Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-p9v7-8x2v-h926 | A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker, … | 2025-11-07T18:30:30Z | 2025-11-07T18:30:30Z |
| ghsa-mrvf-43v7-86fr | Improper Authentication vulnerability in GE Vernova Smallworld on Windows, Linux allows Authenticat… | 2025-11-07T18:30:30Z | 2025-11-07T18:30:30Z |
| ghsa-g6vp-qx8j-gqr4 | A cross-site scripting (XSS) vulnerability has been reported to affect Download Station. If a remot… | 2025-11-07T18:30:30Z | 2025-11-07T18:30:30Z |
| ghsa-f2mq-8pqx-fqh5 | A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the text editor feature of the Onloo… | 2025-11-07T18:30:30Z | 2025-11-07T18:30:30Z |
| ghsa-cc6p-pmxf-h4wh | A relative path traversal vulnerability has been reported to affect Download Station. If a remote a… | 2025-11-07T18:30:30Z | 2025-11-07T18:30:30Z |
| ghsa-9m86-pmxw-268g | A vulnerability was identified in projectworlds Online Notes Sharing Platform 1.0. Affected by this… | 2025-11-07T18:30:30Z | 2025-11-07T18:30:30Z |
| ghsa-662x-h9f2-q6cg | A Broken Object Level Authorization (BOLA) vulnerability was discovered in the tRPC project mutatio… | 2025-11-07T18:30:30Z | 2025-11-07T18:30:30Z |
| ghsa-59mx-mhm6-4342 | In pig-mesh Pig versions 3.8.2 and below, when setting up scheduled tasks in the Quartz management … | 2025-11-07T18:30:30Z | 2025-11-07T21:31:20Z |
| ghsa-4wvp-cwq3-wg7g | There is an arbitrary file download vulnerability in GuoMinJim PersonManage thru commit 5a02b1ab208… | 2025-11-07T18:30:30Z | 2025-11-07T18:30:30Z |
| ghsa-3xhw-hf92-cgv2 | Multiple SQL injection vulnerabilitites in ycf1998 money-pos system before commit 11f276bd20a41f089… | 2025-11-07T18:30:30Z | 2025-11-07T18:30:30Z |
| ghsa-2qv6-8qcf-2852 | An issue was discovered in rymcu forest thru commit f782e85 (2025-09-04) in function doBefore in fi… | 2025-11-07T18:30:30Z | 2025-11-07T18:30:30Z |
| ghsa-xxj3-2v78-2rpq | A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote at… | 2025-11-07T18:30:29Z | 2025-11-07T18:30:29Z |
| ghsa-rxrq-fx2p-jjc3 | A NULL pointer dereference vulnerability has been reported to affect several product versions. If a… | 2025-11-07T18:30:29Z | 2025-11-07T18:30:29Z |
| ghsa-rp6p-wfxv-r42f | A cross-site scripting (XSS) vulnerability has been reported to affect Notification Center. If a re… | 2025-11-07T18:30:29Z | 2025-11-07T18:30:29Z |
| ghsa-qgw9-46r7-vc44 | A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If a remote at… | 2025-11-07T18:30:29Z | 2025-11-07T18:30:29Z |
| ghsa-pm6h-6rwh-xxg7 | An allocation of resources without limits or throttling vulnerability has been reported to affect F… | 2025-11-07T18:30:29Z | 2025-11-07T18:30:29Z |
| ghsa-pgj4-857c-6p22 | An allocation of resources without limits or throttling vulnerability has been reported to affect F… | 2025-11-07T18:30:29Z | 2025-11-07T18:30:29Z |
| ghsa-m3r6-m7vf-qggf | A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote at… | 2025-11-07T18:30:29Z | 2025-11-07T18:30:29Z |
| ghsa-84gm-v5xp-w9qf | A cross-site scripting (XSS) vulnerability has been reported to affect File Station 5. If a remote … | 2025-11-07T18:30:29Z | 2025-11-07T18:30:29Z |
| ghsa-6f3w-7q37-9xgc | An SQL injection vulnerability has been reported to affect QuMagie. A remote attacker can exploit t… | 2025-11-07T18:30:29Z | 2025-11-07T18:30:29Z |
| ghsa-5cf5-w226-83hj | A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote at… | 2025-11-07T18:30:29Z | 2025-11-07T18:30:29Z |
| ghsa-4735-r254-hcj8 | An allocation of resources without limits or throttling vulnerability has been reported to affect F… | 2025-11-07T18:30:29Z | 2025-11-07T18:30:29Z |
| ghsa-3vg5-p6w2-984m | An allocation of resources without limits or throttling vulnerability has been reported to affect F… | 2025-11-07T18:30:29Z | 2025-11-07T18:30:29Z |
| ghsa-v7p2-phgw-4fh4 | A vulnerability was determined in DedeBIZ up to 6.3.2. Affected by this vulnerability is an unknown… | 2025-11-07T18:30:28Z | 2025-11-07T18:30:28Z |
| ghsa-cm35-v4vp-5xvx | Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events | 2025-11-07T17:37:33Z | 2025-11-07T17:37:33Z |
| ghsa-3fv2-ccqm-h3x9 | A vulnerability was found in DedeBIZ up to 6.3.2. Affected is an unknown function of the file /admi… | 2025-11-07T15:31:31Z | 2025-11-07T15:31:31Z |
