Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-rqj4-c9gx-xx38 | The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable… | 2025-11-01T09:30:17Z | 2025-11-01T09:30:17Z |
| ghsa-rh5q-2gvc-hr3m | The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account … | 2025-11-01T09:30:17Z | 2025-11-01T09:30:17Z |
| ghsa-h4p8-hmx2-hvxv | The kallyas theme for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plu… | 2025-11-01T09:30:17Z | 2025-11-01T09:30:17Z |
| ghsa-4q33-hxxp-g76m | The RESTful Content Syndication plugin for WordPress is vulnerable to arbitrary file uploads due to… | 2025-11-01T09:30:17Z | 2025-11-01T09:30:17Z |
| ghsa-2cxc-vpf5-w9j6 | The kallyas theme for WordPress is vulnerable to Remote Code Execution in all versions up to, and i… | 2025-11-01T09:30:17Z | 2025-11-01T09:30:17Z |
| ghsa-qpfm-wcw2-8hxv | The WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for WordPres… | 2025-11-01T09:30:16Z | 2025-11-01T09:30:16Z |
| ghsa-fj2x-6xr5-v7vj | The Advanced Ads – Ad Manager & AdSense plugin for WordPress is vulnerable to Remote Code Execution… | 2025-11-01T09:30:16Z | 2025-11-01T09:30:16Z |
| ghsa-7rvf-4g93-mh6x | The Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent plugin for WordPr… | 2025-11-01T09:30:16Z | 2025-11-01T09:30:16Z |
| ghsa-x3vr-5276-4vwg | The Employee Spotlight – Team Member Showcase & Meet the Team Plugin plugin for WordPress is vulner… | 2025-11-01T06:30:36Z | 2025-11-01T06:30:36Z |
| ghsa-wf5q-4vh3-9chv | The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the Subscriptions Manager … | 2025-11-01T06:30:36Z | 2025-11-01T06:30:36Z |
| ghsa-qjwx-pxp7-6ccp | The Qi Blocks plugin for WordPress is vulnerable to Missing Authorization in all versions up to, an… | 2025-11-01T06:30:36Z | 2025-11-01T06:30:36Z |
| ghsa-hr62-g3v7-mq7g | The Schema Scalpel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post t… | 2025-11-01T06:30:36Z | 2025-11-01T06:30:36Z |
| ghsa-95h8-w3mv-h4hq | The WP Discourse plugin for WordPress is vulnerable to Information Exposure in all versions up to, … | 2025-11-01T06:30:36Z | 2025-11-01T06:30:36Z |
| ghsa-4pfx-fh23-xm3w | The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site S… | 2025-11-01T06:30:36Z | 2025-11-01T06:30:36Z |
| ghsa-4gj5-pmgw-233c | The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account … | 2025-11-01T06:30:36Z | 2025-11-01T06:30:36Z |
| ghsa-25vq-xhx7-64q5 | The Folderly plugin for WordPress is vulnerable to unauthorized modification of data due to an insu… | 2025-11-01T06:30:36Z | 2025-11-01T06:30:36Z |
| ghsa-mjg8-w6j8-9hcc | The Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App plugin for WordP… | 2025-11-01T06:30:35Z | 2025-11-01T06:30:35Z |
| ghsa-gx4w-f9jp-mv56 | The List category posts plugin for WordPress is vulnerable to Information Exposure in all versions … | 2025-11-01T06:30:35Z | 2025-11-01T06:30:35Z |
| ghsa-f2cq-gqfx-m35m | The CSS & JavaScript Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via … | 2025-11-01T06:30:35Z | 2025-11-01T06:30:35Z |
| ghsa-9cx9-23hh-j484 | The Community Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via event de… | 2025-11-01T06:30:35Z | 2025-11-01T06:30:35Z |
| ghsa-69r8-298v-gc69 | The Flying Images: Optimize and Lazy Load Images for Faster Page Speed plugin for WordPress is vuln… | 2025-11-01T06:30:35Z | 2025-11-01T06:30:35Z |
| ghsa-4xxr-8wrg-pjgr | The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Missing Authorization in version… | 2025-11-01T06:30:35Z | 2025-11-01T06:30:35Z |
| ghsa-xf7m-v66q-76w8 | Liferay Portal and DXP do not check permissions of images in a blog entry | 2025-11-01T03:30:24Z | 2025-11-03T21:06:57Z |
