Postgres Drivers component of iceScrum v7.54 Pro… | 2025-11-03T18:31:52Z | 2025-11-04T18:31:47Z |
| ghsa-j6v6-wrwv-vhpg | Phpgurukul Maid Hiring Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in /maid-h… | 2025-11-03T18:31:52Z | 2025-11-03T21:34:43Z |
| ghsa-ghvg-47pc-2hwp | Car-Booking-System-PHP v.1.0 is vulnerable to Cross Site Scripting (XSS) in /carlux/booking.php. | 2025-11-03T18:31:52Z | 2025-11-03T18:31:52Z |
| ghsa-g54v-qwwq-423m | Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /orders.php. | 2025-11-03T18:31:52Z | 2025-11-03T18:31:52Z |
| ghsa-cvxf-jrq7-p83g | Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/forgot-pass.php. | 2025-11-03T18:31:52Z | 2025-11-03T21:34:42Z |
| ghsa-c4f4-j4hj-887g | Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by… | 2025-11-03T18:31:52Z | 2025-11-03T18:31:52Z |
| ghsa-9gj5-pgcm-45c7 | Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /edit_product.php?id=1. | 2025-11-03T18:31:52Z | 2025-11-03T18:31:52Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-43398 | N/A | The issue was addressed with improved memory hand… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:18.466Z | 2025-11-05T18:33:34.218Z |
| cve-2025-43376 | N/A | A logic issue was addressed with improved state m… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:17.454Z | 2025-11-04T01:16:17.454Z |
| cve-2025-43399 | N/A | This issue was addressed with improved redaction … |
Apple |
iOS and iPadOS |
2025-11-04T01:16:16.627Z | 2025-11-05T18:33:33.588Z |
| cve-2025-43458 | N/A | This issue was addressed through improved state m… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:14.932Z | 2025-11-05T18:33:32.868Z |
| cve-2025-43360 | N/A | The issue was addressed with improved UI. This is… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:12.112Z | 2025-11-04T15:37:02.008Z |
| cve-2025-43419 | N/A | The issue was addressed with improved memory hand… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:11.243Z | 2025-11-05T04:55:23.400Z |
| cve-2025-43462 | N/A | The issue was addressed with improved memory hand… |
Apple |
tvOS |
2025-11-04T01:16:10.283Z | 2025-11-05T04:55:24.187Z |
| cve-2025-43435 | N/A | The issue was addressed with improved memory hand… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:09.301Z | 2025-11-05T18:33:32.244Z |
| cve-2025-43423 | N/A | A logging issue was addressed with improved data … |
Apple |
iOS and iPadOS |
2025-11-04T01:16:08.426Z | 2025-11-05T18:33:31.618Z |
| cve-2025-43474 | N/A | An out-of-bounds read was addressed with improved… |
Apple |
macOS |
2025-11-04T01:16:07.547Z | 2025-11-05T04:55:24.973Z |
| cve-2025-43395 | N/A | This issue was addressed with improved handling o… |
Apple |
macOS |
2025-11-04T01:16:06.557Z | 2025-11-04T19:07:51.607Z |
| cve-2025-43454 | N/A | This issue was addressed through improved state m… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:05.644Z | 2025-11-05T18:33:30.964Z |
| cve-2025-43507 | N/A | A privacy issue was addressed by moving sensitive… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:03.906Z | 2025-11-05T18:33:30.344Z |
| cve-2025-43442 | N/A | A permissions issue was addressed with additional… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:02.992Z | 2025-11-05T18:33:29.676Z |
| cve-2025-43383 | N/A | An out-of-bounds access issue was addressed with … |
Apple |
iOS and iPadOS |
2025-11-04T01:15:58.228Z | 2025-11-05T18:33:28.955Z |
| cve-2025-43481 | N/A | This issue was addressed with improved checks. Th… |
Apple |
macOS |
2025-11-04T01:15:57.414Z | 2025-11-05T14:35:28.998Z |
| cve-2025-43439 | N/A | A privacy issue was addressed by removing sensiti… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:55.594Z | 2025-11-05T18:33:28.332Z |
| cve-2025-43478 | N/A | A use after free issue was addressed with improve… |
Apple |
macOS |
2025-11-04T01:15:53.439Z | 2025-11-04T13:35:03.730Z |