| ghsa-v4pm-h4rc-6r9v | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 564 - S… | 2025-11-07T15:31:30Z | 2025-11-07T15:31:30Z |
| ghsa-q2pr-r6jf-wv38 | A security flaw has been discovered in code-projects Responsive Hotel Site 1.0. This issue affects … | 2025-11-07T15:31:30Z | 2025-11-07T15:31:30Z |
| ghsa-p5v7-wc9g-p479 | A vulnerability has been found in DedeBIZ up to 6.3.2. This impacts an unknown function of the file… | 2025-11-07T15:31:30Z | 2025-11-07T15:31:30Z |
| ghsa-mr8h-778f-8vq8 | A vulnerability was identified in newbee-mall-plus up to 2.4.1. This vulnerability affects the func… | 2025-11-07T15:31:30Z | 2025-11-07T15:31:30Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-36135 | 5.4 (v3.1) | IBM Sterling B2B Integrator and IBM Sterling File Gate… |
IBM |
Sterling B2B Integrator |
2025-11-07T18:26:57.845Z | 2025-11-07T18:47:27.813Z |
| cve-2024-47118 | 6.5 (v3.1) | IBM Db2 is vulnerable to a denial of service as the se… |
IBM |
Db2 |
2025-11-07T18:23:07.665Z | 2025-11-07T18:48:16.332Z |
| cve-2025-64431 | IDOR Vulnerabilities in ZITADEL's Organization API all… |
zitadel |
zitadel |
2025-11-07T18:09:25.466Z | 2025-11-07T18:29:24.551Z | |
| cve-2025-12829 | 6.9 (v4.0) 6.2 (v3.1) | An uninitialized stack read issue exists in Amazo… |
Amazon |
Ion-C |
2025-11-07T18:04:15.700Z | 2025-11-07T18:13:55.938Z |
| cve-2025-12873 | Campcodes School File Management update_user.php sql i… |
Campcodes |
School File Management |
2025-11-07T18:02:07.310Z | 2025-11-07T18:27:05.910Z | |
| cve-2025-9458 | 7.8 (v3.1) | PRT File Parsing Memory Corruption Vulnerability |
Autodesk |
Shared Components |
2025-11-07T18:01:48.595Z | 2025-11-08T04:55:20.636Z |
| cve-2025-64430 | Parse Server Vulnerable to Server-Side Request Forgery… |
parse-community |
parse-server |
2025-11-07T17:55:27.768Z | 2025-11-07T18:23:02.250Z | |
| cve-2025-64347 | Apollo Router Improperly Enforces Renamed Access Contr… |
apollographql |
router |
2025-11-07T17:47:28.360Z | 2025-11-07T18:25:59.775Z | |
| cve-2025-12862 | projectworlds Online Notes Sharing Platform userprofil… |
projectworlds |
Online Notes Sharing Platform |
2025-11-07T16:32:06.297Z | 2025-11-07T19:16:42.717Z | |
| cve-2025-3222 | 9.3 (v4.0) | Smallworld SWMFS Improper Authentication |
GE Vernova |
Smallworld |
2025-11-07T16:28:45.217Z | 2025-11-07T19:17:12.529Z |
| cve-2025-7719 | 5.3 (v4.0) | Smallworld SWMFS Arbitrary File Ops |
GE Vernova |
Smallworld |
2025-11-07T16:28:03.432Z | 2025-11-07T19:17:44.314Z |
| cve-2025-12861 | DedeBIZ spec_add.php sql injection |
n/a |
DedeBIZ |
2025-11-07T16:02:05.050Z | 2025-11-07T19:25:27.663Z | |
| cve-2025-47207 | 5.3 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:16:08.604Z | 2025-11-07T15:56:40.737Z |
| cve-2025-52425 | 9.5 (v4.0) | QuMagie |
QNAP Systems Inc. |
QuMagie |
2025-11-07T15:15:57.937Z | 2025-11-07T15:55:26.440Z |
| cve-2025-52865 | 1.3 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:15:20.701Z | 2025-11-07T15:55:41.114Z |
| cve-2025-53408 | 1.3 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:15:11.361Z | 2025-11-07T15:43:49.566Z |
| cve-2025-53409 | 4.9 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:14:44.914Z | 2025-11-07T15:56:12.638Z |
| cve-2025-53410 | 4.9 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:14:20.754Z | 2025-11-07T15:56:28.129Z |
| cve-2025-53411 | 1.2 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:13:57.618Z | 2025-11-07T15:56:50.992Z |
| cve-2025-53412 | 0.6 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:13:34.575Z | 2025-11-07T15:57:02.038Z |
| cve-2025-53413 | 4.9 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:13:03.060Z | 2025-11-07T15:57:08.616Z |
| cve-2025-54167 | 7.2 (v4.0) | Notification Center |
QNAP Systems Inc. |
Notification Center |
2025-11-07T15:12:39.176Z | 2025-11-07T15:57:14.662Z |
| cve-2025-54168 | 2.2 (v4.0) | QuLog Center |
QNAP Systems Inc. |
QuLog Center |
2025-11-07T15:12:10.966Z | 2025-11-07T15:57:21.137Z |
| cve-2025-57706 | 2.2 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:11:47.864Z | 2025-11-07T15:57:28.627Z |
| cve-2025-57712 | 4 (v4.0) | Qsync Central |
QNAP Systems Inc. |
