Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-wc69-r3fc-8r85 | Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/sign-in.php. | 2025-11-03T18:31:52Z | 2025-11-03T18:31:52Z |
| ghsa-qf9q-8wmm-xcvc | Open Source Social Network (OSSN) 8.6 is vulnerable to Cross Site Scripting (XSS) via the parameter… | 2025-11-03T18:31:52Z | 2025-11-03T21:34:43Z |
| ghsa-mqr8-57q4-g3p3 | A remote code execution (RCE) vulnerability in the Postgres Drivers component of iceScrum v7.54 Pro… | 2025-11-03T18:31:52Z | 2025-11-04T18:31:47Z |
| ghsa-j6v6-wrwv-vhpg | Phpgurukul Maid Hiring Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in /maid-h… | 2025-11-03T18:31:52Z | 2025-11-03T21:34:43Z |
| ghsa-ghvg-47pc-2hwp | Car-Booking-System-PHP v.1.0 is vulnerable to Cross Site Scripting (XSS) in /carlux/booking.php. | 2025-11-03T18:31:52Z | 2025-11-03T18:31:52Z |
| ghsa-g54v-qwwq-423m | Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /orders.php. | 2025-11-03T18:31:52Z | 2025-11-03T18:31:52Z |
| ghsa-cvxf-jrq7-p83g | Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/forgot-pass.php. | 2025-11-03T18:31:52Z | 2025-11-03T21:34:42Z |
| ghsa-c4f4-j4hj-887g | Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by… | 2025-11-03T18:31:52Z | 2025-11-03T18:31:52Z |
| ghsa-9gj5-pgcm-45c7 | Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /edit_product.php?id=1. | 2025-11-03T18:31:52Z | 2025-11-03T18:31:52Z |
| ghsa-827r-4ww6-c56q | Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /add_vendor.php. | 2025-11-03T18:31:52Z | 2025-11-03T18:31:52Z |
| ghsa-799h-grwr-q8wh | IdentityIQ 8.5, IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p4, IdentityIQ 8.3 and all 8.3 … | 2025-11-03T18:31:52Z | 2025-11-03T18:31:52Z |
| ghsa-6c2x-4jg4-673c | Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/contact.php. | 2025-11-03T18:31:52Z | 2025-11-04T18:31:48Z |
| ghsa-67pm-7j96-2w2h | Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /add_customer.php. | 2025-11-03T18:31:52Z | 2025-11-03T18:31:52Z |
| ghsa-5frc-g7v7-423h | An unauthenticated SQL Injection was discovered within the Geutebruck G-Cam E-Series Cameras throug… | 2025-11-03T18:31:52Z | 2025-11-03T18:31:52Z |
| ghsa-399j-vxmf-hjvr | @react-native-community/cli has arbitrary OS command injection | 2025-11-03T18:31:52Z | 2025-11-06T22:36:27Z |
| ghsa-vcg9-56x3-3qqc | IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user … | 2025-11-03T18:31:51Z | 2025-11-03T18:31:51Z |
| ghsa-p635-chcg-qxpc | IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user … | 2025-11-03T18:31:51Z | 2025-11-03T18:31:51Z |
| ghsa-jww4-hp22-h876 | IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an attacker to access … | 2025-11-03T18:31:51Z | 2025-11-03T18:31:51Z |
| ghsa-8rxv-799q-6hhp | A potential security vulnerability has been identified in the HP Client Management Script Library s… | 2025-11-03T18:31:51Z | 2025-11-03T18:31:51Z |
| ghsa-5gpc-893h-q6v2 | A cross-site scripting (XSS) vulnerability exists in the administrative interface of ultimatefoster… | 2025-11-03T18:31:51Z | 2025-11-03T18:31:51Z |
| ghsa-r3jf-hm7q-qfw5 | MantisBT Vulnerable to Denial-of-Service (DoS) via Excessive Note Length | 2025-11-03T17:07:39Z | 2025-11-04T16:55:30Z |
| ghsa-4v8w-gg5j-ph37 | MantisBT vulnerable to authentication bypass for some passwords due to PHP type juggling | 2025-11-03T17:07:36Z | 2025-11-04T22:16:19Z |
| ghsa-x4c6-9vq7-8hcm | The Doccure Core plugin for WordPress is vulnerable to privilege escalation in versions up to, and … | 2025-11-03T15:30:29Z | 2025-11-03T15:30:29Z |
| ghsa-rw86-f997-g9mx | A security flaw has been discovered in jeecgboot jeewx-boot up to 641ab52c3e1845fec39996d7794c33fb4… | 2025-11-03T15:30:29Z | 2025-11-03T15:30:29Z |