| cve-2025-43424 | N/A | The issue was addressed with improved bounds chec… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:51.649Z | 2025-11-05T14:42:09.711Z |
| cve-2025-43432 | N/A | A use-after-free issue was addressed with improve… |
Apple |
Safari |
2025-11-04T01:15:50.730Z | 2025-11-04T14:42:22.069Z |
| cve-2025-43449 | N/A | The issue was addressed with improved handling of… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:49.025Z | 2025-11-04T16:29:53.434Z |
| cve-2025-43408 | N/A | This issue was addressed by restricting options o… |
Apple |
macOS |
2025-11-04T01:15:46.185Z | 2025-11-04T13:38:14.840Z |
| cve-2025-43469 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-11-04T01:15:40.646Z | 2025-11-05T14:42:44.516Z |
| cve-2025-43384 | N/A | An out-of-bounds access issue was addressed with … |
Apple |
iOS and iPadOS |
2025-11-04T01:15:39.795Z | 2025-11-05T18:33:27.695Z |
| cve-2025-43412 | N/A | A file quarantine bypass was addressed with addit… |
Apple |
macOS |
2025-11-04T01:15:38.927Z | 2025-11-05T14:43:30.354Z |
| cve-2025-43500 | N/A | A privacy issue was addressed with improved handl… |
Apple |
visionOS |
2025-11-04T01:15:38.027Z | 2025-11-04T16:32:50.183Z |
| cve-2025-43445 | N/A | An out-of-bounds read was addressed with improved… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:37.134Z | 2025-11-05T18:33:27.058Z |
| cve-2025-43392 | N/A | The issue was addressed with improved handling of… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:34.041Z | 2025-11-05T18:33:26.374Z |
| cve-2025-43405 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-11-04T01:15:33.164Z | 2025-11-04T16:18:27.560Z |
| cve-2025-43452 | N/A | This issue was addressed by restricting options o… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:32.303Z | 2025-11-05T14:47:09.840Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-43468 | N/A | A downgrade issue affecting Intel-based Mac compu… |
Apple |
macOS |
2025-11-04T01:15:28.592Z | 2025-11-05T14:49:18.562Z |
| cve-2025-43462 | N/A | The issue was addressed with improved memory hand… |
Apple |
tvOS |
2025-11-04T01:16:10.283Z | 2025-11-05T04:55:24.187Z |
| cve-2025-43460 | N/A | A logic issue was addressed with improved checks.… |
Apple |
iOS and iPadOS |
2025-11-04T01:17:00.619Z | 2025-11-04T15:19:09.207Z |
| cve-2025-43459 | N/A | An authentication issue was addressed with improv… |
Apple |
watchOS |
2025-11-04T01:16:20.784Z | 2025-11-04T13:21:01.343Z |
| cve-2025-43458 | N/A | This issue was addressed through improved state m… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:14.932Z | 2025-11-05T18:33:32.868Z |
| cve-2025-43457 | N/A | A use-after-free issue was addressed with improve… |
Apple |
Safari |
2025-11-04T01:17:22.887Z | 2025-11-04T13:05:39.904Z |
| cve-2025-43455 | N/A | A privacy issue was addressed with improved check… |
Apple |
visionOS |
2025-11-04T01:16:28.877Z | 2025-11-04T15:36:57.066Z |
| cve-2025-43454 | N/A | This issue was addressed through improved state m… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:05.644Z | 2025-11-05T18:33:30.964Z |
| cve-2025-43452 | N/A | This issue was addressed by restricting options o… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:32.303Z | 2025-11-05T14:47:09.840Z |
| cve-2025-43450 | N/A | A logic issue was addressed with improved checks.… |
Apple |
iOS and iPadOS |
2025-11-04T01:17:36.172Z | 2025-11-06T14:36:06.162Z |
| cve-2025-43449 | N/A | The issue was addressed with improved handling of… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:49.025Z | 2025-11-04T16:29:53.434Z |
| cve-2025-43448 | N/A | This issue was addressed with improved validation… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:20.321Z | 2025-11-05T18:33:23.143Z |
| cve-2025-43447 | N/A | The issue was addressed with improved memory hand… |
Apple |
visionOS |
2025-11-04T01:17:53.695Z | 2025-11-04T16:44:48.812Z |
| cve-2025-43446 | N/A | This issue was addressed with improved validation… |