Qsync Central |
2025-11-07T15:11:14.888Z | 2025-11-07T16:11:21.520Z |
| cve-2025-58463 | 2.3 (v4.0) | Download Station |
QNAP Systems Inc. |
Download Station |
2025-11-07T15:10:42.856Z | 2025-11-07T16:11:30.915Z |
| cve-2025-58464 | 7.8 (v4.0) | QuMagie |
QNAP Systems Inc. |
QuMagie |
2025-11-07T15:10:10.396Z | 2025-11-07T16:11:39.344Z |
| cve-2025-58465 | 2.2 (v4.0) | Download Station |
QNAP Systems Inc. |
Download Station |
2025-11-07T15:09:31.301Z | 2025-11-07T15:47:03.235Z |
| cve-2025-58469 | 1.2 (v4.0) | QuLog Center |
QNAP Systems Inc. |
QuLog Center |
2025-11-07T15:08:56.159Z | 2025-11-07T15:48:30.618Z |
| cve-2025-12860 | DedeBIZ freelist_main.php sql injection |
n/a |
DedeBIZ |
2025-11-07T15:02:08.895Z | 2025-11-07T20:42:56.659Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-36136 | 5.1 (v3.1) | IBM denial of service |
IBM |
Db2 |
2025-11-07T18:45:46.550Z | 2025-11-07T18:53:53.234Z |
| cve-2025-36135 | 5.4 (v3.1) | IBM Sterling B2B Integrator and IBM Sterling File Gate… |
IBM |
Sterling B2B Integrator |
2025-11-07T18:26:57.845Z | 2025-11-07T18:47:27.813Z |
| cve-2025-36131 | 4.6 (v3.1) | IBM Db2 information disclosure |
IBM |
Db2 |
2025-11-07T18:53:45.472Z | 2025-11-07T19:06:54.110Z |
| cve-2025-36008 | 6.5 (v3.1) | IBM Db2 denial of service |
IBM |
Db2 |
2025-11-07T18:57:09.615Z | 2025-11-07T19:10:03.557Z |
| cve-2025-36006 | 6.5 (v3.1) | IBM Db2 denial of service |
IBM |
Db2 |
2025-11-07T19:04:05.595Z | 2025-11-07T19:15:29.778Z |
| cve-2025-33012 | 6.3 (v3.1) | IBM Db2 improper account lockout |
IBM |
Db2 |
2025-11-07T18:38:29.123Z | 2025-11-07T18:56:16.588Z |
| cve-2025-2534 | 5.3 (v3.1) | IBM Db2 denial of service |
IBM |
Db2 |
2025-11-07T18:36:49.488Z | 2025-11-07T18:56:31.224Z |
| cve-2025-12890 | 6.5 (v3.1) | Bluetooth: peripheral: Invalid handling of malformed c… |
zephyrproject-rtos |
Zephyr |
2025-11-07T18:40:56.266Z | 2025-11-07T18:40:56.266Z |
| cve-2024-47118 | 6.5 (v3.1) | IBM Db2 is vulnerable to a denial of service as the se… |
IBM |
Db2 |
2025-11-07T18:23:07.665Z | 2025-11-07T18:48:16.332Z |
| cve-2025-9458 | 7.8 (v3.1) | PRT File Parsing Memory Corruption Vulnerability |
Autodesk |
Shared Components |
2025-11-07T18:01:48.595Z | 2025-11-08T04:55:20.636Z |
| cve-2025-64430 | Parse Server Vulnerable to Server-Side Request Forgery… |
parse-community |
parse-server |
2025-11-07T17:55:27.768Z | 2025-11-07T18:23:02.250Z | |
| cve-2025-64347 | Apollo Router Improperly Enforces Renamed Access Contr… |
apollographql |
router |
2025-11-07T17:47:28.360Z | 2025-11-07T18:25:59.775Z | |
| cve-2025-63718 | N/A | A SQL injection vulnerability exists in the Sourc… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T17:55:22.678Z |
| cve-2025-63716 | N/A | The SourceCodester Leads Manager Tool v1.0 is vul… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T17:59:53.884Z |
| cve-2025-63714 | N/A | Cross-Site Scripting (XSS) vulnerability in Sourc… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T17:49:53.651Z |
| cve-2025-63713 | N/A | Cross-Site Scripting (XSS) vulnerability in Sourc… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T17:54:00.607Z |
| cve-2025-57697 | N/A | AstrBot Project v3.5.22 has an arbitrary file rea… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T17:44:56.493Z |
| cve-2025-12873 | Campcodes School File Management update_user.php sql i… |
Campcodes |
School File Management |
2025-11-07T18:02:07.310Z | 2025-11-07T18:27:05.910Z | |
| cve-2025-12858 | N/A | {'providerMetadata': {'orgId': 'b15e7b5b-3da4-40ae-a43c-f7aa60e62599', 'shortName': 'Wordfence', 'dateUpdated': '2025-11-07T18:03:35.198Z'}, 'rejectedReasons': [{'lang': 'en', 'value': '** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.'}]} | N/A | N/A | 2025-11-07T18:03:35.198Z | |
| cve-2025-12829 | 6.9 (v4.0) 6.2 (v3.1) | An uninitialized stack read issue exists in Amazo… |
Amazon |
Ion-C |
2025-11-07T18:04:15.700Z | 2025-11-07T18:13:55.938Z |
| cve-2025-7719 | 5.3 (v4.0) | Smallworld SWMFS Arbitrary File Ops |
GE Vernova |
Smallworld |
2025-11-07T16:28:03.432Z | 2025-11-07T19:17:44.314Z |
| cve-2025-63785 | N/A | A DOM-based Cross-Site Scripting (XSS) vulnerabil… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T16:33:57.050Z |