| ghsa-pjq2-4h9c-99m5 | The WPCOM Member plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, … | 2025-11-01T03:30:23Z | 2025-11-01T03:30:23Z |
| ghsa-hvvw-vfw3-rmrq | The Inactive Logout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ina_… | 2025-11-01T03:30:23Z | 2025-11-01T03:30:23Z |
| ghsa-cq4p-v24g-p55q | The Document Library Lite plugin for WordPress is vulnerable to Improper Authorization in all versi… | 2025-11-01T03:30:23Z | 2025-11-01T03:30:23Z |
| ghsa-4jmj-6pw4-g738 | The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin… | 2025-11-01T03:30:23Z | 2025-11-01T03:30:23Z |
| ghsa-6533-fhr2-f38h | Liferay Portal and DXP use an incorrect cache-control header | 2025-11-01T00:30:27Z | 2025-11-03T20:26:10Z |
| ghsa-59fq-gggw-pqjr | A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding shor… | 2025-11-01T00:30:26Z | 2025-11-01T00:30:26Z |
| ghsa-v97f-7x7p-g6cq | When SmartStart Inclusion fails during the onboarding of a Z-Wave PIR sensor, the sensor will join … | 2025-10-31T21:31:03Z | 2025-10-31T21:31:03Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-8900 | Doccure Core < 1.5.4 - Unauthenticated Privilege Escalation |
dreamstechnologies |
Doccure Core |
2025-11-03T14:26:38.140Z | 2025-11-03T14:42:18.817Z | |
| cve-2025-64294 | 5.3 (v3.1) | WordPress WP Snow Effect plugin <= 1.1.15 - Broken Acc… |
d3wp |
WP Snow Effect |
2025-11-03T13:09:39.398Z | 2025-11-13T10:33:49.360Z |
| cve-2025-12626 | jeecgboot jeewx-boot WxActGoldeneggsPrizesController.j… |
jeecgboot |
jeewx-boot |
2025-11-03T13:02:06.078Z | 2025-11-03T14:08:09.907Z | |
| cve-2025-40107 | N/A | can: hi311x: fix null pointer dereference when resumin… |
Linux |
Linux |
2025-11-03T12:15:12.587Z | 2025-11-03T12:15:12.587Z |
| cve-2025-0987 | 9.9 (v3.1) | IDOR in CB Project's CVLand |
CB Project Ltd. Co. |
CVLand |
2025-11-03T11:51:14.209Z | 2025-11-03T13:29:13.791Z |
| cve-2025-48397 | 7.1 (v3.1) | The privileged user could log in without sufficie… |
Eaton |
Eaton Brightlayer Software Suite (BLSS) |
2025-11-03T08:28:53.084Z | 2025-11-03T15:48:09.729Z |
| cve-2025-12623 | fushengqian fuint Authentication Token ClientSignContr… |
fushengqian |
fuint |
2025-11-03T08:02:05.877Z | 2025-11-03T13:07:17.008Z | |
| cve-2025-48396 | 8.3 (v3.1) | Arbitrary code execution is possible due to impro… |
Eaton |
Eaton Brightlayer Software Suite (BLSS) |
2025-11-03T07:57:22.765Z | 2025-11-04T10:44:25.658Z |
| cve-2025-12622 | Tenda AC10 SysRunCmd formSysRunCmd buffer overflow |
Tenda |
AC10 |
2025-11-03T07:32:13.624Z | 2025-11-03T16:06:54.102Z | |
| cve-2025-12619 | Tenda A15 openNetworkGateway fromSetWirelessRepeat buf… |
Tenda |
A15 |
2025-11-03T07:02:11.692Z | 2025-11-03T16:06:25.502Z | |
| cve-2025-12503 | 7.1 (v4.0) 6.5 (v3.1) | Digiwin|EasyFlow .NET and EasyFlow AiNet |
Digiwin |
EasyFlow .NET |
2025-11-03T06:51:55.994Z | 2025-11-03T13:48:19.281Z |
| cve-2025-12618 | Tenda AC8 DatabaseIniSet buffer overflow |
Tenda |
AC8 |
2025-11-03T06:32:13.198Z | 2025-11-03T06:32:13.198Z | |
| cve-2025-12617 | itsourcecode Billing System login_crud.php sql injection |
itsourcecode |
Billing System |
2025-11-03T04:32:08.832Z | 2025-11-03T16:08:24.049Z | |
| cve-2025-12616 | PHPGurukul News Portal settings.py insertion of sensit… |
PHPGurukul |
News Portal |
2025-11-03T04:02:06.308Z | 2025-11-03T20:34:35.281Z | |
| cve-2025-12615 | PHPGurukul News Portal settings.py hard-coded key |
PHPGurukul |
News Portal |
2025-11-03T03:32:06.859Z | 2025-11-03T20:35:20.857Z | |
| cve-2025-12614 | SourceCodester Best House Rental Management System adm… |
SourceCodester |
Best House Rental Management System |
2025-11-03T03:02:06.312Z | 2025-11-03T14:04:22.875Z | |
| cve-2025-12612 | Campcodes School Fees Payment Management System ajax.p… |
Campcodes |
School Fees Payment Management System |