Apple |
macOS |
2025-11-04T01:17:39.255Z | 2025-11-04T13:00:19.992Z |
| cve-2025-43445 | N/A | An out-of-bounds read was addressed with improved… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:37.134Z | 2025-11-05T18:33:27.058Z |
| cve-2025-43444 | N/A | A permissions issue was addressed with additional… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:31.293Z | 2025-11-05T18:33:25.644Z |
| cve-2025-43443 | N/A | This issue was addressed with improved checks. Th… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:30.980Z | 2025-11-05T18:33:36.772Z |
| cve-2025-43442 | N/A | A permissions issue was addressed with additional… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:02.992Z | 2025-11-05T18:33:29.676Z |
| cve-2025-43441 | N/A | The issue was addressed with improved memory hand… |
Apple |
iOS and iPadOS |
2025-11-04T01:17:22.017Z | 2025-11-05T18:33:39.898Z |
| cve-2025-43440 | N/A | This issue was addressed with improved checks Thi… |
Apple |
Safari |
2025-11-04T01:16:47.933Z | 2025-11-04T15:23:56.461Z |
| cve-2025-43439 | N/A | A privacy issue was addressed by removing sensiti… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:55.594Z | 2025-11-05T18:33:28.332Z |
| cve-2025-43438 | N/A | A use-after-free issue was addressed with improve… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:37.287Z | 2025-11-05T18:33:37.400Z |
| cve-2025-43436 | N/A | A permissions issue was addressed with additional… |
Apple |
tvOS |
2025-11-04T01:17:09.977Z | 2025-11-04T15:16:23.398Z |
| cve-2025-43435 | N/A | The issue was addressed with improved memory hand… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:09.301Z | 2025-11-05T18:33:32.244Z |
| cve-2025-43434 | N/A | A use-after-free issue was addressed with improve… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:26.023Z | 2025-11-05T18:33:36.141Z |
| cve-2025-43433 | N/A | The issue was addressed with improved memory hand… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:18.515Z | 2025-11-05T18:33:21.860Z |
| cve-2025-43432 | N/A | A use-after-free issue was addressed with improve… |
Apple |
Safari |
2025-11-04T01:15:50.730Z | 2025-11-04T14:42:22.069Z |
| cve-2025-43431 | N/A | The issue was addressed with improved memory hand… |
Apple |
iOS and iPadOS |
2025-11-04T01:17:31.690Z | 2025-11-05T18:33:40.590Z |
| cve-2025-43430 | N/A | This issue was addressed through improved state m… |
Apple |
Safari |
2025-11-04T01:17:57.253Z | 2025-11-04T16:50:56.968Z |
| cve-2025-43429 | N/A | A buffer overflow was addressed with improved bou… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:24.575Z | 2025-11-05T18:33:24.411Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-189112 | Malicious code in redshift-build-geodynamo-hyperion (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189111 | Malicious code in redis-parsec-fomalhaut-nebula (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189110 | Malicious code in redis-markdownlint-meteor-winston (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189109 | Malicious code in redis-epimetheus-jabbah-apex (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189108 | Malicious code in redis-corvus-transform-dependencies (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189107 | Malicious code in redis-browserify-nuxtjs-winston (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189106 | Malicious code in redis-astrophysics-astrophysics-webpack (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189105 | Malicious code in redis-adonis-quito-io (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189104 | Malicious code in redis-acamar-terser-webpack-plugin-deneb (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189103 | Malicious code in redgiant-nightwatch-filament-mensa (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189102 | Malicious code in