| cve-2025-63784 | N/A | An Open Redirect vulnerability exists in the OAut… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T16:13:38.874Z |
| cve-2025-57698 | N/A | AstrBot Project v3.5.22 contains a directory trav… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T16:43:54.572Z |
| cve-2025-3222 | 9.3 (v4.0) | Smallworld SWMFS Improper Authentication |
GE Vernova |
Smallworld |
2025-11-07T16:28:45.217Z | 2025-11-07T19:17:12.529Z |
| cve-2025-12862 | projectworlds Online Notes Sharing Platform userprofil… |
projectworlds |
Online Notes Sharing Platform |
2025-11-07T16:32:06.297Z | 2025-11-07T19:16:42.717Z | |
| cve-2025-63783 | N/A | A Broken Object Level Authorization (BOLA) vulner… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T16:00:11.579Z |
| cve-2025-63691 | N/A | In pig-mesh In Pig version 3.8.2 and below, withi… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T18:49:24.568Z |
| cve-2025-63690 | N/A | In pig-mesh Pig versions 3.8.2 and below, when se… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T18:41:28.538Z |
| cve-2025-63689 | N/A | Multiple SQL injection vulnerabilitites in ycf199… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T15:59:41.661Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-49638 | Malicious code in yanti-keripik24-miaww (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49637 | Malicious code in yanti-keraktelor63-sluey (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49636 | Malicious code in yanti-kentang50-breki (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49635 | Malicious code in yanti-kembang54-sluey (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49634 | Malicious code in yanti-kembang23-sukiwir (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49633 | Malicious code in yanti-kembang20-sluey (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49632 | Malicious code in yanti-jus11-riris (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49631 | Malicious code in yanti-jengkol83-riris (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49630 | Malicious code in yanti-gepuk65-riris (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49629 | Malicious code in yanti-gepuk61-rudi0x (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49628 | Malicious code in yanti-gandul32-ruro (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49627 | Malicious code in yanti-gado-gado53-sukiwir (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49626 | Malicious code in yanti-gado-gado49-ruro (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49625 | Malicious code in yanti-bubursumsum31-pore (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49624 | Malicious code in yanti-buburayam3-sluey (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49623 | Malicious code in yanti-bubur64-sukiwir (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49622 | Malicious code in yanti-bubur12-riris (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49621 | Malicious code in yanti-bubur11-breki (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49620 | Malicious code in yanti-brengkes77-tititugel (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49619 | Malicious code in yanti-bakso25-ruro (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49618 | Malicious code in yanti-bakso16-sukiwir (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49617 | Malicious code in xaver-toge92-breki (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49616 | Malicious code in xaver-tiwul51-sukiwir (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49615 | Malicious code in xaver-tempe51-breki (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49614 | Malicious code in xaver-tempe13-miaww (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49613 | Malicious code in xaver-takokak90-sluey (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49612 | Malicious code in xaver-taiwan4-ruro (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49611 | Malicious code in xaver-soto60-riris (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49610 | Malicious code in xaver-sate14-breki (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| mal-2025-49609 | Malicious