2025-11-03T02:32:06.745Z | 2025-11-12T12:37:26.335Z | |
| cve-2025-12611 | Tenda AC21 SetPptpServerCfg formSetPPTPServer buffer o… |
Tenda |
AC21 |
2025-11-03T02:02:09.734Z | 2025-11-03T14:26:36.736Z | |
| cve-2025-12610 | CodeAstro Gym Management System view-progress-report.p… |
CodeAstro |
Gym Management System |
2025-11-03T01:32:06.052Z | 2025-11-03T14:40:24.631Z | |
| cve-2025-12609 | CodeAstro Gym Management System update-progress.php sq… |
CodeAstro |
Gym Management System |
2025-11-03T01:02:06.847Z | 2025-11-03T14:57:00.643Z | |
| cve-2025-12608 | itsourcecode Online Loan Management System manage_user… |
itsourcecode |
Online Loan Management System |
2025-11-03T00:32:06.062Z | 2025-11-03T15:00:44.154Z | |
| cve-2025-12607 | itsourcecode Online Loan Management System manage_paym… |
itsourcecode |
Online Loan Management System |
2025-11-03T00:02:07.039Z | 2025-11-03T14:14:23.841Z | |
| cve-2025-63593 | N/A | Grav CMS1.7.49.5 is vulnerable to Cross Site Scri… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-06T21:23:51.993Z |
| cve-2025-63453 | N/A | Car-Booking-System-PHP v.1.0 is vulnerable to SQL… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-04T15:17:10.366Z |
| cve-2025-63452 | N/A | Car-Booking-System-PHP v.1.0 is vulnerable to SQL… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T18:22:36.129Z |
| cve-2025-63451 | N/A | Car-Booking-System-PHP v.1.0 is vulnerable to SQL… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T16:21:56.583Z |
| cve-2025-63450 | N/A | Car-Booking-System-PHP v.1.0 is vulnerable to Cro… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T15:59:08.257Z |
| cve-2025-63449 | N/A | Water Management System v1.0 is vulnerable to Cro… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T15:46:02.916Z |
| cve-2025-63448 | N/A | Water Management System v1.0 is vulnerable to Cro… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T15:36:31.559Z |
| cve-2025-63447 | N/A | Water Management System v1.0 is vulnerable to Cro… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T15:40:14.731Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-63593 | N/A | Grav CMS1.7.49.5 is vulnerable to Cross Site Scri… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-06T21:23:51.993Z |
| cve-2025-50735 | N/A | Directory traversal vulnerability in NextChat thr… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T20:11:16.719Z |
| cve-2025-12642 | 6.9 (v4.0) | HTTP Header Smuggling via Trailer Merge |
lighttpd |
lighttpd |
2025-11-03T19:36:17.011Z | 2025-11-03T19:44:09.174Z |
| cve-2025-12531 | 7.1 (v3.1) | IBM InfoSphere Information Server is affected by an XM… |
IBM |
InfoSphere Information Server |
2025-11-03T19:47:40.992Z | 2025-11-03T20:15:28.986Z |
| cve-2025-8558 | 2.3 (v4.0) | Insider Threat Management (ITM) Server versions p… |
Proofpoint |
Insider Threat Management (ITM) Server |
2025-11-03T18:40:03.946Z | 2025-11-03T19:03:11.645Z |
| cve-2025-45959 | N/A | {'providerMetadata': {'orgId': '8254265b-2729-46b6-b9e3-3dfca2d5bfca', 'shortName': 'mitre', 'dateUpdated': '2025-11-03T17:14:46.533Z'}, 'rejectedReasons': [{'lang': 'en', 'value': 'DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.'}]} | N/A | N/A | 2025-11-03T17:14:46.533Z | |
| cve-2025-63441 | N/A | Open Source Social Network (OSSN) 8.6 is vulnerab… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T18:14:49.817Z |
| cve-2025-50363 | N/A | Phpgurukul Maid Hiring Management System 1.0 is v… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T18:33:15.550Z |
| cve-2025-12463 | 9.8 (v3.1) | Unauthenticated SQL Injection in Guetebruck G-Cam Seri… |
Guetebruck |
G-Cam |
2025-11-03T16:45:39.423Z | 2025-11-03T20:51:37.271Z |
| cve-2025-11953 | 9.8 (v3.1) | Command injection in React Native Community CLI allows… |