redgiant-heliophysics-protoplanetarydisk-prettier-stylelint (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189101 | Malicious code in redgiant-gammarayburst-event-miranda (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189100 | Malicious code in redgiant-cypress-mesosphere-technosignature (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189099 | Malicious code in redgiant-callisto-altair-npm (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189098 | Malicious code in readable-ophiuchus-markdownlint-colors (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189097 | Malicious code in readable-karma-xml-fusion (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189096 | Malicious code in readable-holography-buffer-odin (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189095 | Malicious code in readable-enif-module-saturnology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189094 | Malicious code in readable-configstore-regulus-public (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189093 | Malicious code in readable-commitizen-photon-gatsby (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189092 | Malicious code in react-bootstrap-phoenix-janus-module (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189091 | Malicious code in react-bootstrap-nightwatch-levels-command (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189090 | Malicious code in react-bootstrap-await-vortex-betelgeuse (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189089 | Malicious code in rate-limiter-writable-dotenv-safe-geckodriver (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189088 | Malicious code in rate-limiter-tethys-fermiparadox-cosmos (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189087 | Malicious code in rate-limiter-technosignature-genomics-cypress (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189086 | Malicious code in rate-limiter-selenology-australis-interferometry (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189085 | Malicious code in rate-limiter-hyperion-pavo-protractor (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189084 | Malicious code in rate-limiter-fork-command-hyperion (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189083 | Malicious code in rate-limiter-express-iota-registry (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:10165 | Red Hat Security Advisory: thunderbird security update | 2025-07-01T19:51:09+00:00 | 2025-11-06T23:41:22+00:00 |
| rhsa-2025:10162 | Red Hat Security Advisory: microcode_ctl security update | 2025-07-01T19:48:14+00:00 | 2025-11-11T16:17:43+00:00 |
| rhsa-2025:10161 | Red Hat Security Advisory: thunderbird security update | 2025-07-01T19:47:39+00:00 | 2025-11-06T23:41:22+00:00 |
| rhsa-2025:10166 | Red Hat Security Advisory: thunderbird security update | 2025-07-01T19:42:24+00:00 | 2025-11-06T23:41:25+00:00 |
| rhsa-2025:10109 | Red Hat Security Advisory: microcode_ctl security update | 2025-07-01T18:51:54+00:00 | 2025-11-11T16:17:42+00:00 |
| rhsa-2025:10126 | Red Hat Security Advisory: microcode_ctl security update | 2025-07-01T16:55:49+00:00 | 2025-11-11T16:17:42+00:00 |
| rhsa-2025:10120 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 OpenShift Jenkins security update | 2025-07-01T16:53:09+00:00 | 2025-11-11T16:21:31+00:00 |
| rhsa-2025:10118 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 OpenShift Jenkins security update | 2025-07-01T16:36:58+00:00 | 2025-11-11T16:21:30+00:00 |
| rhsa-2025:10119 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.13 OpenShift Jenkins security update | 2025-07-01T16:31:24+00:00 | 2025-11-11T16:21:32+00:00 |
| rhsa-2025:10111 | Red Hat Security Advisory: microcode_ctl security update | 2025-07-01T15:49:13+00:00 | 2025-11-11T16:17:42+00:00 |
| rhsa-2025:10108 | Red Hat Security Advisory: microcode_ctl security update | 2025-07-01T15:39:18+00:00 | 2025-11-11T16:17:41+00:00 |