code in xaver-sambel36-devapp (npm) | 2025-11-09T18:30:25Z | 2025-11-09T18:30:25Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-1858 | Linux Kernel: Mehrere Schwachstellen | 2025-08-17T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1833 | IBM WebSphere Application Server: Schwachstelle ermöglicht Denial of Service | 2025-08-13T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1830 | http/2 Implementierungen: Schwachstelle ermöglicht Denial of Service | 2025-08-13T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1828 | PAM (linux-pam package): Schwachstelle ermöglicht Erlangen von Administratorrechten | 2025-08-13T22:00:00.000+00:00 | 2025-10-19T22:00:00.000+00:00 |
| wid-sec-w-2025-1785 | Intel Prozessoren: Mehrere Schwachstellen | 2025-08-12T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-1757 | Linux Kernel: Schwachstelle ermöglicht Umgehen von Sicherheitsmechanismen | 2025-08-11T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1754 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-08-10T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1748 | libarchive: Schwachstelle ermöglicht Denial of Service und potenziell Codeausführung | 2025-08-07T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-1732 | Red Hat Enterprise Linux (libxslt): Schwachstelle ermöglicht Codeausführung | 2025-08-06T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1665 | Linux Kernel: Mehrere Schwachstellen | 2025-07-28T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1664 | Python: Schwachstelle ermöglicht Denial of Service | 2025-07-28T22:00:00.000+00:00 | 2025-10-21T22:00:00.000+00:00 |
| wid-sec-w-2025-1656 | Red Hat Enterprise Linux (unbound): Schwachstelle ermöglicht Manipulation von Daten | 2025-07-27T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-1653 | Linux Kernel: Mehrere Schwachstellen | 2025-07-27T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1646 | Red Hat Enterprise Linux (nodejs, perl): Mehrere Schwachstellen | 2025-07-27T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-1637 | GNU libc: Schwachstelle ermöglicht unspezifischen Angriff | 2025-07-23T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1613 | Linux Kernel: Mehrere Schwachstellen | 2025-07-20T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1583 | ffmpeg: Schwachstelle ermöglicht Denial of Service | 2025-07-16T22:00:00.000+00:00 | 2025-10-21T22:00:00.000+00:00 |
| wid-sec-w-2025-1575 | vim (.tar and .zip): Mehrere Schwachstellen ermöglichen Codeausführung | 2025-07-15T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1569 | Oracle Java SE: Mehrere Schwachstellen | 2025-07-15T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-1540 | Apache Commons Lang: Schwachstelle ermöglicht Denial of Service | 2025-07-13T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1526 | GnuTLS: Mehrere Schwachstellen | 2025-07-09T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1522 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-07-09T22:00:00.000+00:00 | 2025-10-21T22:00:00.000+00:00 |
| wid-sec-w-2025-1517 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-07-08T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1502 | AMD Prozessor: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen | 2025-07-08T22:00:00.000+00:00 | 2025-10-21T22:00:00.000+00:00 |
| wid-sec-w-2025-1481 | Linux Kernel: Mehrere Schwachstellen | 2025-07-07T22:00:00.000+00:00 | 2025-10-21T22:00:00.000+00:00 |
| wid-sec-w-2025-1470 | Python (CPython): Schwachstelle ermöglicht Denial of Service | 2025-07-07T22:00:00.000+00:00 | 2025-10-21T22:00:00.000+00:00 |
| wid-sec-w-2025-1465 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-07-06T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1463 | Redis: Mehrere Schwachstellen | 2025-07-06T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1452 | Linux Kernel: Mehrere Schwachstellen | 2025-07-02T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1417 | Linux Kernel: Mehrere Schwachstellen | 2025-06-29T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:19409 | Red Hat Security Advisory: kernel security update | 2025-11-03T03:14:27+00:00 | 2025-11-10T01:30:54+00:00 |