|
|
2025-11-03T16:35:07.168Z | 2025-11-11T17:06:16.919Z |
| cve-2025-10280 | 7.1 (v3.1) | Incorrect Content Type Cross-Site Scripting Vulnerability |
SailPoint Technologies |
IdentityIQ |
2025-11-03T16:35:56.241Z | 2025-11-06T20:45:31.741Z |
| cve-2025-63453 | N/A | Car-Booking-System-PHP v.1.0 is vulnerable to SQL… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-04T15:17:10.366Z |
| cve-2025-63452 | N/A | Car-Booking-System-PHP v.1.0 is vulnerable to SQL… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T18:22:36.129Z |
| cve-2025-63451 | N/A | Car-Booking-System-PHP v.1.0 is vulnerable to SQL… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T16:21:56.583Z |
| cve-2025-63450 | N/A | Car-Booking-System-PHP v.1.0 is vulnerable to Cro… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T15:59:08.257Z |
| cve-2025-63449 | N/A | Water Management System v1.0 is vulnerable to Cro… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T15:46:02.916Z |
| cve-2025-63448 | N/A | Water Management System v1.0 is vulnerable to Cro… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T15:36:31.559Z |
| cve-2025-63447 | N/A | Water Management System v1.0 is vulnerable to Cro… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T15:40:14.731Z |
| cve-2025-63446 | N/A | Water Management System v1.0 is vulnerable to Cro… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T15:41:54.899Z |
| cve-2025-60785 | N/A | A remote code execution (RCE) vulnerability in th… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-04T15:14:25.905Z |
| cve-2025-60503 | N/A | A cross-site scripting (XSS) vulnerability exists… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T16:35:11.605Z |
| cve-2025-36093 | 4.8 (v3.1) | security vulnerabilities are addressed with IBM Busine… |
IBM |
Cloud Pak For Business Automation |
2025-11-03T15:54:30.869Z | 2025-11-03T16:25:26.455Z |
| cve-2025-36092 | 6.5 (v3.1) | IBM Business Automation Insights improper input validation |
IBM |
Cloud Pak For Business Automation |
2025-11-03T15:15:43.546Z | 2025-11-03T15:35:59.011Z |
| cve-2025-36091 | 4.3 (v3.1) | IBM Business Automation Insights unverified ownership |
IBM |
Cloud Pak For Business Automation |
2025-11-03T15:14:02.557Z | 2025-11-03T15:37:32.628Z |
| cve-2025-11761 | 8.5 (v4.0) | HP Client Management Script Library – Security Update |
HP Inc |
HP Client Management Script Library |
2025-11-03T15:13:39.263Z | 2025-11-04T04:55:15.307Z |
| cve-2025-8900 | Doccure Core < 1.5.4 - Unauthenticated Privilege Escalation |
dreamstechnologies |
Doccure Core |
2025-11-03T14:26:38.140Z | 2025-11-03T14:42:18.817Z | |
| cve-2025-63443 | N/A | School Management System PHP v1.0 is vulnerable t… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T15:27:54.185Z |
| cve-2025-63442 | N/A | Simple User Management System with PHP-MySQL v1.0… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T15:34:39.978Z |
| cve-2025-60892 | N/A | An issue in Raspberry Pi Imager version 1.9.6 for… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T21:00:06.573Z |
| cve-2025-45663 | N/A | An issue in NetSurf v3.11 causes the application … |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-04T16:51:18.960Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-188962 | Malicious code in publish-xanthus-cypress-redis (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188961 | Malicious code in publish-webdriverio-event-capella (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188960 | Malicious code in publish-vuepress-sails-foundation (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188959 | Malicious code in publish-thermosphere-native-cosmochemistry (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188958 | Malicious code in publish-superagent-rollup-plugin-commitlint (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188957 | Malicious code in publish-sadr-event-readable (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188956 | Malicious code in publish-proxima-glaciology-kinetic (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188955 | Malicious code in publish-prettier-stylelint-seismology-cors (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188954 | Malicious code in publish-postcss-loader-achernar-hermes (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188953 | Malicious code in publish-oscillation-astrochemistry-spectron (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188952 | Malicious code in publish-nova-helios-restart (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188951 | Malicious code in publish-magellan-magnetosphere-paleomagnetism (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188950 | Malicious code in publish-magellan-loop-puppeteer (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188949 | Malicious code in publish-json-solis-apollo (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188948 | Malicious code in publish-jest-sadr-prettier-plugin-markdown (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188947 | Malicious code in publish-ichnology-eslint-config-luna (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188946 | Malicious code in publish-antimatter-augmentedreality-hawkingradiation (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188945 | Malicious code in publish-alphard-convict-halley (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188944 | Malicious code in publish-airbnb-changelog-archaeoastronomy (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188943 | Malicious code in publish-adonis-asteroid-acamar (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188942 | Malicious code in public-process-wind-debug-view (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188941 | Malicious code in public-perseus-zenith-blitz (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188940 | Malicious code in public-mechatronics-polaris-seismology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188939 | Malicious code in public-jovian-solarnebula-lacerta (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188938 | Malicious code in public-gacrux-jsonp-sirius (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188937 | Malicious code in public-final-iota-upsilon-array (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188936 | Malicious code in public-eclipse-wavefunction-entanglement (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188935 | Malicious code in public-dog-secure-user-omega (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188934 | Malicious code in public-bundle-class-iota-thread (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188933 | Malicious code in public-auth-hermes-command (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:9304 | Red Hat Security Advisory: xorg-x11-server-Xwayland security update | 2025-06-23T01:31:41+00:00 | 2025-11-11T10:13:32+00:00 |
| rhsa-2025:9302 | Red Hat Security Advisory: kernel security update | 2025-06-23T01:11:47+00:00 | 2025-11-11T08:48:06+00:00 |
| rhsa-2024:11038 | Red Hat Security Advisory: OpenShift Container Platform 4.19.0 bug fix and security update | 2025-06-17T16:44:54+00:00 | 2025-11-13T10:48:47+00:00 |
| rhsa-2024:11037 | Red Hat Security Advisory: OpenShift Container Platform 4.19.0 security and extras update | 2025-06-17T16:07:37+00:00 | 2025-11-13T10:48:43+00:00 |
| rhsa-2025:9177 | Red Hat Security Advisory: git-lfs security update | 2025-06-17T15:35:47+00:00 | 2025-11-11T20:40:00+00:00 |
