Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-r4f3-5wj3-vm92 | On a client with an admin user, a Global_Shipping script can be implemented. The script could later… | 2025-10-31T18:31:14Z | 2025-10-31T18:31:14Z |
| ghsa-pw8q-qg9v-4xmc | Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host … | 2025-10-31T18:31:14Z | 2025-10-31T21:31:01Z |
| ghsa-jmh2-7qxm-5hfc | Incorrect access control in the realtime.cgi endpoint of Deep Sea Electronics devices DSE855 v1.1.0… | 2025-10-31T18:31:14Z | 2025-10-31T21:31:01Z |
| ghsa-g78v-rm2r-hxw5 | Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the password p… | 2025-10-31T18:31:14Z | 2025-11-03T15:30:28Z |
| ghsa-cfx8-xj8g-9hv3 | By manipulating the Signal Level Attenuation Characterization (SLAC) protocol with spoofed measure… | 2025-10-31T18:31:14Z | 2025-10-31T18:31:14Z |
| ghsa-9wxc-6566-9fgm | Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker … | 2025-10-31T18:31:14Z | 2025-10-31T18:31:14Z |
| ghsa-9cjm-jvqx-xq8q | The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows… | 2025-10-31T18:31:14Z | 2025-10-31T18:31:14Z |
| ghsa-785c-r7jc-9qxg | Email Server Certificate Verification Disabled.This issue affects BLU-IC2: through 1.19.5; BLU-IC4:… | 2025-10-31T18:31:14Z | 2025-11-10T15:31:04Z |
| ghsa-6mq9-274f-wm9p | Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid param… | 2025-10-31T18:31:14Z | 2025-10-31T21:31:01Z |
| ghsa-6jc3-vhwv-4rgh | Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid param… | 2025-10-31T18:31:14Z | 2025-11-03T15:30:28Z |
| ghsa-538j-4932-wc23 | When using domain users as BRAIN2 users, communication with Active Directory services is unencrypte… | 2025-10-31T18:31:14Z | 2025-10-31T18:31:14Z |
| ghsa-2pxm-j656-vm6g | Insufficient Password Policy.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. | 2025-10-31T18:31:14Z | 2025-11-10T15:31:03Z |
| ghsa-f556-49jc-4rvc | Ansible does not collect garbage after playbook run | 2025-10-31T17:31:57Z | 2025-10-31T17:31:57Z |
| ghsa-xqgq-c6mj-rmrj | DLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by sketchu… | 2025-10-31T15:30:31Z | 2025-10-31T18:31:14Z |
| ghsa-x2wp-8726-qw87 | The equipment initially can be configured using the manufacturer's application, by Wi-Fi, by the we… | 2025-10-31T15:30:31Z | 2025-11-03T18:31:51Z |
| ghsa-wvv7-xvcj-8ww4 | The web server of the device performs exchanges of sensitive information in clear text through an i… | 2025-10-31T15:30:31Z | 2025-11-03T18:31:51Z |
| ghsa-vc68-c4h2-5g4j | An XSS issue was discovered in Afterlogic Aurora webmail version 9.8.3 and below. An attacker can s… | 2025-10-31T15:30:31Z | 2025-10-31T15:30:31Z |
| ghsa-pm38-4323-93p3 | A reflected cross-site scripting (XSS) vulnerability in BEO GmbH BEO Atlas Einfuhr Ausfuhr 3.0 allo… | 2025-10-31T15:30:31Z | 2025-10-31T21:31:01Z |
| ghsa-m69p-r3h8-6wpr | Tampering of the registry entries might have led to preventing the ESET security products from star… | 2025-10-31T15:30:31Z | 2025-10-31T15:30:31Z |
| ghsa-jjf8-5854-rgjh | Integer overflow in GameMaker IDE below 2024.14.0 version can lead to can lead to application crash… | 2025-10-31T15:30:31Z | 2025-10-31T15:30:31Z |
| ghsa-hqmq-ch89-m5gp | The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack, the… | 2025-10-31T15:30:31Z | 2025-11-03T18:31:51Z |
| ghsa-gwh4-pxrm-9ff9 | IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a non-root user to gain hig… | 2025-10-31T15:30:31Z | 2025-10-31T15:30:31Z |
| ghsa-9frg-3876-q98g | Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap use-after-free vulnerability in v… | 2025-10-31T15:30:31Z | 2025-10-31T21:31:01Z |
| ghsa-8hhj-9c46-c8mp | The Analytify Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all versi… | 2025-10-31T15:30:31Z | 2025-10-31T15:30:31Z |
| ghsa-6hj2-fxwr-rvj5 | Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap buffer overflow vulnerability in … | 2025-10-31T15:30:31Z | 2025-10-31T21:31:01Z |
