Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-6mq9-274f-wm9p | Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid param… | 2025-10-31T18:31:14Z | 2025-10-31T21:31:01Z |
| ghsa-6jc3-vhwv-4rgh | Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid param… | 2025-10-31T18:31:14Z | 2025-11-03T15:30:28Z |
| ghsa-538j-4932-wc23 | When using domain users as BRAIN2 users, communication with Active Directory services is unencrypte… | 2025-10-31T18:31:14Z | 2025-10-31T18:31:14Z |
| ghsa-2pxm-j656-vm6g | Insufficient Password Policy.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. | 2025-10-31T18:31:14Z | 2025-11-10T15:31:03Z |
| ghsa-f556-49jc-4rvc | Ansible does not collect garbage after playbook run | 2025-10-31T17:31:57Z | 2025-10-31T17:31:57Z |
| ghsa-xqgq-c6mj-rmrj | DLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by sketchu… | 2025-10-31T15:30:31Z | 2025-10-31T18:31:14Z |
| ghsa-x2wp-8726-qw87 | The equipment initially can be configured using the manufacturer's application, by Wi-Fi, by the we… | 2025-10-31T15:30:31Z | 2025-11-03T18:31:51Z |
| ghsa-wvv7-xvcj-8ww4 | The web server of the device performs exchanges of sensitive information in clear text through an i… | 2025-10-31T15:30:31Z | 2025-11-03T18:31:51Z |
| ghsa-vc68-c4h2-5g4j | An XSS issue was discovered in Afterlogic Aurora webmail version 9.8.3 and below. An attacker can s… | 2025-10-31T15:30:31Z | 2025-10-31T15:30:31Z |
| ghsa-pm38-4323-93p3 | A reflected cross-site scripting (XSS) vulnerability in BEO GmbH BEO Atlas Einfuhr Ausfuhr 3.0 allo… | 2025-10-31T15:30:31Z | 2025-10-31T21:31:01Z |
| ghsa-m69p-r3h8-6wpr | Tampering of the registry entries might have led to preventing the ESET security products from star… | 2025-10-31T15:30:31Z | 2025-10-31T15:30:31Z |
| ghsa-jjf8-5854-rgjh | Integer overflow in GameMaker IDE below 2024.14.0 version can lead to can lead to application crash… | 2025-10-31T15:30:31Z | 2025-10-31T15:30:31Z |
| ghsa-hqmq-ch89-m5gp | The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack, the… | 2025-10-31T15:30:31Z | 2025-11-03T18:31:51Z |
| ghsa-gwh4-pxrm-9ff9 | IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a non-root user to gain hig… | 2025-10-31T15:30:31Z | 2025-10-31T15:30:31Z |
| ghsa-9frg-3876-q98g | Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap use-after-free vulnerability in v… | 2025-10-31T15:30:31Z | 2025-10-31T21:31:01Z |
| ghsa-8hhj-9c46-c8mp | The Analytify Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all versi… | 2025-10-31T15:30:31Z | 2025-10-31T15:30:31Z |
| ghsa-6hj2-fxwr-rvj5 | Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap buffer overflow vulnerability in … | 2025-10-31T15:30:31Z | 2025-10-31T21:31:01Z |
| ghsa-5pfc-43r5-qrmg | Kitware VTK (Visualization Toolkit) up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocument… | 2025-10-31T15:30:31Z | 2025-10-31T21:31:01Z |
| ghsa-5fcf-3m52-f3q5 | IBM Jazz for Service Management 1.1.3.0 through 1.1.3.25 does not set the secure attribute on autho… | 2025-10-31T15:30:31Z | 2025-10-31T15:30:31Z |
| ghsa-4m38-cfr7-jx25 | The equipment grants a JWT token for each connection in the timeline, but during an active valid se… | 2025-10-31T15:30:31Z | 2025-11-03T18:31:51Z |
| ghsa-4fg8-97vg-f94j | Nagios XI versions prior to < 2024R1.1 is vulnerable to a cross-site scripting (XSS) when a user vi… | 2025-10-31T15:30:31Z | 2025-11-06T18:32:49Z |
| ghsa-2cfx-ppj7-2856 | Denial of service of the web server through specific requests to this protocol | 2025-10-31T15:30:31Z | 2025-11-03T18:31:51Z |
| ghsa-xfhv-2m8j-xxfc | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2025-10-31T12:30:23Z | 2025-11-13T12:31:34Z |
| ghsa-r2w4-795m-g75f | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-31T12:30:23Z | 2025-11-13T12:31:34Z |
| ghsa-qw73-cw24-3jmw | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-31T12:30:23Z | 2025-11-13T12:31:34Z |