| rhsa-2025:19403 | Red Hat Security Advisory: expat security update | 2025-11-03T02:00:12+00:00 | 2025-11-07T21:45:04+00:00 |
| rhsa-2025:19398 | Red Hat Security Advisory: squid:4 security update | 2025-11-03T01:48:22+00:00 | 2025-11-06T23:42:44+00:00 |
| rhsa-2025:19397 | Red Hat Security Advisory: golang security update | 2025-11-03T01:42:52+00:00 | 2025-11-10T01:32:57+00:00 |
| rhsa-2025:19399 | Red Hat Security Advisory: redis:6 security update | 2025-11-03T01:42:07+00:00 | 2025-11-06T23:42:44+00:00 |
| rhsa-2025:19401 | Red Hat Security Advisory: libssh security update | 2025-11-03T01:40:22+00:00 | 2025-11-06T23:42:49+00:00 |
| rhsa-2025:19400 | Red Hat Security Advisory: libssh security update | 2025-11-03T01:22:57+00:00 | 2025-11-06T23:42:45+00:00 |
| rhsa-2025:19381 | Red Hat Security Advisory: Assisted Installer RHEL 8 components for Multicluster Engine for Kubernetes 2.9.1 | 2025-10-30T18:49:30+00:00 | 2025-11-10T01:32:57+00:00 |
| rhsa-2025:19380 | Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.9.1 | 2025-10-30T18:39:47+00:00 | 2025-11-10T01:32:57+00:00 |
| rhsa-2025:19357 | Red Hat Security Advisory: OpenShift Container Platform 4.16.51 CNF IBU extras update | 2025-10-30T15:22:05+00:00 | 2025-11-06T22:56:40+00:00 |
| rhsa-2025:19356 | Red Hat Security Advisory: OpenShift Container Platform 4.14.57 CNF IBU extras update | 2025-10-30T15:20:42+00:00 | 2025-11-07T00:16:19+00:00 |
| rhsa-2025:19352 | Red Hat Security Advisory: webkitgtk4 security update | 2025-10-30T15:11:28+00:00 | 2025-11-06T23:15:13+00:00 |
| rhsa-2025:19345 | Red Hat Security Advisory: redis:7 security update | 2025-10-30T14:18:20+00:00 | 2025-11-06T23:42:44+00:00 |
| rhsa-2025:19335 | Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes 2.14.1 security update | 2025-10-30T12:58:23+00:00 | 2025-11-10T03:15:25+00:00 |
| rhsa-2025:19332 | Red Hat Security Advisory: multicluster engine for Kubernetes 2.9.1 security update | 2025-10-30T12:27:36+00:00 | 2025-11-10T03:15:25+00:00 |
| rhsa-2025:19318 | Red Hat Security Advisory: redis:6 security update | 2025-10-30T10:22:17+00:00 | 2025-11-06T23:42:44+00:00 |
| rhsa-2025:19041 | Red Hat Security Advisory: OpenShift Container Platform 4.14.58 bug fix and security update | 2025-10-30T05:41:47+00:00 | 2025-11-07T18:35:58+00:00 |
| rhsa-2025:19002 | Red Hat Security Advisory: OpenShift Container Platform 4.20.1 bug fix and security update | 2025-10-30T05:37:07+00:00 | 2025-11-07T18:35:58+00:00 |
| rhsa-2025:19278 | Red Hat Security Advisory: firefox security update | 2025-10-30T04:52:42+00:00 | 2025-11-10T02:21:04+00:00 |
| rhsa-2025:19003 | Red Hat Security Advisory: OpenShift Container Platform 4.20.1 bug fix and security update | 2025-10-30T03:02:15+00:00 | 2025-11-07T00:16:06+00:00 |
| rhsa-2025:19058 | Red Hat Security Advisory: OpenShift Container Platform 4.14.58 bug fix and security update | 2025-10-30T02:38:11+00:00 | 2025-11-07T00:16:11+00:00 |
| rhsa-2025:19277 | Red Hat Security Advisory: squid:4 security update | 2025-10-30T01:37:43+00:00 | 2025-11-06T23:42:42+00:00 |
| rhsa-2025:19276 | Red Hat Security Advisory: libtiff security update | 2025-10-29T23:12:01+00:00 | 2025-11-10T02:22:44+00:00 |
| rhsa-2025:19268 | Red Hat Security Advisory: kernel-rt security update | 2025-10-29T15:15:40+00:00 | 2025-11-06T22:02:27+00:00 |
| rhsa-2025:19239 | Red Hat Security Advisory: redis:6 security update | 2025-10-29T09:46:44+00:00 | 2025-11-06T23:42:42+00:00 |
| rhsa-2025:19237 | Red Hat Security Advisory: redis security update | 2025-10-29T09:45:44+00:00 | 2025-11-06T23:42:41+00:00 |
| rhsa-2025:19238 | Red Hat Security Advisory: redis:6 security update | 2025-10-29T09:38:04+00:00 | 2025-11-06T23:42:42+00:00 |
| rhsa-2025:19046 | Red Hat Security Advisory: OpenShift Container Platform 4.18.27 bug fix and security update | 2025-10-29T09:26:54+00:00 | 2025-11-07T18:35:58+00:00 |
| rhsa-2025:19017 | Red Hat Security Advisory: OpenShift Container Platform 4.16.51 bug fix and security update | 2025-10-29T09:00:32+00:00 | 2025-11-06T22:56:40+00:00 |
| rhsa-2025:19047 | Red Hat Security Advisory: OpenShift Container Platform 4.18.27 bug fix and security update | 2025-10-29T08:31:22+00:00 | 2025-11-06T22:56:43+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-40053 | net: dlink: handle copy_thresh allocation failure | 2025-10-02T00:00:00.000Z | 2025-10-29T01:02:38.000Z |