| rhsa-2025:9206 | Red Hat Security Advisory: grafana-pcp security update | 2025-06-17T15:20:52+00:00 | 2025-11-11T20:40:01+00:00 |
| rhsa-2025:9207 | Red Hat Security Advisory: grafana security update | 2025-06-17T15:20:32+00:00 | 2025-11-11T20:40:02+00:00 |
| rhsa-2025:9205 | Red Hat Security Advisory: git-lfs security update | 2025-06-17T15:17:28+00:00 | 2025-11-11T20:40:01+00:00 |
| rhsa-2025:9199 | Red Hat Security Advisory: git-lfs security update | 2025-06-17T15:09:08+00:00 | 2025-11-11T20:40:00+00:00 |
| rhsa-2025:9188 | Red Hat Security Advisory: idm:DL1 security update | 2025-06-17T15:01:07+00:00 | 2025-11-06T23:15:44+00:00 |
| rhsa-2025:9192 | Red Hat Security Advisory: idm:DL1 security update | 2025-06-17T14:58:28+00:00 | 2025-11-06T23:15:46+00:00 |
| rhsa-2025:9200 | Red Hat Security Advisory: git-lfs security update | 2025-06-17T14:55:32+00:00 | 2025-11-11T20:40:00+00:00 |
| rhsa-2025:9186 | Red Hat Security Advisory: ipa security update | 2025-06-17T14:53:26+00:00 | 2025-11-06T23:15:43+00:00 |
| rhsa-2025:9190 | Red Hat Security Advisory: ipa security update | 2025-06-17T14:50:52+00:00 | 2025-11-06T23:15:44+00:00 |
| rhsa-2025:9184 | Red Hat Security Advisory: ipa security update | 2025-06-17T14:43:07+00:00 | 2025-11-06T23:15:42+00:00 |
| rhsa-2025:9191 | Red Hat Security Advisory: idm:DL1 security update | 2025-06-17T14:40:47+00:00 | 2025-11-06T23:15:44+00:00 |
| rhsa-2025:9187 | Red Hat Security Advisory: ipa security update | 2025-06-17T14:29:43+00:00 | 2025-11-06T23:15:44+00:00 |
| rhsa-2025:9189 | Red Hat Security Advisory: ipa security update | 2025-06-17T14:29:12+00:00 | 2025-11-06T23:15:44+00:00 |
| rhsa-2025:9194 | Red Hat Security Advisory: idm:DL1 security update | 2025-06-17T14:23:58+00:00 | 2025-11-06T23:15:45+00:00 |
| rhsa-2025:9193 | Red Hat Security Advisory: idm:client security update | 2025-06-17T14:22:52+00:00 | 2025-11-06T23:15:45+00:00 |
| rhsa-2025:9185 | Red Hat Security Advisory: ipa security update | 2025-06-17T14:01:53+00:00 | 2025-11-06T23:15:43+00:00 |
| rhsa-2025:9179 | Red Hat Security Advisory: libsoup security update | 2025-06-17T12:08:43+00:00 | 2025-11-06T23:15:42+00:00 |
| rhsa-2025:9178 | Red Hat Security Advisory: kea security update | 2025-06-17T11:30:12+00:00 | 2025-11-11T09:29:57+00:00 |
| rhsa-2025:9172 | Red Hat Security Advisory: go-toolset:rhel8 security update | 2025-06-17T10:43:01+00:00 | 2025-11-11T20:39:59+00:00 |
| rhsa-2025:9167 | Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.6.0 release | 2025-06-17T09:27:34+00:00 | 2025-11-11T16:21:59+00:00 |
| rhsa-2025:9165 | Red Hat Security Advisory: gimp:2.8 security update | 2025-06-17T09:15:46+00:00 | 2025-11-06T23:43:07+00:00 |
| rhsa-2025:9166 | Red Hat Security Advisory: apache-commons-beanutils security update | 2025-06-17T09:07:56+00:00 | 2025-11-11T16:22:13+00:00 |
| rhsa-2025:9162 | Red Hat Security Advisory: gimp security update | 2025-06-17T09:03:12+00:00 | 2025-11-06T23:43:07+00:00 |
| rhsa-2025:9156 | Red Hat Security Advisory: golang-github-openprinting-ipp-usb security update | 2025-06-17T07:33:41+00:00 | 2025-11-11T20:39:59+00:00 |
| rhsa-2025:9155 | Red Hat Security Advisory: firefox security update | 2025-06-17T07:14:41+00:00 | 2025-11-06T23:43:07+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-21937 | Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() | 2025-04-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21936 | Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() | 2025-04-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21934 | rapidio: fix an API misues when rio_add_net() fails | 2025-04-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21931 | hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio | 2025-04-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-21928 | HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() | 2025-04-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21927 | nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() | 2025-04-02T00:00:00.000Z | 2025-09-04T01:20:13.000Z |