| ghsa-fr6p-f98h-2fhj | School Management System PHP v1.0 is vulnerable to Cross Site Scripting (XSS) in /login.php via the… | 2025-11-03T15:30:29Z | 2025-11-03T18:31:51Z |
| ghsa-cr7p-v4gj-9p32 | An issue in Raspberry Pi Imager version 1.9.6 for Windows, affecting its OS customization feature. … | 2025-11-03T15:30:29Z | 2025-11-03T21:34:42Z |
| ghsa-8m64-p66f-h4hv | An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a … | 2025-11-03T15:30:29Z | 2025-11-04T18:31:47Z |
| ghsa-7cw3-hmgq-847v | NetSurf 3.11 is vulnerable to Use After Free in dom_node_set_text_content function. | 2025-11-03T15:30:29Z | 2025-11-04T18:31:47Z |
| ghsa-6rfx-fjhv-r26f | An issue in NetSurf v.3.11 allows a remote attacker to execute arbitrary code via the dom_node_norm… | 2025-11-03T15:30:29Z | 2025-11-04T18:31:47Z |
| ghsa-6h26-gx4c-3ghh | Simple User Management System with PHP-MySQL v1.0 is vulnerable to Cross-Site Scripting (XSS) via t… | 2025-11-03T15:30:29Z | 2025-11-03T18:31:51Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-43444 | N/A | A permissions issue was addressed with additional… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:31.293Z | 2025-11-05T18:33:25.644Z |
| cve-2025-43413 | N/A | An access issue was addressed with additional san… |
Apple |
macOS |
2025-11-04T01:15:30.431Z | 2025-11-04T15:04:27.436Z |
| cve-2025-43385 | N/A | An out-of-bounds access issue was addressed with … |
Apple |
iOS and iPadOS |
2025-11-04T01:15:29.536Z | 2025-11-05T18:33:25.022Z |
| cve-2025-43468 | N/A | A downgrade issue affecting Intel-based Mac compu… |
Apple |
macOS |
2025-11-04T01:15:28.592Z | 2025-11-05T14:49:18.562Z |
| cve-2025-43429 | N/A | A buffer overflow was addressed with improved bou… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:24.575Z | 2025-11-05T18:33:24.411Z |
| cve-2025-43350 | N/A | A permissions issue was addressed with additional… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:23.731Z | 2025-11-05T14:50:07.430Z |
| cve-2025-43409 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-11-04T01:15:22.042Z | 2025-11-05T14:50:27.455Z |
| cve-2025-43448 | N/A | This issue was addressed with improved validation… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:20.321Z | 2025-11-05T18:33:23.143Z |
| cve-2025-43389 | N/A | A privacy issue was addressed by removing the vul… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:19.355Z | 2025-11-05T18:33:22.509Z |
| cve-2025-43433 | N/A | The issue was addressed with improved memory hand… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:18.515Z | 2025-11-05T18:33:21.860Z |
| cve-2025-43425 | N/A | The issue was addressed with improved memory hand… |
Apple |
Safari |
2025-11-04T01:15:17.596Z | 2025-11-04T13:53:18.843Z |
| cve-2025-43472 | N/A | A validation issue was addressed with improved in… |
Apple |
macOS |
2025-11-04T01:15:16.638Z | 2025-11-05T04:55:26.111Z |
| cve-2025-35021 | 6.5 (v3.1) | Abilis CPX Fallback Shell Connection Relay |
Abilis |
CPX |
2025-11-04T00:23:23.924Z | 2025-11-05T14:54:15.000Z |
| cve-2025-46556 | MantisBT is Vulnerable to Denial-of-Service (DoS) atta… |
mantisbt |
mantisbt |
2025-11-04T00:20:28.193Z | 2025-11-06T20:44:40.100Z | |
| cve-2025-63294 | N/A | WorkDo HRM SaaS HR and Payroll Tool 8.1 is affect… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T15:52:40.974Z |
| cve-2025-61431 | N/A | A reflected cross-site scripted (XSS) vulnerabili… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:14:00.631Z |
| cve-2025-60925 | N/A | codeshare v1.0.0 was discovered to contain an inf… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T16:40:03.055Z |