| ghsa-7547-xpx7-423p | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-10-31T12:30:23Z | 2025-11-13T12:31:34Z |
| ghsa-6v33-cm54-m66r | Cross-Site Request Forgery (CSRF) vulnerability in Mikado-Themes Bard bardwp allows Cross Site Requ… | 2025-10-31T12:30:23Z | 2025-11-13T12:31:34Z |
| ghsa-63x7-86mp-j45m | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-10-31T12:30:23Z | 2025-11-13T12:31:34Z |
| ghsa-5869-fm6w-9qxm | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-31T12:30:23Z | 2025-11-13T12:31:34Z |
| ghsa-pcvf-2wc2-h4q6 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-31T12:30:22Z | 2025-11-13T12:31:34Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-6988 | Kallyas <= 4.23.0 - Authenticated (Contributor+) Store… |
hogash |
KALLYAS - Creative eCommerce Multi-Purpose WordPress Theme |
2025-11-01T07:30:04.897Z | 2025-11-03T13:30:11.443Z | |
| cve-2025-6990 | Kallyas <= 4.24.0 - Authenticated (Contributor+) Remot… |
hogash |
KALLYAS - Creative eCommerce Multi-Purpose WordPress Theme |
2025-11-01T07:30:03.218Z | 2025-11-03T13:30:17.631Z | |
| cve-2025-12137 | Import WP – Export and Import CSV and XML files to Wor… |
jcollings |
Import WP – Export and Import CSV and XML files to WordPress |
2025-11-01T06:40:40.047Z | 2025-11-03T13:30:23.253Z | |
| cve-2025-12171 | RESTful Content Syndication 1.1.0 - 1.5.0 - Authentica… |
anthonyeden |
RESTful Content Syndication |
2025-11-01T06:40:39.565Z | 2025-11-03T13:30:29.197Z | |
| cve-2025-11755 | Delicious Recipes <= 1.9.0 - Authenticated (Contributo… |
wpdelicious |
WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) |
2025-11-01T06:40:39.047Z | 2025-11-03T13:30:34.941Z | |
| cve-2025-10487 | Advanced Ads <= 2.0.12 - Unauthenticated Limited Code … |
monetizemore |
Advanced Ads – Ad Manager & AdSense |
2025-11-01T06:40:37.833Z | 2025-11-03T13:30:40.805Z | |
| cve-2025-11499 | Tablesome Table – Contact Form DB – WPForms, CF7, Grav… |
essekia |
Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent |
2025-11-01T06:40:37.314Z | 2025-11-03T13:30:46.874Z | |
| cve-2025-6574 | Service Finder Bookings < 6.1 - Authenticated (Subscri… |
aonetheme |
Service Finder Bookings |
2025-11-01T06:40:36.491Z | 2025-11-03T13:30:52.307Z | |
| cve-2025-11502 | Schema & Structured Data for WP & AMP <= 1.51 - Authen… |
magazine3 |
Schema & Structured Data for WP & AMP |
2025-11-01T05:40:24.552Z | 2025-11-03T13:30:58.163Z | |
| cve-2025-11740 | wpForo Forum <= 2.4.9 - Authenticated (Susbscriber+) S… |
tomdever |
wpForo Forum |
2025-11-01T05:40:24.041Z | 2025-11-03T13:31:04.431Z | |
| cve-2025-12038 | Folderly <= 0.3 - Incorrect Authorization to Authentic… |
wpfolderly |
Folderly |
2025-11-01T05:40:23.582Z | 2025-11-03T13:31:10.279Z | |
| cve-2025-11983 | WP Discourse <= 2.5.9 - Authenticated (Author+) Inform… |
scossar |
WP Discourse |
2025-11-01T05:40:23.063Z | 2025-11-03T13:31:15.868Z | |
| cve-2025-12090 | Employee Spotlight – Team Member Showcase & Meet the T… |
emarket-design |
Employee Spotlight – Team Member Showcase & Meet the Team Plugin |
2025-11-01T05:40:22.553Z | 2025-11-03T13:31:21.726Z | |
| cve-2025-12180 | Qi Blocks <= 1.4.3 - Missing Authorization to Authenti… |
qodeinteractive |
Qi Blocks |
2025-11-01T05:40:21.834Z | 2025-11-03T13:31:27.357Z | |
| cve-2025-11927 | Flying Images: Optimize and Lazy Load Images for Faste… |
gijo |
Flying Images: Optimize and Lazy Load Images for Faster Page Speed |
2025-11-01T04:27:42.551Z | 2025-11-03T13:31:33.027Z | |
| cve-2025-5949 | Service Finder Bookings <= 6.0 - Authenticated (Subscr… |
aonetheme |
Service Finder Bookings |
2025-11-01T04:27:42.063Z | 2025-11-03T20:48:46.815Z | |
| cve-2025-12118 | Schema Scalpel <= 1.6.1 - Authenticated (Contributor+)… |
kevingillispie |
Schema Scalpel |
2025-11-01T04:27:41.429Z | 2025-11-03T20:47:42.541Z | |
| cve-2025-11995 | Community Events <= 1.5.2 - Unauthenticated Stored Cro… |
jackdewey |
Community Events |
2025-11-01T04:27:40.961Z | 2025-11-03T20:46:33.926Z | |