| msrc_cve-2025-40052 | smb: client: fix crypto buffers in non-linear memory | 2025-10-02T00:00:00.000Z | 2025-10-29T01:02:22.000Z |
| msrc_cve-2025-40051 | vhost: vringh: Modify the return value check | 2025-10-02T00:00:00.000Z | 2025-10-29T01:02:54.000Z |
| msrc_cve-2025-40049 | Squashfs: fix uninit-value in squashfs_get_parent | 2025-10-02T00:00:00.000Z | 2025-10-29T01:04:20.000Z |
| msrc_cve-2025-40048 | uio_hv_generic: Let userspace take care of interrupt mask | 2025-10-02T00:00:00.000Z | 2025-10-29T01:04:10.000Z |
| msrc_cve-2025-40044 | fs: udf: fix OOB read in lengthAllocDescs handling | 2025-10-02T00:00:00.000Z | 2025-10-29T01:02:16.000Z |
| msrc_cve-2025-40043 | net: nfc: nci: Add parameter validation for packet data | 2025-10-02T00:00:00.000Z | 2025-10-29T01:03:54.000Z |
| msrc_cve-2025-40042 | tracing: Fix race condition in kprobe initialization causing NULL pointer dereference | 2025-10-02T00:00:00.000Z | 2025-10-29T01:01:54.000Z |
| msrc_cve-2025-40040 | mm/ksm: fix flag-dropping behavior in ksm_madvise | 2025-10-02T00:00:00.000Z | 2025-10-29T01:03:05.000Z |
| msrc_cve-2025-40039 | ksmbd: Fix race condition in RPC handle list access | 2025-10-02T00:00:00.000Z | 2025-10-29T01:03:59.000Z |
| msrc_cve-2025-40038 | KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid | 2025-10-02T00:00:00.000Z | 2025-10-29T01:01:49.000Z |
| msrc_cve-2025-40036 | misc: fastrpc: fix possible map leak in fastrpc_put_args | 2025-10-02T00:00:00.000Z | 2025-10-29T01:04:04.000Z |
| msrc_cve-2025-40035 | Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak | 2025-10-02T00:00:00.000Z | 2025-10-29T01:02:33.000Z |
| msrc_cve-2025-40033 | remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() | 2025-10-02T00:00:00.000Z | 2025-10-29T01:03:37.000Z |
| msrc_cve-2025-40032 | PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release | 2025-10-02T00:00:00.000Z | 2025-10-29T01:03:26.000Z |
| msrc_cve-2025-40030 | pinctrl: check the return value of pinmux_ops::get_function_name() | 2025-10-02T00:00:00.000Z | 2025-10-29T01:02:27.000Z |
| msrc_cve-2025-40029 | bus: fsl-mc: Check return value of platform_get_resource() | 2025-10-02T00:00:00.000Z | 2025-10-29T01:02:00.000Z |
| msrc_cve-2025-40027 | net/9p: fix double req put in p9_fd_cancelled | 2025-10-02T00:00:00.000Z | 2025-10-29T01:04:34.000Z |
| msrc_cve-2025-40026 | KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O | 2025-10-02T00:00:00.000Z | 2025-10-29T01:03:10.000Z |
| msrc_cve-2025-40025 | f2fs: fix to do sanity check on node footer for non inode dnode | 2025-10-02T00:00:00.000Z | 2025-10-29T01:02:43.000Z |
| msrc_cve-2025-40024 | vhost: Take a reference on the task in struct vhost_task. | 2025-10-02T00:00:00.000Z | 2025-10-26T01:01:14.000Z |
| msrc_cve-2025-40021 | tracing: dynevent: Add a missing lockdown check on dynevent | 2025-10-02T00:00:00.000Z | 2025-10-26T01:01:36.000Z |
| msrc_cve-2025-40020 | can: peak_usb: fix shift-out-of-bounds issue | 2025-10-02T00:00:00.000Z | 2025-10-26T01:01:30.000Z |
| msrc_cve-2025-40019 | crypto: essiv - Check ssize for decryption and in-place encryption | 2025-10-02T00:00:00.000Z | 2025-10-25T14:01:24.000Z |
| msrc_cve-2025-40018 | ipvs: Defer ip_vs_ftp unregister during netns cleanup | 2025-10-02T00:00:00.000Z | 2025-10-25T14:01:29.000Z |
| msrc_cve-2025-40016 | media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID | 2025-10-02T00:00:00.000Z | 2025-10-22T01:01:25.000Z |
| msrc_cve-2025-40013 | ASoC: qcom: audioreach: fix potential null pointer dereference | 2025-10-02T00:00:00.000Z | 2025-10-22T01:01:20.000Z |
| msrc_cve-2025-40011 | drm/gma500: Fix null dereference in hdmi teardown | 2025-10-02T00:00:00.000Z | 2025-10-22T01:01:36.000Z |
| msrc_cve-2025-40010 | afs: Fix potential null pointer dereference in afs_put_server | 2025-10-02T00:00:00.000Z | 2025-10-22T01:01:41.000Z |
| msrc_cve-2025-40005 | spi: cadence-quadspi: Implement refcount to handle unbind during busy | 2025-10-02T00:00:00.000Z | 2025-10-22T01:01:31.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-000041 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2025-06-24T14:50+09:00 | 2025-06-24T14:50+09:00 |