| cve-2025-56230 | N/A | Tencent Docs Desktop 3.9.20 and earlier suffers f… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:38:15.979Z |
| cve-2025-54335 | N/A | An issue was discovered in the GPU driver in Sams… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:27:24.521Z |
| cve-2025-54334 | N/A | An issue was discovered in the NPU driver in Sams… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T20:38:20.142Z |
| cve-2025-54333 | N/A | An issue was discovered in NPU in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T20:02:17.865Z |
| cve-2025-54332 | N/A | An issue was discovered in NPU in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T19:59:59.474Z |
| cve-2025-54331 | N/A | An issue was discovered in NPU in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T19:57:07.265Z |
| cve-2025-54330 | N/A | An issue was discovered in NPU in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T19:54:36.141Z |
| cve-2025-54329 | N/A | An issue was discovered in NAS in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T16:58:31.436Z |
| cve-2025-54327 | N/A | An issue was discovered in VTS in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T21:23:00.335Z |
| cve-2025-54325 | N/A | An issue was discovered in VTS in Samsung Mobile … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T20:36:14.961Z |
| cve-2025-54323 | N/A | An issue was discovered in the camera in Samsung … |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T20:27:01.989Z |
| cve-2025-52910 | N/A | An issue was discovered in the GPU in Samsung Mob… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-05T14:56:51.459Z |
| cve-2025-52513 | N/A | An issue was discovered in Samsung Mobile Process… |
n/a |
n/a |
2025-11-04T00:00:00.000Z | 2025-11-04T20:37:11.807Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-43429 | N/A | A buffer overflow was addressed with improved bou… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:24.575Z | 2025-11-05T18:33:24.411Z |
| cve-2025-43427 | N/A | This issue was addressed through improved state m… |
Apple |
Safari |
2025-11-04T01:17:32.620Z | 2025-11-04T16:51:42.885Z |
| cve-2025-43426 | N/A | A logging issue was addressed with improved data … |
Apple |
iOS and iPadOS |
2025-11-04T01:17:56.437Z | 2025-11-04T15:31:50.262Z |
| cve-2025-43425 | N/A | The issue was addressed with improved memory hand… |
Apple |
Safari |
2025-11-04T01:15:17.596Z | 2025-11-04T13:53:18.843Z |
| cve-2025-43424 | N/A | The issue was addressed with improved bounds chec… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:51.649Z | 2025-11-05T14:42:09.711Z |
| cve-2025-43423 | N/A | A logging issue was addressed with improved data … |
Apple |
iOS and iPadOS |
2025-11-04T01:16:08.426Z | 2025-11-05T18:33:31.618Z |
| cve-2025-43422 | N/A | The issue was addressed by adding additional logi… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:26.982Z | 2025-11-04T15:35:24.827Z |
| cve-2025-43421 | N/A | Multiple issues were addressed by disabling array… |
Apple |
Safari |
2025-11-04T01:17:02.976Z | 2025-11-04T16:52:25.936Z |
| cve-2025-43420 | N/A | A race condition was addressed with improved stat… |
Apple |
macOS |
2025-11-04T01:17:07.794Z | 2025-11-04T14:33:42.549Z |
| cve-2025-43419 | N/A | The issue was addressed with improved memory hand… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:11.243Z | 2025-11-05T04:55:23.400Z |
| cve-2025-43414 | N/A | A permissions issue was addressed with improved v… |
Apple |
macOS |
2025-11-04T01:16:33.096Z | 2025-11-04T15:39:32.018Z |
| cve-2025-43413 | N/A | An access issue was addressed with additional san… |
Apple |
macOS |
2025-11-04T01:15:30.431Z | 2025-11-04T15:04:27.436Z |
| cve-2025-43412 | N/A | A file quarantine bypass was addressed with addit… |