| msrc_cve-2025-21923 | HID: hid-steam: Fix use-after-free when detaching device | 2025-04-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21922 | ppp: Fix KMSAN uninit-value warning with bpf | 2025-04-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21920 | vlan: enforce underlying device type | 2025-04-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21919 | sched/fair: Fix potential memory corruption in child_cfs_rq_on_list | 2025-04-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21918 | usb: typec: ucsi: Fix NULL pointer access | 2025-04-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21917 | usb: renesas_usbhs: Flush the notify_hotplug_work | 2025-04-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21915 | cdx: Fix possible UAF error in driver_override_show() | 2025-04-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21912 | gpio: rcar: Use raw_spinlock to protect register access | 2025-04-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21908 | NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback | 2025-04-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21905 | wifi: iwlwifi: limit printed string from FW file | 2025-04-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21904 | caif_virtio: fix wrong pointer check in cfv_probe() | 2025-04-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21898 | ftrace: Avoid potential division by zero in function_stat_show() | 2025-04-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21605 | Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client | 2025-04-02T00:00:00.000Z | 2025-04-29T00:00:00.000Z |
| msrc_cve-2025-21585 | Vulnerability in the MySQL Server product of Oracle MySQL | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-21584 | Vulnerability in the MySQL Server product of Oracle MySQL | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-21581 | Vulnerability in the MySQL Server product of Oracle MySQL | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-21580 | Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-21579 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-21577 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB) | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-21575 | Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-21574 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | 2025-04-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2024-58251 | In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up) when netstat is used by a victim. | 2025-04-02T00:00:00.000Z | 2025-09-04T03:56:51.000Z |
| msrc_cve-2024-58097 | wifi: ath11k: fix RCU stall while reaping monitor destination ring | 2025-04-02T00:00:00.000Z | 2025-09-03T22:44:27.000Z |
| msrc_cve-2024-58096 | wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode | 2025-04-02T00:00:00.000Z | 2025-09-04T02:05:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2016-000242 | Sleipnir for Mac vulnerable to URL spoofing | 2016-12-07T14:44+09:00 | 2018-01-17T11:48+09:00 |
| jvndb-2016-002331 | ManageEngine Password Manager Pro fails to restrict access permissions | 2016-12-05T15:02+09:00 | 2016-12-05T15:02+09:00 |
| jvndb-2016-002298 | Keitai Kit for Movable Type vulnerable to OS command injection | 2016-12-05T15:02+09:00 | 2016-12-05T15:02+09:00 |
| jvndb-2016-006038 | Multiple SONY network cameras vulnerable to sensitive information disclosure | 2016-12-05T14:33+09:00 | 2017-05-23T14:28+09:00 |