| cve-2025-11377 | List category posts <= 0.92.0 - Authenticated (Contrib… |
fernandobt |
List category posts |
2025-11-01T04:27:40.333Z | 2025-11-03T20:45:31.296Z | |
| cve-2025-11928 | CSS & JavaScript Toolbox <= 12.0.5 - Authenticated (Ad… |
wipeoutmedia |
CSS & JavaScript Toolbox |
2025-11-01T03:34:36.948Z | 2025-11-03T14:59:13.017Z | |
| cve-2025-12367 | SiteSEO – SEO Simplified <= 1.3.1 - Missing Authorizat… |
softaculous |
SiteSEO – SEO Simplified |
2025-11-01T03:34:36.429Z | 2025-11-03T15:46:46.785Z | |
| cve-2025-11833 | Post SMTP – Complete SMTP Solution with Logs, Alerts, … |
saadiqbal |
Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App |
2025-11-01T03:34:35.794Z | 2025-11-03T15:47:23.380Z | |
| cve-2025-62275 | 6.9 (v4.0) | Blogs in Liferay Portal 7.4.0 through 7.4.3.111, … |
Liferay |
Portal |
2025-11-01T02:42:50.698Z | 2025-11-03T15:47:50.284Z |
| cve-2025-11922 | Inactive Logout <= 3.5.5 - Authenticated (Subscriber+)… |
j_3rk |
Inactive Logout |
2025-11-01T01:47:41.819Z | 2025-11-03T15:48:16.331Z | |
| cve-2025-11920 | WPCOM Member <= 1.7.14 - Authenticated (Contributor+) … |
whyun |
WPCOM Member |
2025-11-01T01:47:41.378Z | 2025-11-03T18:53:31.185Z | |
| cve-2025-11174 | Document Library Lite <= 1.1.6 - Missing Authorization… |
barn2media |
Document Library Lite |
2025-11-01T01:47:40.902Z | 2025-11-03T18:57:14.666Z | |
| cve-2025-11816 | Privacy Policy Generator, Terms & Conditions Generator… |
wplegalpages |
Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages |
2025-11-01T01:47:40.230Z | 2025-11-03T18:57:46.543Z | |
| cve-2025-62276 | 4.6 (v4.0) | The Document Library and the Adaptive Media modul… |
Liferay |
Portal |
2025-10-31T23:34:20.166Z | 2025-11-03T13:31:38.847Z |
| cve-2025-12464 | 6.2 (v3.1) | Qemu-kvm: stack buffer overflow in e1000 device via sh… |
|
|
2025-10-31T21:15:48.885Z | 2025-11-12T10:12:25.796Z |
| cve-2025-60711 | 6.3 (v3.1) | Microsoft Edge (Chromium-based) Remote Code Execution … |
Microsoft |
Microsoft Edge (Chromium-based) |
2025-10-31T19:29:01.444Z | 2025-11-04T20:04:01.282Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-12609 | CodeAstro Gym Management System update-progress.php sq… |
CodeAstro |
Gym Management System |
2025-11-03T01:02:06.847Z | 2025-11-03T14:57:00.643Z | |
| cve-2025-12608 | itsourcecode Online Loan Management System manage_user… |
itsourcecode |
Online Loan Management System |
2025-11-03T00:32:06.062Z | 2025-11-03T15:00:44.154Z | |
| cve-2025-12607 | itsourcecode Online Loan Management System manage_paym… |
itsourcecode |
Online Loan Management System |
2025-11-03T00:02:07.039Z | 2025-11-03T14:14:23.841Z | |
| cve-2025-12606 | itsourcecode Online Loan Management System manage_borr… |
itsourcecode |
Online Loan Management System |
2025-11-02T23:32:06.631Z | 2025-11-03T14:42:31.694Z | |
| cve-2025-12605 | itsourcecode Online Loan Management System manage_loan… |
itsourcecode |
Online Loan Management System |
2025-11-02T23:02:07.442Z | 2025-11-03T14:43:19.764Z | |
| cve-2025-12604 | itsourcecode Online Loan Management System load_fields… |
itsourcecode |
Online Loan Management System |
2025-11-02T21:32:06.054Z | 2025-11-03T14:44:06.472Z | |
| cve-2025-12598 | SourceCodester Best House Rental Management System adm… |
SourceCodester |
Best House Rental Management System |
2025-11-02T12:02:07.575Z | 2025-11-03T14:44:57.474Z | |
| cve-2025-12597 | SourceCodester Best House Rental Management System adm… |
SourceCodester |
Best House Rental Management System |
2025-11-02T11:32:06.558Z | 2025-11-03T14:45:32.495Z | |
| cve-2025-12596 | Tenda AC23 saveParentControlInfo buffer overflow |
Tenda |
AC23 |
2025-11-02T10:32:06.299Z | 2025-11-03T14:54:39.493Z | |
| cve-2025-12595 | Tenda AC23 SetVirtualServerCfg formSetVirtualSer buffe… |
Tenda |
AC23 |
2025-11-02T10:02:07.134Z | 2025-11-03T14:55:49.338Z | |
| cve-2025-12594 | code-projects Simple Online Hotel Reservation System a… |
code-projects |
Simple Online Hotel Reservation System |