| ghsa-5pfc-43r5-qrmg | Kitware VTK (Visualization Toolkit) up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocument… | 2025-10-31T15:30:31Z | 2025-10-31T21:31:01Z |
| ghsa-5fcf-3m52-f3q5 | IBM Jazz for Service Management 1.1.3.0 through 1.1.3.25 does not set the secure attribute on autho… | 2025-10-31T15:30:31Z | 2025-10-31T15:30:31Z |
| ghsa-4m38-cfr7-jx25 | The equipment grants a JWT token for each connection in the timeline, but during an active valid se… | 2025-10-31T15:30:31Z | 2025-11-03T18:31:51Z |
| ghsa-4fg8-97vg-f94j | Nagios XI versions prior to < 2024R1.1 is vulnerable to a cross-site scripting (XSS) when a user vi… | 2025-10-31T15:30:31Z | 2025-11-06T18:32:49Z |
| ghsa-2cfx-ppj7-2856 | Denial of service of the web server through specific requests to this protocol | 2025-10-31T15:30:31Z | 2025-11-03T18:31:51Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-60503 | N/A | A cross-site scripting (XSS) vulnerability exists… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T16:35:11.605Z |
| cve-2025-50735 | N/A | Directory traversal vulnerability in NextChat thr… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T20:11:16.719Z |
| cve-2025-50363 | N/A | Phpgurukul Maid Hiring Management System 1.0 is v… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T18:33:15.550Z |
| cve-2025-45663 | N/A | An issue in NetSurf v3.11 causes the application … |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-04T16:51:18.960Z |
| cve-2025-29699 | N/A | NetSurf 3.11 is vulnerable to Use After Free in d… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-04T16:48:42.854Z |
| cve-2024-51317 | N/A | An issue in NetSurf v.3.11 allows a remote attack… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-04T16:46:04.739Z |
| cve-2025-12606 | itsourcecode Online Loan Management System manage_borr… |
itsourcecode |
Online Loan Management System |
2025-11-02T23:32:06.631Z | 2025-11-03T14:42:31.694Z | |
| cve-2025-12605 | itsourcecode Online Loan Management System manage_loan… |
itsourcecode |
Online Loan Management System |
2025-11-02T23:02:07.442Z | 2025-11-03T14:43:19.764Z | |
| cve-2025-12604 | itsourcecode Online Loan Management System load_fields… |
itsourcecode |
Online Loan Management System |
2025-11-02T21:32:06.054Z | 2025-11-03T14:44:06.472Z | |
| cve-2025-12598 | SourceCodester Best House Rental Management System adm… |
SourceCodester |
Best House Rental Management System |
2025-11-02T12:02:07.575Z | 2025-11-03T14:44:57.474Z | |
| cve-2025-12597 | SourceCodester Best House Rental Management System adm… |
SourceCodester |
Best House Rental Management System |
2025-11-02T11:32:06.558Z | 2025-11-03T14:45:32.495Z | |
| cve-2025-12596 | Tenda AC23 saveParentControlInfo buffer overflow |
Tenda |
AC23 |
2025-11-02T10:32:06.299Z | 2025-11-03T14:54:39.493Z | |
| cve-2025-12595 | Tenda AC23 SetVirtualServerCfg formSetVirtualSer buffe… |
Tenda |
AC23 |
2025-11-02T10:02:07.134Z | 2025-11-03T14:55:49.338Z | |
| cve-2025-12594 | code-projects Simple Online Hotel Reservation System a… |
code-projects |
Simple Online Hotel Reservation System |
2025-11-02T08:32:06.189Z | 2025-11-03T15:43:44.392Z | |
| cve-2025-12593 | code-projects Simple Online Hotel Reservation System P… |
code-projects |
Simple Online Hotel Reservation System |
2025-11-02T06:02:05.981Z | 2025-11-03T15:43:16.030Z | |
| cve-2025-12603 | 2.3 (v4.0) | /etc/timezone can be Arbitrarily Written |
Azure Access Technology |
BLU-IC2 |
2025-11-01T18:56:52.453Z | 2025-11-03T13:29:31.660Z |
| cve-2025-12602 | 2.3 (v4.0) | /etc/avahi/services/z9.service can be Arbitrarily Written |
Azure Access Technology |
BLU-IC2 |
2025-11-01T18:54:46.956Z | 2025-11-03T13:29:38.120Z |
| cve-2025-12601 | 10 (v4.0) | Denial of Service Due to SlowLoris |
Azure Access Technology |
BLU-IC2 |
2025-11-01T18:49:12.782Z | 2025-11-03T13:29:43.969Z |