| rhsa-2025:10107 | Red Hat Security Advisory: microcode_ctl security update | 2025-07-01T15:33:58+00:00 | 2025-11-11T16:17:40+00:00 |
| rhsa-2025:10101 | Red Hat Security Advisory: microcode_ctl security update | 2025-07-01T15:24:53+00:00 | 2025-11-11T16:17:40+00:00 |
| rhsa-2025:10104 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.15 OpenShift Jenkins security update | 2025-07-01T14:56:03+00:00 | 2025-11-11T16:21:30+00:00 |
| rhsa-2025:10102 | Red Hat Security Advisory: microcode_ctl security update | 2025-07-01T14:55:04+00:00 | 2025-11-11T16:17:40+00:00 |
| rhsa-2025:10103 | Red Hat Security Advisory: microcode_ctl security update | 2025-07-01T14:44:03+00:00 | 2025-11-11T16:17:40+00:00 |
| rhsa-2025:10098 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.16 OpenShift Jenkins security update | 2025-07-01T14:34:48+00:00 | 2025-11-11T16:21:29+00:00 |
| rhsa-2025:10097 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.17 OpenShift Jenkins security update | 2025-07-01T14:30:33+00:00 | 2025-11-11T16:21:28+00:00 |
| rhsa-2025:10027 | Red Hat Security Advisory: pam security update | 2025-07-01T14:00:54+00:00 | 2025-11-11T16:22:31+00:00 |
| rhsa-2025:10092 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.18 OpenShift Jenkins security update | 2025-07-01T13:48:03+00:00 | 2025-11-11T16:21:28+00:00 |
| rhsa-2025:10024 | Red Hat Security Advisory: pam security update | 2025-07-01T13:25:43+00:00 | 2025-11-11T16:22:32+00:00 |
| rhsa-2025:10031 | Red Hat Security Advisory: python3.12 security update | 2025-07-01T13:23:58+00:00 | 2025-11-11T08:20:01+00:00 |
| rhsa-2025:10026 | Red Hat Security Advisory: python3.11 security update | 2025-07-01T13:22:58+00:00 | 2025-11-11T08:19:59+00:00 |
| rhsa-2025:10028 | Red Hat Security Advisory: python3.12 security update | 2025-07-01T13:21:58+00:00 | 2025-11-11T08:20:00+00:00 |
| rhsa-2025:9940 | Red Hat Security Advisory: python-setuptools security update | 2025-07-01T13:14:08+00:00 | 2025-11-07T03:33:39+00:00 |
| rhsa-2025:10074 | Red Hat Security Advisory: firefox security update | 2025-07-01T12:07:53+00:00 | 2025-11-06T23:41:18+00:00 |
| rhsa-2025:10020 | Red Hat Security Advisory: Network Observability 1.9.0 for OpenShift | 2025-07-01T07:28:57+00:00 | 2025-11-11T16:11:00+00:00 |
| rhsa-2025:9751 | Red Hat Security Advisory: OpenShift Container Platform 4.19.2 packages and security update | 2025-07-01T02:54:22+00:00 | 2025-11-10T13:52:42+00:00 |
| rhsa-2025:9750 | Red Hat Security Advisory: OpenShift Container Platform 4.19.2 bug fix and security update | 2025-07-01T02:35:49+00:00 | 2025-11-06T23:43:13+00:00 |
| rhsa-2025:10007 | Red Hat Security Advisory: mod_auth_openidc security update | 2025-07-01T01:32:11+00:00 | 2025-11-11T12:11:01+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-32912 | Libsoup: null pointer dereference in client when server omits the "nonce" parameter in an unauthorized response with digest authentication | 2025-04-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-32911 | Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value | 2025-04-02T00:00:00.000Z | 2025-09-04T03:10:11.000Z |
| msrc_cve-2025-32910 | Libsoup: null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an unauthorized response with digest authentication | 2025-04-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-32909 | Libsoup: null pointer dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c | 2025-04-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-32908 | Libsoup: denial of service on libsoup through http/2 server | 2025-04-02T00:00:00.000Z | 2025-04-29T00:00:00.000Z |
| msrc_cve-2025-32907 | Libsoup: denial of service in server when client requests a large amount of overlapping ranges with range header | 2025-04-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-32906 | Libsoup: out of bounds reads in soup_headers_parse_request() | 2025-04-02T00:00:00.000Z | 2025-04-23T00:00:00.000Z |