2025-11-02T08:32:06.189Z | 2025-11-03T15:43:44.392Z | |
| cve-2025-12593 | code-projects Simple Online Hotel Reservation System P… |
code-projects |
Simple Online Hotel Reservation System |
2025-11-02T06:02:05.981Z | 2025-11-03T15:43:16.030Z | |
| cve-2025-12603 | 2.3 (v4.0) | /etc/timezone can be Arbitrarily Written |
Azure Access Technology |
BLU-IC2 |
2025-11-01T18:56:52.453Z | 2025-11-03T13:29:31.660Z |
| cve-2025-12602 | 2.3 (v4.0) | /etc/avahi/services/z9.service can be Arbitrarily Written |
Azure Access Technology |
BLU-IC2 |
2025-11-01T18:54:46.956Z | 2025-11-03T13:29:38.120Z |
| cve-2025-12601 | 10 (v4.0) | Denial of Service Due to SlowLoris |
Azure Access Technology |
BLU-IC2 |
2025-11-01T18:49:12.782Z | 2025-11-03T13:29:43.969Z |
| cve-2025-12600 | 10 (v4.0) | Web UI Malfunction |
Azure Access Technology |
BLU-IC2 |
2025-11-01T18:48:49.084Z | 2025-11-03T13:29:50.055Z |
| cve-2025-12599 | 10 (v4.0) | Multiple Devices are Sharing the Same Secrets for SDKS… |
Azure Access Technology |
BLU-IC2 |
2025-11-01T18:39:53.127Z | 2025-11-03T13:29:56.000Z |
| cve-2025-36367 | 8.8 (v3.1) | IBM i is affected by a privilege escalation in IBM i S… |
IBM |
i |
2025-11-01T12:01:31.137Z | 2025-11-04T04:55:13.395Z |
| cve-2025-6990 | Kallyas <= 4.24.0 - Authenticated (Contributor+) Remot… |
hogash |
KALLYAS - Creative eCommerce Multi-Purpose WordPress Theme |
2025-11-01T07:30:03.218Z | 2025-11-03T13:30:17.631Z | |
| cve-2025-6988 | Kallyas <= 4.23.0 - Authenticated (Contributor+) Store… |
hogash |
KALLYAS - Creative eCommerce Multi-Purpose WordPress Theme |
2025-11-01T07:30:04.897Z | 2025-11-03T13:30:11.443Z | |
| cve-2025-6574 | Service Finder Bookings < 6.1 - Authenticated (Subscri… |
aonetheme |
Service Finder Bookings |
2025-11-01T06:40:36.491Z | 2025-11-03T13:30:52.307Z | |
| cve-2025-12171 | RESTful Content Syndication 1.1.0 - 1.5.0 - Authentica… |
anthonyeden |
RESTful Content Syndication |
2025-11-01T06:40:39.565Z | 2025-11-03T13:30:29.197Z | |
| cve-2025-12137 | Import WP – Export and Import CSV and XML files to Wor… |
jcollings |
Import WP – Export and Import CSV and XML files to WordPress |
2025-11-01T06:40:40.047Z | 2025-11-03T13:30:23.253Z | |
| cve-2025-11755 | Delicious Recipes <= 1.9.0 - Authenticated (Contributo… |
wpdelicious |
WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) |
2025-11-01T06:40:39.047Z | 2025-11-03T13:30:34.941Z | |
| cve-2025-11499 | Tablesome Table – Contact Form DB – WPForms, CF7, Grav… |
essekia |
Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent |
2025-11-01T06:40:37.314Z | 2025-11-03T13:30:46.874Z | |
| cve-2025-10487 | Advanced Ads <= 2.0.12 - Unauthenticated Limited Code … |
monetizemore |
Advanced Ads – Ad Manager & AdSense |
2025-11-01T06:40:37.833Z | 2025-11-03T13:30:40.805Z | |
| cve-2025-12180 | Qi Blocks <= 1.4.3 - Missing Authorization to Authenti… |
qodeinteractive |
Qi Blocks |
2025-11-01T05:40:21.834Z | 2025-11-03T13:31:27.357Z | |
| cve-2025-12090 | Employee Spotlight – Team Member Showcase & Meet the T… |
emarket-design |
Employee Spotlight – Team Member Showcase & Meet the Team Plugin |
2025-11-01T05:40:22.553Z | 2025-11-03T13:31:21.726Z | |
| cve-2025-12038 | Folderly <= 0.3 - Incorrect Authorization to Authentic… |
wpfolderly |
Folderly |
2025-11-01T05:40:23.582Z | 2025-11-03T13:31:10.279Z | |
| cve-2025-11983 | WP Discourse <= 2.5.9 - Authenticated (Author+) Inform… |
scossar |
WP Discourse |