| cve-2025-12600 | 10 (v4.0) | Web UI Malfunction |
Azure Access Technology |
BLU-IC2 |
2025-11-01T18:48:49.084Z | 2025-11-03T13:29:50.055Z |
| cve-2025-12599 | 10 (v4.0) | Multiple Devices are Sharing the Same Secrets for SDKS… |
Azure Access Technology |
BLU-IC2 |
2025-11-01T18:39:53.127Z | 2025-11-03T13:29:56.000Z |
| cve-2025-36367 | 8.8 (v3.1) | IBM i is affected by a privilege escalation in IBM i S… |
IBM |
i |
2025-11-01T12:01:31.137Z | 2025-11-04T04:55:13.395Z |
| cve-2025-6988 | Kallyas <= 4.23.0 - Authenticated (Contributor+) Store… |
hogash |
KALLYAS - Creative eCommerce Multi-Purpose WordPress Theme |
2025-11-01T07:30:04.897Z | 2025-11-03T13:30:11.443Z | |
| cve-2025-6990 | Kallyas <= 4.24.0 - Authenticated (Contributor+) Remot… |
hogash |
KALLYAS - Creative eCommerce Multi-Purpose WordPress Theme |
2025-11-01T07:30:03.218Z | 2025-11-03T13:30:17.631Z | |
| cve-2025-12137 | Import WP – Export and Import CSV and XML files to Wor… |
jcollings |
Import WP – Export and Import CSV and XML files to WordPress |
2025-11-01T06:40:40.047Z | 2025-11-03T13:30:23.253Z | |
| cve-2025-12171 | RESTful Content Syndication 1.1.0 - 1.5.0 - Authentica… |
anthonyeden |
RESTful Content Syndication |
2025-11-01T06:40:39.565Z | 2025-11-03T13:30:29.197Z | |
| cve-2025-11755 | Delicious Recipes <= 1.9.0 - Authenticated (Contributo… |
wpdelicious |
WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) |
2025-11-01T06:40:39.047Z | 2025-11-03T13:30:34.941Z | |
| cve-2025-10487 | Advanced Ads <= 2.0.12 - Unauthenticated Limited Code … |
monetizemore |
Advanced Ads – Ad Manager & AdSense |
2025-11-01T06:40:37.833Z | 2025-11-03T13:30:40.805Z | |
| cve-2025-11499 | Tablesome Table – Contact Form DB – WPForms, CF7, Grav… |
essekia |
Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent |
2025-11-01T06:40:37.314Z | 2025-11-03T13:30:46.874Z | |
| cve-2025-6574 | Service Finder Bookings < 6.1 - Authenticated (Subscri… |
aonetheme |
Service Finder Bookings |
2025-11-01T06:40:36.491Z | 2025-11-03T13:30:52.307Z | |
| cve-2025-11502 | Schema & Structured Data for WP & AMP <= 1.51 - Authen… |
magazine3 |
Schema & Structured Data for WP & AMP |
2025-11-01T05:40:24.552Z | 2025-11-03T13:30:58.163Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-63442 | N/A | Simple User Management System with PHP-MySQL v1.0… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T15:34:39.978Z |
| cve-2025-60892 | N/A | An issue in Raspberry Pi Imager version 1.9.6 for… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-03T21:00:06.573Z |
| cve-2025-45663 | N/A | An issue in NetSurf v3.11 causes the application … |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-04T16:51:18.960Z |
| cve-2025-29699 | N/A | NetSurf 3.11 is vulnerable to Use After Free in d… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-04T16:48:42.854Z |
| cve-2024-51317 | N/A | An issue in NetSurf v.3.11 allows a remote attack… |
n/a |
n/a |
2025-11-03T00:00:00.000Z | 2025-11-04T16:46:04.739Z |
| cve-2025-64294 | 5.3 (v3.1) | WordPress WP Snow Effect plugin <= 1.1.15 - Broken Acc… |
d3wp |
WP Snow Effect |
2025-11-03T13:09:39.398Z | 2025-11-13T10:33:49.360Z |
| cve-2025-40107 | N/A | can: hi311x: fix null pointer dereference when resumin… |
Linux |
Linux |
2025-11-03T12:15:12.587Z | 2025-11-03T12:15:12.587Z |
| cve-2025-12626 | jeecgboot jeewx-boot WxActGoldeneggsPrizesController.j… |
jeecgboot |
jeewx-boot |
2025-11-03T13:02:06.078Z | 2025-11-03T14:08:09.907Z | |
| cve-2025-0987 | 9.9 (v3.1) | IDOR in CB Project's CVLand |
CB Project Ltd. Co. |
CVLand |
2025-11-03T11:51:14.209Z | 2025-11-03T13:29:13.791Z |
| cve-2025-48397 | 7.1 (v3.1) | The privileged user could log in without sufficie… |
Eaton |
Eaton Brightlayer Software Suite (BLSS) |
2025-11-03T08:28:53.084Z | 2025-11-03T15:48:09.729Z |
| cve-2025-48396 | 8.3 (v3.1) | Arbitrary code execution is possible due to impro… |
Eaton |
