Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-wv6c-g43h-2hgj | This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation if a … | 2025-10-31T00:30:35Z | 2025-10-31T00:30:35Z |
| ghsa-v532-7c4x-249v | A vulnerability was identified in certain UniFi Talk devices where internal debugging functionality… | 2025-10-31T00:30:35Z | 2025-11-03T18:31:51Z |
| ghsa-p9vf-j43m-6hqh | Nagios XI versions prior to 2026R1 contain a remote code execution vulnerability in the Core Confi… | 2025-10-31T00:30:35Z | 2025-11-06T18:32:49Z |
| ghsa-p92h-63r7-c5hj | Nagios XI versions prior to 2024R2 contain a command injection vulnerability in the WinRM plugin. I… | 2025-10-31T00:30:35Z | 2025-11-06T18:32:49Z |
| ghsa-mfh4-q3x5-4cxg | A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domai… | 2025-10-31T00:30:35Z | 2025-10-31T15:30:30Z |
| ghsa-gvrp-ffhh-698m | Nagios XI versions prior to 2024R2 contain an improperly owned script, process_perfdata.pl, which i… | 2025-10-31T00:30:35Z | 2025-11-06T18:32:49Z |
| ghsa-cxmv-3hc7-9rh3 | Nagios Log Server versions prior to 2024R1.3.2 contain a privilege escalation vulnerability in the … | 2025-10-31T00:30:35Z | 2025-11-06T18:32:49Z |
| ghsa-7pmf-h72m-cp8q | SQL injection in Revive Adserver 6.0.0 causes potential disruption or information access when speci… | 2025-10-31T00:30:35Z | 2025-11-03T18:31:51Z |
| ghsa-5w5v-4m3m-w7hq | In Brave Browser Desktop versions prior to 1.83.10 that have the split view feature enabled, the "O… | 2025-10-31T00:30:35Z | 2025-10-31T00:30:35Z |
| ghsa-38j8-hq5r-g743 | A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code ex… | 2025-10-31T00:30:35Z | 2025-10-31T00:30:35Z |
| ghsa-2rj5-gh6q-72fp | A malicious actor with access to the management network could exploit a misconfiguration in UniFi’s… | 2025-10-31T00:30:35Z | 2025-10-31T15:30:31Z |
| ghsa-2qfp-q593-8484 | Scrapy with Brotli is vulnerable to a denial of service (DoS) attack due to decompression | 2025-10-31T00:30:35Z | 2025-11-07T19:11:50Z |
| ghsa-2q3x-64cr-5mp5 | LibreChat version 0.7.9 is vulnerable to a Denial of Service (DoS) attack due to unbounded paramete… | 2025-10-31T00:30:35Z | 2025-10-31T00:30:35Z |
| ghsa-2hxf-5ppp-g398 | A reflected Cross-Site Scripting (XSS) vulnerability has been identified in Revive Adserver version… | 2025-10-31T00:30:35Z | 2025-11-03T18:31:51Z |
| ghsa-wfgh-85mw-92mc | Nagios XI versions prior to 2024R1.0.1 contain a privilege escalation vulnerability in the System P… | 2025-10-31T00:30:34Z | 2025-11-06T18:32:48Z |
| ghsa-vg8x-3rq9-ch3c | Nagios Network Analyzer versions prior to 2024R2.0.1 contain a vulnerability in the LDAP certificat… | 2025-10-31T00:30:34Z | 2025-11-06T18:32:49Z |
| ghsa-rf89-4p8m-fgwp | Nagios Log Server versions prior to 2024R1 contain a stored cross-site scripting (XSS) vulnerabilit… | 2025-10-31T00:30:34Z | 2025-11-10T21:30:31Z |
| ghsa-r59m-f4mx-6pwc | Nagios XI versions prior to 2024R1.2 are vulnerable to remote code execution (RCE) through its NRDP… | 2025-10-31T00:30:34Z | 2025-11-06T18:32:47Z |
| ghsa-qwgp-62r6-68mw | Nagios XI versions prior to 2024R1.1.4 contain a local file inclusion (LFI) vulnerability via its N… | 2025-10-31T00:30:34Z | 2025-11-06T18:32:47Z |