2025-11-01T05:40:23.063Z | 2025-11-03T13:31:15.868Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-188845 | Malicious code in procyon-lacerta-wezen-geochemistry (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188844 | Malicious code in procyon-json-dynamo-neutrino (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188843 | Malicious code in procyon-futurology-concurrently-sqlite (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188842 | Malicious code in procyon-cosmos-mutation-pyxis (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188841 | Malicious code in procyon-cluster-janus-fomalhaut (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188840 | Malicious code in procyon-aurora-zenith-indus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188839 | Malicious code in procyon-andromeda-configstore-javascript (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188838 | Malicious code in process-simulate-parse-integer-wind (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188837 | Malicious code in process-passport-eslint-config-speleology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188836 | Malicious code in process-outercore-nestjs-leda (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188835 | Malicious code in process-loopback-cosmos-leda (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188834 | Malicious code in process-loop-zenobia-optimize-css-assets-webpack-plugin (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188833 | Malicious code in process-float-sanitize-module-import (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188832 | Malicious code in process-daemon-pipe-try-bundle (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188831 | Malicious code in process-callisto-superagent-quark (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188830 | Malicious code in private-toml-nightwatch-rigel (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188829 | Malicious code in private-sadr-proxima-private (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188828 | Malicious code in private-husky-mensa-package (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188827 | Malicious code in private-enum-compress-upsilon-omega (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188826 | Malicious code in private-easy-string-decrypt-meta (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188825 | Malicious code in private-dorado-grunt-jupiter (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188824 | Malicious code in private-cluster-draco-mysql (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188823 | Malicious code in private-centauri-miranda-areology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188822 | Malicious code in private-abstract-optimize-view-rain (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188821 | Malicious code in primatology-technosignature-magnetosphere-parcel (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188820 | Malicious code in primatology-paleoecology-archaeoastronomy-chariklo (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188819 | Malicious code in primatology-paleoceanography-mineralogy-wolf (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188818 | Malicious code in primatology-middleware-planckscale-install (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188817 | Malicious code in primatology-impulse-decoherence-standard (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188816 | Malicious code in primatology-chromedriver-vortex-nebula (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:8816 | Red Hat Security Advisory: .NET 9.0 security update | 2025-06-11T08:09:22+00:00 | 2025-11-11T10:13:26+00:00 |
| rhsa-2025:8813 | Red Hat Security Advisory: .NET 8.0 security update | 2025-06-11T07:50:31+00:00 | 2025-11-11T10:13:26+00:00 |
| rhsa-2025:8812 | Red Hat Security Advisory: .NET 8.0 security update | 2025-06-11T07:50:31+00:00 | 2025-11-11T10:13:25+00:00 |
| rhsa-2025:8814 | Red Hat Security Advisory: .NET 8.0 security update | 2025-06-11T07:50:29+00:00 | 2025-11-11T10:13:26+00:00 |
| rhsa-2025:8807 | Red Hat Security Advisory: firefox security update | 2025-06-11T04:02:21+00:00 | 2025-11-06T23:43:00+00:00 |
| rhsa-2025:8796 | Red Hat Security Advisory: kernel security update | 2025-06-11T01:01:42+00:00 | 2025-11-07T15:42:57+00:00 |
| rhsa-2025:8784 | Red Hat Security Advisory: thunderbird security update | 2025-06-10T16:52:59+00:00 | 2025-11-06T23:15:42+00:00 |