Apple |
macOS |
2025-11-04T01:15:38.927Z | 2025-11-05T14:43:30.354Z |
| cve-2025-43411 | N/A | This issue was addressed with additional entitlem… |
Apple |
macOS |
2025-11-04T01:17:41.073Z | 2025-11-04T14:58:31.806Z |
| cve-2025-43409 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-11-04T01:15:22.042Z | 2025-11-05T14:50:27.455Z |
| cve-2025-43408 | N/A | This issue was addressed by restricting options o… |
Apple |
macOS |
2025-11-04T01:15:46.185Z | 2025-11-04T13:38:14.840Z |
| cve-2025-43407 | N/A | This issue was addressed with improved entitlemen… |
Apple |
macOS |
2025-11-04T01:17:34.427Z | 2025-11-04T18:07:01.199Z |
| cve-2025-43405 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-11-04T01:15:33.164Z | 2025-11-04T16:18:27.560Z |
| cve-2025-43401 | N/A | A denial-of-service issue was addressed with impr… |
Apple |
macOS |
2025-11-04T01:16:42.528Z | 2025-11-04T14:37:44.637Z |
| cve-2025-43399 | N/A | This issue was addressed with improved redaction … |
Apple |
iOS and iPadOS |
2025-11-04T01:16:16.627Z | 2025-11-05T18:33:33.588Z |
| cve-2025-43398 | N/A | The issue was addressed with improved memory hand… |
Apple |
iOS and iPadOS |
2025-11-04T01:16:18.466Z | 2025-11-05T18:33:34.218Z |
| cve-2025-43397 | N/A | A permissions issue was addressed by removing the… |
Apple |
macOS |
2025-11-04T01:16:44.623Z | 2025-11-04T13:12:58.763Z |
| cve-2025-43396 | N/A | A logic issue was addressed with improved checks.… |
Apple |
macOS |
2025-11-04T01:17:25.064Z | 2025-11-04T18:02:52.414Z |
| cve-2025-43395 | N/A | This issue was addressed with improved handling o… |
Apple |
macOS |
2025-11-04T01:16:06.557Z | 2025-11-04T19:07:51.607Z |
| cve-2025-43394 | N/A | This issue was addressed with improved handling o… |
Apple |
macOS |
2025-11-04T01:16:27.939Z | 2025-11-04T15:44:31.629Z |
| cve-2025-43392 | N/A | The issue was addressed with improved handling of… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:34.041Z | 2025-11-05T18:33:26.374Z |
| cve-2025-43391 | N/A | A privacy issue was addressed with improved handl… |
Apple |
macOS |
2025-11-04T01:17:35.327Z | 2025-11-04T15:07:27.166Z |
| cve-2025-43390 | N/A | A downgrade issue affecting Intel-based Mac compu… |
Apple |
macOS |
2025-11-04T01:17:54.534Z | 2025-11-04T14:40:31.629Z |
| cve-2025-43389 | N/A | A privacy issue was addressed by removing the vul… |
Apple |
iOS and iPadOS |
2025-11-04T01:15:19.355Z | 2025-11-05T18:33:22.509Z |
| cve-2025-43387 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-11-04T01:17:42.899Z | 2025-11-05T04:55:19.394Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-189082 | Malicious code in rate-limiter-chalk-miranda-cassini (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189081 | Malicious code in rate-limiter-callback-nebula-electron (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189080 | Malicious code in rate-limiter-aurora-helmet-perseus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189079 | Malicious code in rate-limiter-areology-dorado-apex (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189078 | Malicious code in rate-limiter-achernar-hydrogeology-antimatter (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189077 | Malicious code in rain-theta-thread-star-simulate (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189076 | Malicious code in rain-interface-java-bundle-wind (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189075 | Malicious code in rain-final-bash-bad-resolve (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189074 | Malicious code in radiometric-vega-element-ui-oortcloud (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189073 | Malicious code in radiometric-stratigraphy-nodemon-start (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189072 | Malicious code in radiometric-proxima-ophiuchus-bellatrix (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189071 | Malicious code in radiometric-nova-rocket-transport (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189070 | Malicious code in radiometric-native-adonis-cygnus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189069 | Malicious code in radiometric-csrf-odin-tool (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189068 | Malicious code in radioastronomy-zooarchaeology-got-magnetar (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189067 | Malicious code in radioastronomy-readable-proxima-sadr (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189066 | Malicious code in radioastronomy-photon-eslint-apollo (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189065 | Malicious code in radioastronomy-mongoose-inquirer-hyperion (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189064 | Malicious code in radioastronomy-holography-express-avior (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189063 | Malicious code in radioastronomy-eventhoriz-thuban-kinetic (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189062 | Malicious code in radioastronomy-eslint-plugin-procyon-kastra (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189061 | Malicious code in radioastronomy-augmentedreality-library-style-loader (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189060 | Malicious code in radiant-toml-primatology-dotenv-safe (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189059 | Malicious code in radiant-relay-castor-bulma (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189058 | Malicious code in radiant-on-oscillation-indus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189057 | Malicious code in radiant-nestjs-parcel-apex (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189056 | Malicious code in radiant-express-terser-bellatrix (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189055 | Malicious code in radiant-express-sync-tachyon (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189054 | Malicious code in radiant-event-bootstrap-geodynamo (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-189053 | Malicious code in radiant-cross-env-neutrino-local (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:10009 | Red Hat Security Advisory: kernel security update | 2025-07-01T01:11:26+00:00 | 2025-11-06T19:45:03+00:00 |
| rhsa-2025:9997 | Red Hat Security Advisory: mod_proxy_cluster security update | 2025-07-01T01:09:06+00:00 | 2025-11-08T07:13:38+00:00 |
| rhsa-2025:10010 | Red Hat Security Advisory: mod_auth_openidc:2.3 security update | 2025-07-01T01:05:41+00:00 | 2025-11-11T12:11:04+00:00 |
| rhsa-2025:10003 | Red Hat Security Advisory: mod_auth_openidc:2.3 security update | 2025-07-01T00:57:21+00:00 | 2025-11-11T12:10:56+00:00 |
| rhsa-2025:10004 | Red Hat Security Advisory: mod_auth_openidc:2.3 security update | 2025-07-01T00:49:26+00:00 | 2025-11-11T12:10:58+00:00 |
| rhsa-2025:10008 | Red Hat Security Advisory: mod_auth_openidc security update | 2025-07-01T00:44:26+00:00 | 2025-11-11T12:11:02+00:00 |
| rhsa-2025:10006 | Red Hat Security Advisory: mod_auth_openidc:2.3 security update | 2025-07-01T00:43:16+00:00 | 2025-11-11T12:11:00+00:00 |
| rhsa-2025:10005 | Red Hat Security Advisory: kernel security update | 2025-07-01T00:41:17+00:00 | 2025-11-06T19:45:01+00:00 |
| rhsa-2025:10002 | Red Hat Security Advisory: mod_auth_openidc security update | 2025-07-01T00:38:56+00:00 | 2025-11-11T12:10:54+00:00 |
| rhsa-2025:9986 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update | 2025-06-30T21:23:51+00:00 | 2025-11-11T20:40:12+00:00 |