| msrc_cve-2025-3277 | An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution. | 2025-04-02T00:00:00.000Z | 2025-09-04T00:14:10.000Z |
| msrc_cve-2025-32728 | In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. | 2025-04-02T00:00:00.000Z | 2025-05-23T00:00:00.000Z |
| msrc_cve-2025-32464 | HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one. | 2025-04-02T00:00:00.000Z | 2025-04-22T00:00:00.000Z |
| msrc_cve-2025-32434 | PyTorch: `torch.load` with `weights_only=True` leads to remote code execution | 2025-04-02T00:00:00.000Z | 2025-05-28T00:00:00.000Z |
| msrc_cve-2025-32433 | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE | 2025-04-02T00:00:00.000Z | 2025-04-22T00:00:00.000Z |
| msrc_cve-2025-32415 | In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used. | 2025-04-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-32414 | In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters. | 2025-04-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-32387 | Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow | 2025-04-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-32386 | Helm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination | 2025-04-02T00:00:00.000Z | 2025-07-10T00:00:00.000Z |
| msrc_cve-2025-32053 | Libsoup: heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() | 2025-04-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-32052 | Libsoup: heap buffer overflow in sniff_unknown() | 2025-04-02T00:00:00.000Z | 2025-05-06T00:00:00.000Z |
| msrc_cve-2025-32051 | Libsoup: segmentation fault when parsing malformed data uri | 2025-04-02T00:00:00.000Z | 2025-05-06T00:00:00.000Z |
| msrc_cve-2025-32050 | Libsoup: integer overflow in append_param_quoted | 2025-04-02T00:00:00.000Z | 2025-05-06T00:00:00.000Z |
| msrc_cve-2025-32049 | Libsoup: denial of service attack to websocket server | 2025-04-02T00:00:00.000Z | 2025-09-03T23:07:03.000Z |
| msrc_cve-2025-31498 | c-ares has a use-after-free in read_answers() | 2025-04-02T00:00:00.000Z | 2025-04-16T00:00:00.000Z |
| msrc_cve-2025-31344 | The giflib open-source component has a buffer overflow vulnerability | 2025-04-02T00:00:00.000Z | 2025-04-22T00:00:00.000Z |
| msrc_cve-2025-31115 | XZ has a heap-use-after-free bug in threaded .xz decoder | 2025-04-02T00:00:00.000Z | 2025-04-11T00:00:00.000Z |
| msrc_cve-2025-30721 | Vulnerability in the MySQL Server product of Oracle MySQL | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-30715 | Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-30705 | Vulnerability in the MySQL Server product of Oracle MySQL | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-30704 | Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-30703 | Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-30699 | Vulnerability in the MySQL Server product of Oracle MySQL | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2017-000147 | Non-documented developer's screen in Toshiba Lighting & Technology Corporation Home gateway | 2017-06-28T10:28+09:00 | 2018-02-14T12:10+09:00 |
| jvndb-2017-000149 | Hard-coded credentials vulnerability in Toshiba Lighting & Technology Corporation Home gateway | 2017-06-28T10:23+09:00 | 2018-02-14T12:10+09:00 |
| jvndb-2017-000148 | Improper access control vulnerability in Toshiba Lighting & Technology Corporation Home gateway | 2017-06-28T10:23+09:00 | 2018-02-14T12:10+09:00 |
| jvndb-2017-000144 | Denshi Nyusatsu Check Tool provided by Ministry of Education, Culture, Sports, Science and Technology may insecurely load Dynamic Link Libraries | 2017-06-26T14:28+09:00 | 2018-02-07T13:40+09:00 |
| jvndb-2017-000142 | Installer of Charamin OMP may insecurely load Dynamic Link Libraries | 2017-06-23T14:38+09:00 | 2018-02-07T12:32+09:00 |
| jvndb-2017-000120 | [Simeji for Windows] installer may insecurely load Dynamic Link Libraries | 2017-06-21T18:15+09:00 | 2017-06-21T18:15+09:00 |