Eaton Brightlayer Software Suite (BLSS) |
2025-11-03T07:57:22.765Z | 2025-11-04T10:44:25.658Z |
| cve-2025-12623 | fushengqian fuint Authentication Token ClientSignContr… |
fushengqian |
fuint |
2025-11-03T08:02:05.877Z | 2025-11-03T13:07:17.008Z | |
| cve-2025-12622 | Tenda AC10 SysRunCmd formSysRunCmd buffer overflow |
Tenda |
AC10 |
2025-11-03T07:32:13.624Z | 2025-11-03T16:06:54.102Z | |
| cve-2025-12619 | Tenda A15 openNetworkGateway fromSetWirelessRepeat buf… |
Tenda |
A15 |
2025-11-03T07:02:11.692Z | 2025-11-03T16:06:25.502Z | |
| cve-2025-12618 | Tenda AC8 DatabaseIniSet buffer overflow |
Tenda |
AC8 |
2025-11-03T06:32:13.198Z | 2025-11-03T06:32:13.198Z | |
| cve-2025-12503 | 7.1 (v4.0) 6.5 (v3.1) | Digiwin|EasyFlow .NET and EasyFlow AiNet |
Digiwin |
EasyFlow .NET |
2025-11-03T06:51:55.994Z | 2025-11-03T13:48:19.281Z |
| cve-2025-12617 | itsourcecode Billing System login_crud.php sql injection |
itsourcecode |
Billing System |
2025-11-03T04:32:08.832Z | 2025-11-03T16:08:24.049Z | |
| cve-2025-12616 | PHPGurukul News Portal settings.py insertion of sensit… |
PHPGurukul |
News Portal |
2025-11-03T04:02:06.308Z | 2025-11-03T20:34:35.281Z | |
| cve-2025-12615 | PHPGurukul News Portal settings.py hard-coded key |
PHPGurukul |
News Portal |
2025-11-03T03:32:06.859Z | 2025-11-03T20:35:20.857Z | |
| cve-2025-12614 | SourceCodester Best House Rental Management System adm… |
SourceCodester |
Best House Rental Management System |
2025-11-03T03:02:06.312Z | 2025-11-03T14:04:22.875Z | |
| cve-2025-12612 | Campcodes School Fees Payment Management System ajax.p… |
Campcodes |
School Fees Payment Management System |
2025-11-03T02:32:06.745Z | 2025-11-12T12:37:26.335Z | |
| cve-2025-12611 | Tenda AC21 SetPptpServerCfg formSetPPTPServer buffer o… |
Tenda |
AC21 |
2025-11-03T02:02:09.734Z | 2025-11-03T14:26:36.736Z | |
| cve-2025-12610 | CodeAstro Gym Management System view-progress-report.p… |
CodeAstro |
Gym Management System |
2025-11-03T01:32:06.052Z | 2025-11-03T14:40:24.631Z | |
| cve-2025-12609 | CodeAstro Gym Management System update-progress.php sq… |
CodeAstro |
Gym Management System |
2025-11-03T01:02:06.847Z | 2025-11-03T14:57:00.643Z | |
| cve-2025-12608 | itsourcecode Online Loan Management System manage_user… |
itsourcecode |
Online Loan Management System |
2025-11-03T00:32:06.062Z | 2025-11-03T15:00:44.154Z | |
| cve-2025-12607 | itsourcecode Online Loan Management System manage_paym… |
itsourcecode |
Online Loan Management System |
2025-11-03T00:02:07.039Z | 2025-11-03T14:14:23.841Z | |
| cve-2025-12606 | itsourcecode Online Loan Management System manage_borr… |
itsourcecode |
Online Loan Management System |
2025-11-02T23:32:06.631Z | 2025-11-03T14:42:31.694Z | |
| cve-2025-12605 | itsourcecode Online Loan Management System manage_loan… |
itsourcecode |
Online Loan Management System |
2025-11-02T23:02:07.442Z | 2025-11-03T14:43:19.764Z | |
| cve-2025-12604 | itsourcecode Online Loan Management System load_fields… |
itsourcecode |
Online Loan Management System |
2025-11-02T21:32:06.054Z | 2025-11-03T14:44:06.472Z | |
| cve-2025-12598 | SourceCodester Best House Rental Management System adm… |
SourceCodester |
Best House Rental Management System |
2025-11-02T12:02:07.575Z | 2025-11-03T14:44:57.474Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-188875 | Malicious code in prompts-terser-webpack-plugin-enceladus-graviton (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188874 | Malicious code in prompts-spectron-firebase-frontend (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188873 | Malicious code in prompts-radiometric-passport-geoarchaeology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188872 | Malicious code in prompts-meissa-lacerta-deneb (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188871 | Malicious code in prompts-jasmine-wolf-duplex (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188870 | Malicious code in prompts-flare-celeste-sedna (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188869 | Malicious code in prompts-commitlint-canopus-karma (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188868 | Malicious code in prompts-capella-node-config-biomimicry (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188867 | Malicious code in promise-yonder-lint-pyxis (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188866 | Malicious code in promise-vortex-technocracy-transform (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188865 | Malicious code in promise-user-static-small-stack (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188864 | Malicious code in promise-umbra-css-loader-postcss-loader (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188863 | Malicious code in promise-selenium-bellatrix-mysql (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188862 | Malicious code in promise-meta-node-orchestrate-proxy (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188861 | Malicious code in promise-jovian-cli-nightwatch (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188860 | Malicious code in promise-interpret-cache-final-process (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188859 | Malicious code in promise-impulse-levels-exec (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188858 | Malicious code in promise-hawkingradiation-paleoclimatology-prompts (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188857 | Malicious code in promise-dynamo-umbriel-jwt (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188856 | Malicious code in promise-dog-link-authorize-boolean (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188855 | Malicious code in promise-compile-interface-benchmark-fire (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188854 | Malicious code in promise-carina-astroinformatics-regulus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188853 | Malicious code in promise-aurora-kastra-backend (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188852 | Malicious code in promise-algol-cosmicsilence-adonis (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188851 | Malicious code in procyon-yaml-figures-toml (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188850 | Malicious code in procyon-spectron-webdriver-nestjs-gridsome (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188849 | Malicious code in procyon-slidev-process-webpack (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188848 | Malicious code in procyon-procyon-xml-planetology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188847 | Malicious code in procyon-planckscale-steganography-procyon (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188846 | Malicious code in procyon-mesosphere-gemini-arcturus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:9020 | Red Hat Security Advisory: podman security update | 2025-06-12T14:08:34+00:00 | 2025-11-13T16:51:32+00:00 |
| rhsa-2025:9019 | Red Hat Security Advisory: containernetworking-plugins security update | 2025-06-12T14:08:23+00:00 | 2025-11-13T16:49:13+00:00 |
| rhsa-2025:9018 | Red Hat Security Advisory: skopeo security update | 2025-06-12T14:03:23+00:00 | 2025-11-13T16:49:13+00:00 |
| rhsa-2025:9017 | Red Hat Security Advisory: buildah security update | 2025-06-12T13:57:18+00:00 | 2025-11-13T16:49:13+00:00 |
| rhsa-2025:8984 | Red Hat Security Advisory: grafana-pcp security update | 2025-06-12T06:34:27+00:00 | 2025-11-13T16:51:31+00:00 |
| rhsa-2025:8983 | Red Hat Security Advisory: grafana-pcp security update | 2025-06-12T06:32:37+00:00 | 2025-11-13T16:49:13+00:00 |
| rhsa-2025:8982 | Red Hat Security Advisory: grafana-pcp security update | 2025-06-12T06:30:57+00:00 | 2025-11-13T16:49:12+00:00 |
| rhsa-2025:8979 | Red Hat Security Advisory: gstreamer1-plugins-bad-free security update | 2025-06-12T06:14:17+00:00 | 2025-11-11T10:13:30+00:00 |