| rhsa-2025:9978 | Red Hat Security Advisory: sudo security update | 2025-06-30T19:59:51+00:00 | 2025-11-06T23:15:49+00:00 |
| rhsa-2025:9975 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update | 2025-06-30T17:50:04+00:00 | 2025-11-11T20:40:12+00:00 |
| rhsa-2025:9966 | Red Hat Security Advisory: Red Hat Developer Hub 1.6.2 release. | 2025-06-30T14:17:56+00:00 | 2025-11-07T16:35:25+00:00 |
| rhsa-2025:9964 | Red Hat Security Advisory: xorg-x11-server security update | 2025-06-30T13:49:07+00:00 | 2025-11-10T14:23:04+00:00 |
| rhsa-2025:9918 | Red Hat Security Advisory: python3.11 security update | 2025-06-30T13:43:06+00:00 | 2025-11-11T08:20:09+00:00 |
| rhsa-2025:9922 | Red Hat Security Advisory: Streams for Apache Kafka 2.9.1 release and security update | 2025-06-30T13:16:39+00:00 | 2025-11-11T16:09:08+00:00 |
| rhsa-2025:9896 | Red Hat Security Advisory: kernel security update | 2025-06-30T08:58:29+00:00 | 2025-11-11T09:14:51+00:00 |
| rhsa-2025:9880 | Red Hat Security Advisory: kernel security update | 2025-06-30T03:47:53+00:00 | 2025-11-11T11:27:34+00:00 |
| rhsa-2025:9877 | Red Hat Security Advisory: glibc security update | 2025-06-30T02:51:09+00:00 | 2025-11-11T10:41:12+00:00 |
| rhsa-2025:9878 | Red Hat Security Advisory: libblockdev security update | 2025-06-30T01:32:33+00:00 | 2025-11-11T10:13:38+00:00 |
| rhsa-2025:9844 | Red Hat Security Advisory: osbuild-composer security update | 2025-06-26T16:57:43+00:00 | 2025-11-11T20:40:11+00:00 |
| rhsa-2025:9845 | Red Hat Security Advisory: weldr-client security update | 2025-06-26T16:57:30+00:00 | 2025-11-11T20:40:11+00:00 |
| rhsa-2025:9838 | Red Hat Security Advisory: Satellite 6.15.5.3 Async Update | 2025-06-26T16:06:18+00:00 | 2025-11-06T22:56:51+00:00 |
| rhsa-2025:9776 | Red Hat Security Advisory: New RHCS 8.1 container image is now available in the Red Hat Ecosystem Catalog. | 2025-06-26T12:12:44+00:00 | 2025-11-12T18:24:51+00:00 |
| rhsa-2025:9775 | Red Hat Security Advisory: Red Hat Ceph Storage 8.1 security, bug fix, and enhancement updates | 2025-06-26T12:12:14+00:00 | 2025-11-06T23:59:40+00:00 |
| rhsa-2025:9756 | Red Hat Security Advisory: opentelemetry-collector security update | 2025-06-26T07:53:59+00:00 | 2025-11-11T20:40:11+00:00 |
| rhsa-2025:9741 | Red Hat Security Advisory: perl-File-Find-Rule security update | 2025-06-26T06:32:54+00:00 | 2025-11-08T03:20:27+00:00 |
| rhsa-2025:9740 | Red Hat Security Advisory: perl-File-Find-Rule-Perl security update | 2025-06-26T06:29:03+00:00 | 2025-11-08T03:20:20+00:00 |
| rhsa-2025:9259 | Red Hat Security Advisory: OpenShift Container Platform 4.15.53 bug fix and security update | 2025-06-26T01:50:03+00:00 | 2025-11-11T16:22:00+00:00 |
| rhsa-2025:9712 | Red Hat Security Advisory: weldr-client security update | 2025-06-26T00:30:53+00:00 | 2025-11-11T20:40:11+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-30696 | Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-30695 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-30693 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-30689 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-30688 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-30687 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-30685 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-30684 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-30683 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-30682 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-30681 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-30215 | NATS-Server Fails to Authorize Certain Jetstream Admin APIs | 2025-04-02T00:00:00.000Z | 2025-04-22T00:00:00.000Z |