| jvndb-2017-000138 | HOME SPOT CUBE2 vulnerable to improper authentication in WebUI | 2017-06-21T13:45+09:00 | 2018-02-14T11:59+09:00 |
| jvndb-2017-000137 | HOME SPOT CUBE2 vulnerable to OS command injection in WebUI | 2017-06-21T13:45+09:00 | 2018-02-14T11:59+09:00 |
| jvndb-2017-000136 | HOME SPOT CUBE2 vulnerable to buffer overflow in WebUI | 2017-06-21T13:44+09:00 | 2018-02-14T11:59+09:00 |
| jvndb-2017-000135 | HOME SPOT CUBE2 vulnerable to OS command injection in clock settings | 2017-06-21T13:44+09:00 | 2018-02-14T11:54+09:00 |
| jvndb-2017-000141 | Multiple I-O DATA network camera products vulnerable to cross-site request forgery | 2017-06-20T13:59+09:00 | 2018-02-14T12:10+09:00 |
| jvndb-2017-000140 | WordPress plugin "Event Calendar WD" vulnerable to cross-site scripting | 2017-06-20T13:58+09:00 | 2018-02-14T12:10+09:00 |
| jvndb-2017-000139 | WordPress plugin "WP Job Manager" fails to restrict access permissions | 2017-06-15T14:32+09:00 | 2017-06-15T14:32+09:00 |
| jvndb-2017-000133 | Source code security studying tool iCodeChecker vulnerable to cross-site scripting | 2017-06-13T14:50+09:00 | 2018-02-14T13:48+09:00 |
| jvndb-2017-000132 | WordPress plugin "WP-Members" vulnerable to cross-site scripting | 2017-06-13T14:50+09:00 | 2018-02-07T11:52+09:00 |
| jvndb-2017-000128 | Open redirect vulnerability in WordPress plugin "WordPress Download Manager" | 2017-06-13T14:11+09:00 | 2018-01-24T12:21+09:00 |
| jvndb-2017-000127 | Cross-site scripting vulnerability in WordPress plugin "WordPress Download Manager" | 2017-06-13T14:11+09:00 | 2018-01-24T12:24+09:00 |
| jvndb-2017-000116 | Installer of QuickTime for Windows may insecurely load Dynamic Link Libraries | 2017-06-13T13:51+09:00 | 2018-02-14T11:58+09:00 |
| jvndb-2017-000130 | Installer of electronic tendering and bid opening system provided by Acquisition, Technology & Logistics Agency may insecurely invoke an executable file | 2017-06-12T14:49+09:00 | 2018-02-14T13:52+09:00 |
| jvndb-2017-000131 | Cybozu KUNAI for Android vulnerable to cross-site scripting | 2017-06-12T13:36+09:00 | 2018-01-24T12:34+09:00 |
| jvndb-2017-000129 | Installer of "Setup file of advance preparation" may insecurely load Dinamic Link Libraries | 2017-06-09T15:59+09:00 | 2018-02-14T13:55+09:00 |
| jvndb-2017-000126 | Installer of Denshinouhin Check System (for Ministry of Agriculture, Forestry and Fisheries Nouson Seibi Jigyou) may insecurely load Dynamic Link Libraries | 2017-06-09T15:48+09:00 | 2018-02-14T14:00+09:00 |
| jvndb-2017-000117 | Installer of CASL II simulator(self-extract format) may insecurely load Dynamic Link Libraries | 2017-06-09T13:49+09:00 | 2018-02-14T11:58+09:00 |
| jvndb-2017-000124 | The installer of SemiDynaEXE provided by Geospatial Information Authority of Japan (GSI) may insecurely load Dynamic Link Libraries | 2017-06-08T15:31+09:00 | 2018-01-24T12:15+09:00 |
| jvndb-2017-000123 | The installer of TKY2JGD provided by Geospatial Information Authority of Japan (GSI) may insecurely load Dynamic Link Libraries | 2017-06-08T15:31+09:00 | 2018-01-24T12:15+09:00 |
| jvndb-2017-000122 | The installer of PatchJGD(Hyoko) provided by Geospatial Information Authority of Japan (GSI) may insecurely load Dynamic Link Libraries | 2017-06-08T15:31+09:00 | 2018-01-24T12:15+09:00 |
| jvndb-2017-000121 | The installer of PatchJGD provided by Geospatial Information Authority of Japan (GSI) may insecurely load Dynamic Link Libraries | 2017-06-08T15:31+09:00 | 2018-01-24T12:15+09:00 |
| jvndb-2017-000125 | AppCheck may insecurely invoke an executable file | 2017-06-07T14:54+09:00 | 2018-01-24T12:15+09:00 |
| jvndb-2017-000115 | WordPress plugin "Multi Feed Reader" vulnerable to SQL injection | 2017-06-06T14:54+09:00 | 2018-01-17T13:58+09:00 |
| jvndb-2017-000113 | Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to remote code execution | 2017-06-06T14:21+09:00 | 2017-11-27T17:22+09:00 |
| ID | Description | Updated |
|---|