| rhsa-2025:8756 | Red Hat Security Advisory: thunderbird security update | 2025-06-10T16:52:41+00:00 | 2025-11-06T23:15:42+00:00 |
| rhsa-2025:8743 | Red Hat Security Advisory: kernel security update | 2025-06-10T16:52:41+00:00 | 2025-11-08T06:49:23+00:00 |
| rhsa-2025:8744 | Red Hat Security Advisory: kernel-rt security update | 2025-06-10T16:52:39+00:00 | 2025-11-08T06:49:23+00:00 |
| rhsa-2025:8737 | Red Hat Security Advisory: golang security update | 2025-06-10T16:52:37+00:00 | 2025-11-13T16:49:11+00:00 |
| rhsa-2025:8761 | Red Hat Security Advisory: HawtIO 4.2.0 for Red Hat build of Apache Camel 4 Release and security update. | 2025-06-10T10:39:32+00:00 | 2025-11-13T16:46:46+00:00 |
| rhsa-2025:8560 | Red Hat Security Advisory: OpenShift Container Platform 4.18.17 bug fix and security update | 2025-06-10T06:26:36+00:00 | 2025-11-13T17:42:31+00:00 |
| rhsa-2025:8703 | Red Hat Security Advisory: perl-FCGI:0.78 security update | 2025-06-09T17:13:36+00:00 | 2025-11-11T11:27:34+00:00 |
| rhsa-2025:8704 | Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 10.17.1 product release | 2025-06-09T16:42:07+00:00 | 2025-11-13T16:46:46+00:00 |
| rhsa-2025:8696 | Red Hat Security Advisory: perl-FCGI:0.78 security update | 2025-06-09T15:31:59+00:00 | 2025-11-11T11:27:32+00:00 |
| rhsa-2025:8698 | Red Hat Security Advisory: perl-FCGI:0.78 security update | 2025-06-09T15:24:34+00:00 | 2025-11-11T11:27:33+00:00 |
| rhsa-2025:8697 | Red Hat Security Advisory: perl-FCGI security update | 2025-06-09T15:23:55+00:00 | 2025-11-11T11:27:32+00:00 |
| rhsa-2025:8686 | Red Hat Security Advisory: glibc security update | 2025-06-09T14:48:41+00:00 | 2025-11-06T23:43:00+00:00 |
| rhsa-2025:8689 | Red Hat Security Advisory: golang security update | 2025-06-09T14:35:25+00:00 | 2025-11-13T16:49:10+00:00 |
| rhsa-2025:8691 | Red Hat Security Advisory: RHSA: Submariner 0.20.1 - bug fix and enhancement update | 2025-06-09T14:26:17+00:00 | 2025-11-13T17:42:31+00:00 |
| rhsa-2025:8682 | Red Hat Security Advisory: grafana security update | 2025-06-09T14:22:44+00:00 | 2025-11-13T16:49:09+00:00 |
| rhsa-2025:8680 | Red Hat Security Advisory: grafana security update | 2025-06-09T14:11:50+00:00 | 2025-11-13T16:49:09+00:00 |
| rhsa-2025:8679 | Red Hat Security Advisory: grafana security update | 2025-06-09T14:03:19+00:00 | 2025-11-11T09:58:29+00:00 |
| rhsa-2025:8677 | Red Hat Security Advisory: perl-FCGI security update | 2025-06-09T14:03:04+00:00 | 2025-11-11T11:27:32+00:00 |
| rhsa-2025:8678 | Red Hat Security Advisory: perl-FCGI security update | 2025-06-09T14:02:14+00:00 | 2025-11-11T11:27:32+00:00 |
| rhsa-2025:8681 | Red Hat Security Advisory: grafana security update | 2025-06-09T13:59:24+00:00 | 2025-11-11T09:58:30+00:00 |
| rhsa-2025:8683 | Red Hat Security Advisory: grafana security update | 2025-06-09T13:59:19+00:00 | 2025-11-11T09:58:30+00:00 |
| rhsa-2025:8690 | Red Hat Security Advisory: Red Hat build of Keycloak 26.2.5 Security Update | 2025-06-09T13:57:15+00:00 | 2025-11-06T22:56:51+00:00 |
| rhsa-2025:8674 | Red Hat Security Advisory: mod_security security update | 2025-06-09T13:54:14+00:00 | 2025-11-11T12:35:09+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2024-8176 | Libexpat: expat: improper restriction of xml entity expansion depth in libexpat | 2025-03-02T00:00:00.000Z | 2025-04-12T00:00:00.000Z |
| msrc_cve-2024-7598 | Network restriction bypass via race condition during namespace termination | 2025-03-02T00:00:00.000Z | 2025-09-04T03:23:10.000Z |
| msrc_cve-2024-58089 | btrfs: fix double accounting race when btrfs_run_delalloc_range() failed | 2025-03-02T00:00:00.000Z | 2025-09-03T23:19:40.000Z |
| msrc_cve-2024-58088 | bpf: Fix deadlock when freeing cgroup storage | 2025-03-02T00:00:00.000Z | 2025-04-09T00:00:00.000Z |