| msrc_cve-2025-29481 | Buffer Overflow vulnerability in libbpf 1.5.0 allows a local attacker to execute arbitrary code via the bpf_object__init_prog` function of libbpf. | 2025-04-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2025-29478 | An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the cfl_list_size in cfl_list.h:165. | 2025-04-02T00:00:00.000Z | 2025-09-03T23:03:51.000Z |
| msrc_cve-2025-29477 | An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event. | 2025-04-02T00:00:00.000Z | 2025-09-03T23:34:18.000Z |
| msrc_cve-2025-29087 | In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory. | 2025-04-02T00:00:00.000Z | 2025-09-04T00:06:55.000Z |
| msrc_cve-2025-2784 | Libsoup: heap buffer over-read in `skip_insignificant_space` when sniffing content | 2025-04-02T00:00:00.000Z | 2025-06-20T00:00:00.000Z |
| msrc_cve-2025-23136 | thermal: int340x: Add NULL check for adev | 2025-04-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-23133 | wifi: ath11k: update channel list in reg notifier instead reg worker | 2025-04-02T00:00:00.000Z | 2025-09-04T01:56:16.000Z |
| msrc_cve-2025-23132 | f2fs: quota: fix to avoid warning in dquot_writeback_dquots() | 2025-04-02T00:00:00.000Z | 2025-09-04T00:07:59.000Z |
| msrc_cve-2025-23131 | dlm: prevent NPD when writing a positive value to event_done | 2025-04-02T00:00:00.000Z | 2025-09-04T02:15:43.000Z |
| msrc_cve-2025-23130 | f2fs: fix to avoid panic once fallocation fails for pinfile | 2025-04-02T00:00:00.000Z | 2025-09-04T00:26:15.000Z |
| msrc_cve-2025-2291 | PgBouncer default auth_query does not take Postgres password expiry into account | 2025-04-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-22872 | Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net | 2025-04-02T00:00:00.000Z | 2025-07-10T00:00:00.000Z |
| msrc_cve-2025-22871 | Request smuggling due to acceptance of invalid chunked data in net/http | 2025-04-02T00:00:00.000Z | 2025-04-26T00:00:00.000Z |
| msrc_cve-2025-22127 | f2fs: fix potential deadloop in prepare_compress_overwrite() | 2025-04-02T00:00:00.000Z | 2025-09-03T21:50:44.000Z |
| msrc_cve-2025-22126 | md: fix mddev uaf while iterating all_mddevs list | 2025-04-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-22125 | md/raid1,raid10: don't ignore IO flags | 2025-04-02T00:00:00.000Z | 2025-09-03T21:54:28.000Z |
| msrc_cve-2025-22121 | ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() | 2025-04-02T00:00:00.000Z | 2025-09-04T00:04:25.000Z |
| msrc_cve-2025-22115 | btrfs: fix block group refcount race in btrfs_create_pending_block_groups() | 2025-04-02T00:00:00.000Z | 2025-09-04T00:35:46.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2017-000112 | Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to information disclosure | 2017-06-06T14:20+09:00 | 2017-11-27T17:22+09:00 |
| jvndb-2017-000114 | Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to remote code execution | 2017-06-06T14:19+09:00 | 2017-11-27T17:22+09:00 |
| jvndb-2017-000111 | Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to remote code execution | 2017-06-06T14:19+09:00 | 2017-11-27T17:22+09:00 |
| jvndb-2017-000102 | The installer of the Ministry of Justice [The electronic authentication system based on the commercial registration system "The CRCA user's Software"] may insecurely load Dynamic Link Libraries | 2017-06-06T11:19+09:00 | 2018-01-17T13:58+09:00 |
| jvndb-2017-000119 | Installer of Houkokusyo Sakusei Shien Tool provided by Ministry of the Environment may insecurely load Dynamic Link Libraries | 2017-06-05T13:47+09:00 | 2018-01-17T13:49+09:00 |
| jvndb-2017-000110 | Installer of SaAT Personal may insecurely load Dynamic Link Libraries | 2017-06-02T14:00+09:00 | 2018-01-17T12:25+09:00 |