| jvndb-2016-003380 | ManageEngine Password Manager Pro vulnerable to cross-site request forgery | 2016-12-05T14:32+09:00 | 2017-05-23T16:23+09:00 |
| jvndb-2016-002299 | SaAT Netizen fails to properly verify downloaded installation and update files | 2016-12-05T13:52+09:00 | 2024-06-27T13:59+09:00 |
| jvndb-2016-000241 | WNC01WH vulnerable to directory traversal due to an issue in processing POST request | 2016-12-02T14:46+09:00 | 2017-11-27T17:11+09:00 |
| jvndb-2016-000240 | WNC01WH vulnerable to directory traversal due to an issue in processing commands | 2016-12-02T14:45+09:00 | 2017-11-27T16:27+09:00 |
| jvndb-2016-000239 | WNC01WH vulnerable to enabling debug option | 2016-12-02T14:44+09:00 | 2017-11-27T16:27+09:00 |
| jvndb-2016-000238 | WNC01WH vulnerable to stored cross-site scripting | 2016-12-02T14:43+09:00 | 2017-11-27T16:27+09:00 |
| jvndb-2016-000237 | WNC01WH vulnerable to cross-site request forgery | 2016-12-02T14:43+09:00 | 2017-11-27T16:27+09:00 |
| jvndb-2016-000236 | WNC01WH vulnerable to denial-of-service (DoS) | 2016-12-02T14:43+09:00 | 2017-11-27T16:27+09:00 |
| jvndb-2016-000233 | The installers of multiple Japan Pension Service software may insecurely load Dynamic Link Libraries | 2016-12-01T13:40+09:00 | 2018-01-17T13:54+09:00 |
| jvndb-2016-000235 | Multiple I-O DATA network camera products vulnerable to buffer overflow | 2016-11-30T15:17+09:00 | 2018-01-17T11:48+09:00 |
| jvndb-2016-000234 | Multiple I-O DATA network camera products vulnerable to OS command injection | 2016-11-30T15:17+09:00 | 2018-01-17T11:52+09:00 |
| jvndb-2016-000231 | kintone mobile for Android fails to verify SSL server certificates | 2016-11-28T13:47+09:00 | 2018-01-17T12:34+09:00 |
| jvndb-2016-000232 | Simple keitai chat vulnerable to cross-site scripting | 2016-11-25T13:54+09:00 | 2018-01-17T11:57+09:00 |
| jvndb-2016-000220 | DERAEMON-CMS vulnerable to cross-site scripting | 2016-11-15T13:41+09:00 | 2018-01-17T12:09+09:00 |
| jvndb-2016-000219 | CG-WLR300NX fails to restrict access permissions | 2016-11-11T14:50+09:00 | 2018-01-17T12:09+09:00 |
| jvndb-2016-000218 | CG-WLR300NX vulnerable to cross-site scripting | 2016-11-11T14:49+09:00 | 2018-01-17T12:18+09:00 |
| jvndb-2016-000217 | CG-WLR300NX vulnerable to cross-site request forgery | 2016-11-11T14:49+09:00 | 2018-01-17T12:18+09:00 |
| jvndb-2016-000216 | Multiple Corega wireless LAN routers vulnerable to cross-site scripting | 2016-11-11T14:45+09:00 | 2017-11-27T16:42+09:00 |
| jvndb-2016-000221 | Multiple I-O DATA network camera products vulnerable to information disclosure | 2016-11-11T13:51+09:00 | 2018-01-17T12:02+09:00 |
| jvndb-2016-005655 | Vulnerabilitie in JP1/IT Desktop Management 2 - Manager and JP1/NETM/DM | 2016-11-10T16:59+09:00 | 2016-11-10T16:59+09:00 |
| jvndb-2016-000215 | Access restriction bypass vulnerability in WFS-SR01 | 2016-11-02T16:21+09:00 | 2017-11-27T16:42+09:00 |
| jvndb-2016-000214 | Command injection vulnerability in WFS-SR01 | 2016-11-02T16:20+09:00 | 2017-11-27T16:42+09:00 |
| jvndb-2016-000212 | The installer of The Public Certification Service for Individuals "The JPKI user's software" may insecurely load Dynamic Link Libraries | 2016-11-01T16:44+09:00 | 2017-12-25T11:28+09:00 |
| jvndb-2016-000213 | mobiGate App fails to verify SSL server certificates | 2016-11-01T13:47+09:00 | 2018-01-17T12:18+09:00 |
| jvndb-2016-000211 | Installer of 7-Zip for Windows may insecurely load Dynamic Link Libraries | 2016-10-26T15:13+09:00 | 2017-12-25T10:27+09:00 |
| jvndb-2016-000210 | SQL injection vulnerability in WordPress plugin WP-OliveCart | 2016-10-20T14:22+09:00 | 2018-01-17T12:10+09:00 |
| ID | Description | Updated |
|---|