| rhsa-2025:8977 | Red Hat Security Advisory: gstreamer1-plugins-bad-free security update | 2025-06-12T06:10:23+00:00 | 2025-11-11T10:13:29+00:00 |
| rhsa-2025:8980 | Red Hat Security Advisory: gstreamer1-plugins-bad-free security update | 2025-06-12T06:10:18+00:00 | 2025-11-11T10:13:30+00:00 |
| rhsa-2025:8981 | Red Hat Security Advisory: gstreamer1-plugins-bad-free security update | 2025-06-12T06:09:57+00:00 | 2025-11-11T10:13:30+00:00 |
| rhsa-2025:8976 | Red Hat Security Advisory: gstreamer1-plugins-bad-free security update | 2025-06-12T06:09:27+00:00 | 2025-11-11T10:13:28+00:00 |
| rhsa-2025:8978 | Red Hat Security Advisory: gstreamer1-plugins-bad-free security update | 2025-06-12T06:07:47+00:00 | 2025-11-11T10:13:29+00:00 |
| rhsa-2025:8975 | Red Hat Security Advisory: grafana-pcp security update | 2025-06-12T05:54:57+00:00 | 2025-11-13T16:49:12+00:00 |
| rhsa-2025:8974 | Red Hat Security Advisory: go-toolset:rhel8 security update | 2025-06-12T05:41:22+00:00 | 2025-11-13T16:49:11+00:00 |
| rhsa-2025:8958 | Red Hat Security Advisory: libxml2 security update | 2025-06-11T22:21:36+00:00 | 2025-11-06T23:15:42+00:00 |
| rhsa-2025:8937 | Red Hat Security Advisory: mod_security security update | 2025-06-11T21:36:16+00:00 | 2025-11-11T12:35:11+00:00 |
| rhsa-2025:8918 | Red Hat Security Advisory: grafana-pcp security update | 2025-06-11T16:05:50+00:00 | 2025-11-13T16:49:11+00:00 |
| rhsa-2025:8917 | Red Hat Security Advisory: mod_security security update | 2025-06-11T16:05:02+00:00 | 2025-11-11T12:35:11+00:00 |
| rhsa-2025:8922 | Red Hat Security Advisory: mod_security security update | 2025-06-11T16:01:05+00:00 | 2025-11-11T12:35:11+00:00 |
| rhsa-2025:8916 | Red Hat Security Advisory: grafana-pcp security update | 2025-06-11T15:46:48+00:00 | 2025-11-13T16:49:11+00:00 |
| rhsa-2025:8915 | Red Hat Security Advisory: grafana-pcp security update | 2025-06-11T15:46:44+00:00 | 2025-11-13T16:49:11+00:00 |
| rhsa-2025:8919 | Red Hat Security Advisory: Red Hat Build of Apache Camel 4.10 for Quarkus 3.20 update is now available (RHBQ 3.20.1.SP1) | 2025-06-11T15:34:10+00:00 | 2025-11-11T16:22:06+00:00 |
| rhsa-2025:8890 | Red Hat Security Advisory: perl-FCGI:0.78 security update | 2025-06-11T13:12:20+00:00 | 2025-11-11T11:27:34+00:00 |
| rhsa-2025:8552 | Red Hat Security Advisory: OpenShift Container Platform 4.17.33 bug fix and security update | 2025-06-11T12:02:51+00:00 | 2025-11-13T17:42:30+00:00 |
| rhsa-2025:8837 | Red Hat Security Advisory: mod_security security update | 2025-06-11T10:57:35+00:00 | 2025-11-11T12:35:10+00:00 |
| rhsa-2025:8844 | Red Hat Security Advisory: mod_security security update | 2025-06-11T10:54:10+00:00 | 2025-11-11T12:35:11+00:00 |
| rhsa-2025:8829 | Red Hat Security Advisory: perl-FCGI security update | 2025-06-11T10:24:10+00:00 | 2025-11-11T11:27:34+00:00 |
| rhsa-2025:8817 | Red Hat Security Advisory: .NET 9.0 security update | 2025-06-11T08:10:07+00:00 | 2025-11-11T10:13:27+00:00 |
| rhsa-2025:8815 | Red Hat Security Advisory: .NET 9.0 security update | 2025-06-11T08:09:24+00:00 | 2025-11-11T10:13:26+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-21861 | mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() | 2025-03-02T00:00:00.000Z | 2025-09-03T22:10:12.000Z |
| msrc_cve-2025-21859 | USB: gadget: f_midi: f_midi_complete to call queue_work | 2025-03-02T00:00:00.000Z | 2025-04-09T00:00:00.000Z |
| msrc_cve-2025-21858 | geneve: Fix use-after-free in geneve_find_dev(). | 2025-03-02T00:00:00.000Z | 2025-04-09T00:00:00.000Z |
| msrc_cve-2025-21857 | net/sched: cls_api: fix error handling causing NULL dereference | 2025-03-02T00:00:00.000Z | 2025-04-09T00:00:00.000Z |
| msrc_cve-2025-21856 | s390/ism: add release function for struct device | 2025-03-02T00:00:00.000Z | 2025-04-09T00:00:00.000Z |