| msrc_cve-2024-58083 | KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() | 2025-03-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2024-58076 | clk: qcom: gcc-sm6350: Add missing parent_map for two clocks | 2025-03-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2024-58071 | team: prevent adding a device which is already a team device lower | 2025-03-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2024-58069 | rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read | 2025-03-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2024-58063 | wifi: rtlwifi: fix memory leaks and invalid access at probe error path | 2025-03-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2024-58058 | ubifs: skip dumping tnc tree when zroot is null | 2025-03-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2024-58055 | usb: gadget: f_tcm: Don't free command immediately | 2025-03-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2024-58052 | drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table | 2025-03-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2024-55549 | xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue | 2025-03-02T00:00:00.000Z | 2025-04-01T00:00:00.000Z |
| msrc_cve-2024-48615 | Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function header_pax_extension at rchive_read_support_format_tar.c:1844:8. | 2025-03-02T00:00:00.000Z | 2025-04-11T00:00:00.000Z |
| msrc_cve-2024-45782 | Grub2: fs/hfs: strcpy() using the volume name (fs/hfs.c:382) | 2025-03-02T00:00:00.000Z | 2025-09-04T07:36:59.000Z |
| msrc_cve-2024-45780 | Grub2: fs/tar: integer overflow causes heap oob write | 2025-03-02T00:00:00.000Z | 2025-09-04T06:35:46.000Z |
| msrc_cve-2024-45779 | Grub2: fs/bfs: integer overflow leads to heap oob read in the bfs parser | 2025-03-02T00:00:00.000Z | 2025-09-04T06:42:54.000Z |
| msrc_cve-2024-45778 | Grub2: fs/bfs: integer overflow in the bfs parser. | 2025-03-02T00:00:00.000Z | 2025-09-04T08:11:42.000Z |
| msrc_cve-2024-40635 | containerd has an integer overflow in User ID handling | 2025-03-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2024-12905 | An Improper Link Resolution Before File Access ("Link Following") and Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal"). This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorized file writes or overwrites outside the intended extraction directory. The issue is associated with index.js in the tar-fs package. This issue affects tar-fs: from 0.0.0 before 1.16.4, from 2.0.0 before 2.1.2, from 3.0.0 before 3.0.8. | 2025-03-02T00:00:00.000Z | 2025-04-11T00:00:00.000Z |
| msrc_cve-2023-53008 | cifs: fix potential memory leaks in session setup | 2025-03-02T00:00:00.000Z | 2025-09-03T23:34:11.000Z |
| msrc_cve-2023-53002 | drm/i915: Fix a memory leak with reused mmap_offset | 2025-03-02T00:00:00.000Z | 2025-09-03T23:37:44.000Z |
| msrc_cve-2023-53001 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 2025-03-02T00:00:00.000Z | 2025-09-04T00:24:12.000Z |
| msrc_cve-2023-52979 | squashfs: harden sanity check in squashfs_read_xattr_id_table | 2025-03-02T00:00:00.000Z | 2025-09-03T22:18:39.000Z |
| msrc_cve-2023-52970 | MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where. | 2025-03-02T00:00:00.000Z | 2025-09-03T21:37:16.000Z |
| msrc_cve-2023-52969 | MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2. | 2025-03-02T00:00:00.000Z | 2025-09-03T21:40:13.000Z |
| msrc_cve-2023-52939 | mm: memcg: fix NULL pointer in mem_cgroup_track_foreign_dirty_slowpath() | 2025-03-02T00:00:00.000Z | 2025-09-04T00:26:59.000Z |
| msrc_cve-2023-52935 | mm/khugepaged: fix ->anon_vma race | 2025-03-02T00:00:00.000Z | 2025-09-03T21:50:22.000Z |
| msrc_cve-2023-52927 | netfilter: allow exp not to be removed in nf_ct_find_expectation | 2025-03-02T00:00:00.000Z | 2025-09-04T03:00:35.000Z |
| msrc_cve-2022-49750 | cpufreq: CPPC: Add u64 casts to avoid overflowing | 2025-03-02T00:00:00.000Z | 2025-09-03T23:40:42.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2016-000116 | WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting | 2016-06-24T13:43+09:00 | 2016-06-29T16:05+09:00 |