| jvndb-2017-000109 | Installer of SaAT Netizen may insecurely load Dynamic Link Libraries | 2017-06-02T14:00+09:00 | 2018-01-17T12:29+09:00 |
| jvndb-2017-000107 | RW-5100 tool to verify execution environment may insecurely load Dynamic Link Libraries | 2017-06-01T16:47+09:00 | 2018-01-24T14:03+09:00 |
| jvndb-2017-000106 | RW-5100 driver installer may insecurely load Dynamic Link Libraries | 2017-06-01T16:44+09:00 | 2018-01-24T14:15+09:00 |
| jvndb-2017-000105 | RW-4040 tool to verify execution environment may insecurely load Dynamic Link Libraries | 2017-06-01T16:40+09:00 | 2018-01-24T14:05+09:00 |
| jvndb-2017-000104 | RW-4040 driver installer may insecurely load Dynamic Link Libraries | 2017-06-01T16:25+09:00 | 2018-01-24T13:57+09:00 |
| jvndb-2017-000108 | Installer of Tera Term may insecurely load Dynamic Link Libraries | 2017-06-01T14:42+09:00 | 2018-01-24T14:20+09:00 |
| jvndb-2017-000103 | WordPress plugin "WP Live Chat Support" vulnerable to cross-site scripting | 2017-06-01T14:06+09:00 | 2017-11-27T16:47+09:00 |
| jvndb-2017-000101 | Installers of the screensavers provided by JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE may insecurely load Dynamic Link Libraries | 2017-05-25T14:14+09:00 | 2018-02-15T15:30+09:00 |
| jvndb-2017-000100 | Installer of electronic tendering and bid opening system provided by Acquisition, Technology & Logistics Agency may insecurely load Dynamic Link Libraries | 2017-05-25T14:14+09:00 | 2018-01-17T13:58+09:00 |
| jvndb-2017-000089 | GroupSession fails to restrict access permissions | 2017-05-25T14:14+09:00 | 2018-01-24T11:59+09:00 |
| jvndb-2017-000099 | SSL Visibility Appliance may generate illegal RST packets | 2017-05-24T14:41+09:00 | 2017-05-31T19:27+09:00 |
| jvndb-2017-000098 | The installer of Empirical Project Monitor - eXtended may insecurely load Dynamic Link Libraries | 2017-05-19T14:57+09:00 | 2017-11-27T18:01+09:00 |
| jvndb-2017-000097 | Empirical Project Monitor - eXtended vulnerable to cross-site scripting | 2017-05-19T14:55+09:00 | 2017-11-27T18:01+09:00 |
| jvndb-2017-000096 | Empirical Project Monitor - eXtended vulnerable to cross-site scripting | 2017-05-19T14:53+09:00 | 2017-11-27T18:01+09:00 |
| jvndb-2017-000091 | FlashAir do not set credential information in PhotoShare | 2017-05-16T15:46+09:00 | 2017-12-21T19:16+09:00 |
| jvndb-2017-000090 | FlashAir fails to restrict access permissions in PhotoShare | 2017-05-16T15:34+09:00 | 2017-12-21T19:13+09:00 |
| jvndb-2017-000094 | Multiple BestWebSoft WordPress plugins vulnerable to cross-site scripting | 2017-05-16T14:00+09:00 | 2017-11-27T17:04+09:00 |
| jvndb-2017-000093 | WordPress plugin "MaxButtons" vulnerable to cross-site scripting | 2017-05-16T13:59+09:00 | 2018-01-17T12:28+09:00 |
| jvndb-2017-000092 | WordPress plugin "WP Booking System" vulnerable to cross-site scripting | 2017-05-16T13:58+09:00 | 2018-01-17T11:46+09:00 |
| jvndb-2017-000080 | PrimeDrive Desktop Application Installer may insecurely load executable files | 2017-05-12T13:36+09:00 | 2017-11-27T16:55+09:00 |
| jvndb-2017-000079 | The installer of SOY CMS vulnerable to cross-site scripting | 2017-05-11T13:37+09:00 | 2017-11-27T17:23+09:00 |
| jvndb-2017-000078 | SOY CMS vulnerable to directory traversal | 2017-05-11T13:36+09:00 | 2017-11-27T17:23+09:00 |
| jvndb-2017-000083 | The installer of The Public Certification Service for Individuals "The JPKI user's software" may insecurely load Dynamic Link Libraries | 2017-05-09T13:52+09:00 | 2017-11-27T17:23+09:00 |
| jvndb-2017-000082 | Nessus vulnerable to cross-site scripting | 2017-05-09T13:52+09:00 | 2017-11-27T16:55+09:00 |
| ID | Description | Updated |
|---|