| jvndb-2025-007390 | Trend Micro Internet Security and Trend Micro Maximum Security vulnerable to link following local privilege escalation (CVE-2025-49384, CVE-2025-49385) | 2025-06-24T11:18+09:00 | 2025-06-24T11:18+09:00 |
| jvndb-2025-000040 | KCM3100 vulnerable to authentication bypass using an alternate path or channel | 2025-06-18T13:42+09:00 | 2025-06-18T13:42+09:00 |
| jvndb-2025-000039 | Multiple vulnerabilities in RICOH Streamline NX PC Client | 2025-06-13T16:09+09:00 | 2025-06-13T16:09+09:00 |
| jvndb-2025-000038 | UpdateNavi vulnerable to improper restriction of communication channel to intended endpoints | 2025-06-12T15:56+09:00 | 2025-06-12T15:56+09:00 |
| jvndb-2025-000037 | Multiple surveillance cameras provided by i-PRO Co., Ltd. vulnerable to cross-site request forgery | 2025-06-06T13:56+09:00 | 2025-06-06T13:56+09:00 |
| jvndb-2025-000036 | TimeWorks vulnerable to path traversal | 2025-06-03T15:35+09:00 | 2025-06-03T15:35+09:00 |
| jvndb-2025-000035 | Improper file access permission settings in PC Time Tracer | 2025-06-03T14:40+09:00 | 2025-06-03T14:40+09:00 |
| jvndb-2025-000034 | Multiple vulnerabilities in wivia 5 | 2025-05-30T15:57+09:00 | 2025-05-30T15:57+09:00 |
| jvndb-2025-000032 | Mailform Pro CGI generating error messages containing sensitive information | 2025-05-26T14:22+09:00 | 2025-05-26T14:22+09:00 |
| jvndb-2025-000033 | Improper pattern file validation in i-FILTER optional feature 'Anti-Virus & Sandbox' | 2025-05-23T15:36+09:00 | 2025-05-23T15:36+09:00 |
| jvndb-2025-005467 | Passback vulnerabilities in Canon Production Printers, Office/Small Office Multifunction Printers, and Laser Printers | 2025-05-22T15:03+09:00 | 2025-05-22T15:03+09:00 |
| jvndb-2025-005107 | Multiple vulnerabilities in V-SFT | 2025-05-16T14:32+09:00 | 2025-05-16T14:32+09:00 |
| jvndb-2025-005057 | Multiple vulnerabilities in I-O DATA network attached hard disk 'HDL-T Series' | 2025-05-15T18:27+09:00 | 2025-05-15T18:27+09:00 |
| jvndb-2025-005050 | Multiple vulnerabilities in a-blog cms | 2025-05-15T18:11+09:00 | 2025-05-15T18:11+09:00 |
| jvndb-2025-000031 | Pgpool-II vulnerable to authentication bypass by primary weakness | 2025-05-15T16:14+09:00 | 2025-05-15T16:14+09:00 |
| jvndb-2025-004863 | Panasonic IR Control Hub vulnerable to Unauthorised firmware loading | 2025-05-14T11:30+09:00 | 2025-05-14T11:30+09:00 |
| jvndb-2025-000030 | Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor | 2025-05-12T18:00+09:00 | 2025-07-17T10:06+09:00 |
| jvndb-2025-004671 | Multiple vulnerabilities in GL-MT2500 and GL-MT2500A | 2025-05-12T17:52+09:00 | 2025-05-12T17:52+09:00 |
| jvndb-2025-004079 | Improper access permission settings in multiple SEIKO EPSON printer drivers for Windows OS | 2025-04-30T11:46+09:00 | 2025-04-30T11:46+09:00 |
| jvndb-2025-004076 | Security Update for Trend Micro Trend Vision One (April 2025) | 2025-04-30T10:38+09:00 | 2025-04-30T10:38+09:00 |
| jvndb-2025-000029 | Multiple vulnerabilities in Quick Agent | 2025-04-25T13:49+09:00 | 2025-04-25T13:49+09:00 |
| jvndb-2025-000028 | i-PRO Configuration Tool vulnerable to use of hard-coded cryptographic key | 2025-04-24T13:50+09:00 | 2025-04-24T13:50+09:00 |
| jvndb-2025-000027 | Active! mail vulnerable to stack-based buffer overflow | 2025-04-18T16:50+09:00 | 2025-04-18T16:50+09:00 |
| jvndb-2025-003213 | TP-Link Deco BE65 Pro vulnerable to OS command injection | 2025-04-11T13:52+09:00 | 2025-04-11T13:52+09:00 |
| jvndb-2025-000026 | Multiple vulnerabilities in BizRobo! | 2025-04-10T15:36+09:00 | 2025-04-10T15:36+09:00 |
| jvndb-2025-003091 | Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (April 2025) | 2025-04-09T14:55+09:00 | 2025-04-09T14:55+09:00 |
| jvndb-2025-002990 | Multiple vulnerabilities in Inaba Denki Sangyo Wi-Fi AP UNIT 'AC-WPS-11ac series' | 2025-04-07T17:44+09:00 | 2025-04-07T17:44+09:00 |
| jvndb-2025-000025 | WinRAR vulnerable to the symbolic link based "Mark of the Web" check bypass | 2025-04-03T12:29+09:00 | 2025-04-03T12:29+09:00 |
| jvndb-2025-000022 | Multiple vulnerabilities in JTEKT ELECTRONICS CORPORATION's products | 2025-04-02T15:12+09:00 | 2025-04-02T15:12+09:00 |
| ID | Description | Updated |
|---|