| msrc_cve-2025-21855 | ibmvnic: Don't reference skb after sending to VIOS | 2025-03-02T00:00:00.000Z | 2025-04-09T00:00:00.000Z |
| msrc_cve-2025-21854 | sockmap, vsock: For connectible sockets allow only connected | 2025-03-02T00:00:00.000Z | 2025-04-09T00:00:00.000Z |
| msrc_cve-2025-21853 | bpf: avoid holding freeze_mutex during mmap operation | 2025-03-02T00:00:00.000Z | 2025-04-09T00:00:00.000Z |
| msrc_cve-2025-21848 | nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() | 2025-03-02T00:00:00.000Z | 2025-04-09T00:00:00.000Z |
| msrc_cve-2025-21847 | ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() | 2025-03-02T00:00:00.000Z | 2025-04-09T00:00:00.000Z |
| msrc_cve-2025-21846 | acct: perform last write from workqueue | 2025-03-02T00:00:00.000Z | 2025-04-09T00:00:00.000Z |
| msrc_cve-2025-21844 | smb: client: Add check for next_buffer in receive_encrypted_standard() | 2025-03-02T00:00:00.000Z | 2025-04-09T00:00:00.000Z |
| msrc_cve-2025-21839 | KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop | 2025-03-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2025-21825 | bpf: Cancel the running bpf_timer through kworker for PREEMPT_RT | 2025-03-02T00:00:00.000Z | 2025-09-03T22:12:13.000Z |
| msrc_cve-2025-2153 | HDF5 h5 File H5SM.c H5SM_delete heap-based overflow | 2025-03-02T00:00:00.000Z | 2025-09-03T22:02:51.000Z |
| msrc_cve-2025-1861 | Stream HTTP wrapper truncates redirect location to 1024 bytes | 2025-03-02T00:00:00.000Z | 2025-07-02T00:00:00.000Z |
| msrc_cve-2025-1767 | This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remains vulnerable. | 2025-03-02T00:00:00.000Z | 2025-09-03T22:31:42.000Z |
| msrc_cve-2025-1736 | Stream HTTP wrapper header check might omit basic auth header | 2025-03-02T00:00:00.000Z | 2025-07-02T00:00:00.000Z |
| msrc_cve-2025-1734 | Streams HTTP wrapper does not fail for headers with invalid name and no colon | 2025-03-02T00:00:00.000Z | 2025-07-02T00:00:00.000Z |
| msrc_cve-2025-1550 | Arbitrary Code Execution via Crafted Keras Config for Model Loading | 2025-03-02T00:00:00.000Z | 2025-08-01T00:00:00.000Z |
| msrc_cve-2025-1219 | libxml streams use wrong content-type header when requesting a redirected resource | 2025-03-02T00:00:00.000Z | 2025-04-15T00:00:00.000Z |
| msrc_cve-2025-1217 | Header parser of http stream wrapper does not handle folded headers | 2025-03-02T00:00:00.000Z | 2025-05-02T00:00:00.000Z |
| msrc_cve-2025-1125 | Grub2: fs/hfs: integer overflow may lead to heap based out-of-bounds write | 2025-03-02T00:00:00.000Z | 2025-09-04T06:54:25.000Z |
| msrc_cve-2025-0689 | Grub2: udf: heap based buffer overflow in grub_udf_read_block() may lead to arbitrary code execution | 2025-03-02T00:00:00.000Z | 2025-09-04T06:48:57.000Z |
| msrc_cve-2025-0686 | Grub2: romfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading dat | 2025-03-02T00:00:00.000Z | 2025-09-04T07:49:23.000Z |
| msrc_cve-2025-0685 | Grub2: jfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data | 2025-03-02T00:00:00.000Z | 2025-09-04T08:05:32.000Z |
| msrc_cve-2025-0684 | Grub2: reiserfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data | 2025-03-02T00:00:00.000Z | 2025-09-04T07:58:23.000Z |
| msrc_cve-2025-0678 | Grub2: squash4: integer overflow may lead to heap based out-of-bounds write when reading data | 2025-03-02T00:00:00.000Z | 2025-09-04T07:43:19.000Z |
| msrc_cve-2025-0495 | Secrets leakage to telemetry endpoint via cache backend configuration via buildx | 2025-03-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2024-9042 | This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below. | 2025-03-02T00:00:00.000Z | 2025-09-03T23:27:21.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2016-000145 | "New appointment" function in Cybozu Garoon vulnerable to cross-site scripting | 2016-08-22T15:16+09:00 | 2017-05-23T12:01+09:00 |
| jvndb-2016-000144 | "User details" function in Cybozu Garoon vulnerable to cross-site scripting | 2016-08-22T15:16+09:00 | 2017-05-23T12:01+09:00 |