| jvndb-2016-000115 | WordPress plugin "Welcart e-Commerce" vulnerable to PHP object injection | 2016-06-24T13:43+09:00 | 2016-06-29T16:04+09:00 |
| jvndb-2016-000109 | CG-WLR300GNV Series does not limit authentication attempts | 2016-06-22T14:57+09:00 | 2016-06-29T16:04+09:00 |
| jvndb-2016-000108 | CG-WLBARAGM vulnerable to denial-of-service (DoS) | 2016-06-22T14:57+09:00 | 2016-06-29T16:04+09:00 |
| jvndb-2016-000107 | CG-WLBARGL vulnerable to command injection | 2016-06-22T14:56+09:00 | 2016-06-29T16:03+09:00 |
| jvndb-2016-000113 | Apache Struts vulnerable to input validation bypass | 2016-06-20T17:20+09:00 | 2022-08-09T14:10+09:00 |
| jvndb-2016-000112 | Apache Struts vulnerable to validation bypass in Getter method | 2016-06-20T17:19+09:00 | 2022-08-09T14:08+09:00 |
| jvndb-2016-000111 | Apache Struts vulnerable to cross-site request forgery | 2016-06-20T17:18+09:00 | 2022-08-09T14:05+09:00 |
| jvndb-2016-000114 | Apache Struts vulnerable to denial-of-service (DoS) | 2016-06-20T16:36+09:00 | 2016-08-03T16:20+09:00 |
| jvndb-2016-000110 | Apache Struts vulnerable to remote code execution | 2016-06-20T16:36+09:00 | 2016-08-03T16:19+09:00 |
| jvndb-2016-000103 | Deep Discovery Inspector vulnerable to remote code execution | 2016-06-16T14:03+09:00 | 2016-07-12T15:03+09:00 |
| jvndb-2016-000101 | ETX-R vulnerable to denial-of-service (DoS) | 2016-06-14T14:00+09:00 | 2016-06-23T12:20+09:00 |
| jvndb-2016-000100 | ETX-R vulnerable to cross-site request forgery | 2016-06-14T13:55+09:00 | 2016-06-23T17:12+09:00 |
| jvndb-2016-000099 | DX Library vulnerable to remote code execution | 2016-06-08T14:30+09:00 | 2016-06-27T11:32+09:00 |
| jvndb-2016-000098 | TERASOLUNA Server Framework for Java(WEB) access restriction bypass vulnerability in the file extention filter | 2016-06-07T16:26+09:00 | 2016-06-27T11:32+09:00 |
| jvndb-2016-000097 | Apache Struts 1 vulnerable to input validation bypass | 2016-06-07T16:26+09:00 | 2016-12-05T16:59+09:00 |
| jvndb-2016-000096 | Apache Struts 1 vulnerability that allows unintended remote operations against components on memory | 2016-06-07T16:26+09:00 | 2017-02-20T15:42+09:00 |
| jvndb-2016-000089 | Trend Micro enterprise products HTTP header injection vulnerability | 2016-06-02T16:18+09:00 | 2016-06-22T17:58+09:00 |
| jvndb-2016-000088 | Trend Micro Internet Security vulnerable to arbitrary script execution | 2016-06-02T16:18+09:00 | 2016-06-22T18:08+09:00 |
| jvndb-2016-000074 | Trend Micro enterprise products directory traversal vulnerability | 2016-06-02T16:18+09:00 | 2016-06-22T17:56+09:00 |
| jvndb-2016-000073 | Trend Micro Internet Security access restriction flaw | 2016-06-02T16:18+09:00 | 2016-06-22T18:12+09:00 |
| jvndb-2016-000095 | Cybozu Garoon logging function vulnerable to directory traversal | 2016-05-30T16:18+09:00 | 2016-06-23T17:49+09:00 |
| jvndb-2016-000094 | Cybozu Garoon function "MultiReport" vulnerable to access restriction bypass | 2016-05-30T16:18+09:00 | 2016-06-28T17:01+09:00 |
| jvndb-2016-000093 | Cybozu Garoon function "Portlets" vulnerable to access restriction bypass | 2016-05-30T16:18+09:00 | 2016-06-28T17:01+09:00 |
| jvndb-2016-000085 | Cybozu Garoon fails to restrict access permissions | 2016-05-30T16:18+09:00 | 2016-06-23T17:43+09:00 |
| jvndb-2016-000084 | Cybozu Garoon vulnerable to cross-site scripting | 2016-05-30T16:18+09:00 | 2016-06-23T17:09+09:00 |
| jvndb-2016-000083 | Cybozu Garoon vulnerable to cross-site scripting | 2016-05-30T16:18+09:00 | 2016-06-23T17:05+09:00 |
| jvndb-2016-000082 | Cybozu Garoon fails to restrict access permissions | 2016-05-30T16:18+09:00 | 2016-06-23T17:35+09:00 |
| jvndb-2016-000081 | Cybozu Garoon vulnerable to open redirect | 2016-05-30T16:18+09:00 | 2016-06-23T17:06+09:00 |
| jvndb-2016-000080 | Cybozu Garoon vulnerable to denial-of-service (DoS) | 2016-05-30T16:18+09:00 | 2017-05-23T16:23+09:00 |
| ID | Description | Updated |
|---|