| jvndb-2016-000143 | "Response request" function in Cybozu Garoon vulnerable to cross-site scripting | 2016-08-22T15:16+09:00 | 2017-05-23T12:01+09:00 |
| jvndb-2016-000142 | Cybozu Garoon vulnerable to open redirect | 2016-08-22T15:16+09:00 | 2017-05-23T12:01+09:00 |
| jvndb-2016-000150 | Geeklog IVYWE edition contains a cross-site scripting vulnerability | 2016-08-19T14:13+09:00 | 2017-05-23T14:28+09:00 |
| jvndb-2016-000141 | OSSEC Web UI vulnerable to cross-site scripting | 2016-08-18T14:24+09:00 | 2017-05-23T14:28+09:00 |
| jvndb-2016-000140 | ClipBucket vulnerable to cross-site scripting | 2016-08-18T14:09+09:00 | 2016-09-05T17:41+09:00 |
| jvndb-2016-000139 | Installer of PhishWall Client Internet Explorer version may insecurely load Dynamic Link Libraries | 2016-08-17T16:12+09:00 | 2017-05-23T14:28+09:00 |
| jvndb-2016-000138 | Cybozu Mailwise contains issue in preventing clickjacking attacks | 2016-08-16T14:14+09:00 | 2017-05-23T12:01+09:00 |
| jvndb-2016-000137 | Cybozu Mailwise vulnerable to information disclosure | 2016-08-16T14:14+09:00 | 2017-05-23T12:02+09:00 |
| jvndb-2016-000136 | Cybozu Mailwise vulnerable to information disclosure | 2016-08-16T14:14+09:00 | 2017-05-23T12:02+09:00 |
| jvndb-2016-000135 | Cybozu Mailwise vulnerable to mail header injection | 2016-08-16T14:10+09:00 | 2017-05-23T16:23+09:00 |
| jvndb-2016-000134 | Multiple I-O DATA Recording Hard disk products vulnerable to cross-site request forgery | 2016-08-08T12:28+09:00 | 2016-10-24T18:27+09:00 |
| jvndb-2016-000127 | Android stock browser vulnerable to denial-of-service (DoS) | 2016-08-05T13:41+09:00 | 2016-08-05T13:41+09:00 |
| jvndb-2016-000133 | Coordinate Plus App fails to verify SSL server certificates | 2016-08-04T13:41+09:00 | 2017-05-23T14:28+09:00 |
| jvndb-2016-003527 | Information Disclosure Vulnerability in Hitachi Command Suite | 2016-08-02T13:50+09:00 | 2016-09-14T18:18+09:00 |
| jvndb-2016-000130 | EC-CUBE plugin "Coupon Plugin" vulnerable to SQL injection | 2016-07-25T11:15+09:00 | 2016-08-04T17:55+09:00 |
| jvndb-2016-000129 | Android OS issue where it is affected by the CRIME attack | 2016-07-25T11:15+09:00 | 2025-04-18T16:36+09:00 |
| jvndb-2016-000128 | Android OS Contacts app fails to restrict access permissions | 2016-07-25T11:14+09:00 | 2016-07-25T11:14+09:00 |
| jvndb-2016-000126 | Vtiger CRM does not properly restrict access to application data | 2016-07-20T14:56+09:00 | 2016-08-04T18:02+09:00 |
| jvndb-2016-000125 | WordPress plugin "Nofollow Links" vulnerable to cross-site scripting | 2016-07-20T14:56+09:00 | 2016-08-05T17:40+09:00 |
| jvndb-2016-000123 | LINE for Windows may insecurely load Dynamic Link Libraries | 2016-07-08T14:29+09:00 | 2016-08-19T17:44+09:00 |
| jvndb-2016-000121 | Apache Commons FileUpload vulnerable to denial-of-service (DoS) | 2016-06-30T13:53+09:00 | 2018-01-29T10:30+09:00 |
| jvndb-2016-000122 | Sushiro App fails to verify SSL server certificates | 2016-06-29T14:27+09:00 | 2017-05-23T14:28+09:00 |
| jvndb-2016-000120 | DMM Movie Player App fails to verify SSL server certificates | 2016-06-27T14:23+09:00 | 2017-05-23T14:28+09:00 |
| jvndb-2016-000106 | Multiple Hikari Denwa routers vulnerable to cross-site request forgery | 2016-06-27T14:19+09:00 | 2016-08-03T16:07+09:00 |
| jvndb-2016-000105 | Multiple Hikari Denwa routers vulnerable to OS command injection | 2016-06-27T14:10+09:00 | 2016-08-03T16:07+09:00 |
| jvndb-2016-000119 | QNAP QTS vulnerable to cross-site scripting | 2016-06-27T13:48+09:00 | 2016-08-03T14:55+09:00 |
| jvndb-2016-000118 | WordPress plugin "Welcart e-Commerce" vulnerable to session management | 2016-06-24T14:12+09:00 | 2016-06-28T17:01+09:00 |
| jvndb-2016-000117 | WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting | 2016-06-24T14:12+09:00 | 2016-06-28T17:01+09:00 |
| ID | Description | Updated |
|---|