| ghsa-pc79-p3cx-hcjp | Nagios Log Server versions prior to 2024R1.3.1 contain a code injection vulnerability where malform… | 2025-10-31T00:30:34Z | 2025-11-06T18:32:48Z |
| ghsa-m92p-3ph9-r4g2 | Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting (XSS) via the Capacit… | 2025-10-31T00:30:34Z | 2025-11-06T18:32:47Z |
| ghsa-j4xf-q36g-r48v | Nagios XI versions prior to 2024R1.3.2 contain a remote command execution vulnerability in the WinR… | 2025-10-31T00:30:34Z | 2025-11-06T18:32:48Z |
| ghsa-h24p-c667-33hr | Nagios XI versions prior to 2024R1.2.2 contain a host header injection vulnerability. The applicati… | 2025-10-31T00:30:34Z | 2025-11-06T18:32:48Z |
| ghsa-gc26-2m4x-94qw | Nagios XI versions prior to 2024R1.2 contain a privilege escalation vulnerability related to NagVis… | 2025-10-31T00:30:34Z | 2025-11-06T18:32:47Z |
| ghsa-g889-qrp9-qwxw | Nagios Fusion versions prior to 2024R2.1 contain a brute-force bypass in the Two-Factor Authenticat… | 2025-10-31T00:30:34Z | 2025-11-07T21:31:19Z |
| ghsa-fv44-8gjm-pj66 | Nagios XI versions prior to 2024R1.4.2 configure some systemd unit files with permission sets that … | 2025-10-31T00:30:34Z | 2025-11-06T18:32:48Z |
| ghsa-fmr7-xm73-cwcf | Nagios Log Server versions prior to 2024R2.0.3 contain an execution with unnecessary privileges vul… | 2025-10-31T00:30:34Z | 2025-11-06T18:32:48Z |
| ghsa-7h56-968g-xcq3 | Nagios XI versions prior to 2024R1.4.2 contain a remote code execution vulnerability in the Busines… | 2025-10-31T00:30:34Z | 2025-11-06T18:32:48Z |
| ghsa-7c96-f262-gcw8 | Nagios Log Server versions prior to 2024R2.0.3 contain an incorrect authorization vulnerability tha… | 2025-10-31T00:30:34Z | 2025-11-06T18:32:48Z |
| ghsa-75j9-fg6j-3gvg | Nagios Network Analyzer versions prior to 2024R1 contain a stored cross-site scripting (XSS) vulner… | 2025-10-31T00:30:34Z | 2025-11-06T18:32:48Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-64360 | N/A | WordPress Consulting Elementor Widgets plugin <= 1.4.2… |
StylemixThemes |
Consulting Elementor Widgets |
2025-10-31T11:42:32.330Z | 2025-11-13T10:33:49.917Z |
| cve-2025-64359 | N/A | WordPress Consulting theme < 6.7.5 - Local File Inclus… |
StylemixThemes |
Consulting |
2025-10-31T11:42:31.602Z | 2025-11-13T10:33:49.693Z |
| cve-2025-64358 | N/A | WordPress Smart Coupons for WooCommerce plugin <= 2.2.… |
WebToffee |
Smart Coupons for WooCommerce |
2025-10-31T11:42:28.439Z | 2025-11-13T10:33:49.682Z |
| cve-2025-64357 | N/A | WordPress Advanced Database Cleaner plugin <= 3.1.6 - … |
Younes JFR. |
Advanced Database Cleaner |
2025-10-31T11:42:27.627Z | 2025-11-13T10:33:49.623Z |
| cve-2025-64356 | N/A | WordPress Insert PHP Code Snippet plugin <= 1.4.3 - Br… |
f1logic |
Insert PHP Code Snippet |
2025-10-31T11:42:26.908Z | 2025-11-13T10:33:49.626Z |
| cve-2025-64354 | N/A | WordPress Gutenberg plugin <= 21.8.2 - Cross Site Scri… |
Matias Ventura |
Gutenberg |
2025-10-31T11:42:26.178Z | 2025-11-13T10:33:49.515Z |
| cve-2025-64353 | N/A | WordPress Polylang plugin <= 3.7.3 - Deserialization o… |
Chouby |
Polylang |
2025-10-31T11:42:25.417Z | 2025-11-13T10:33:49.498Z |
| cve-2025-64352 | N/A | WordPress Essential Addons for Elementor plugin <= 6.2… |
WPDeveloper |
Essential Addons for Elementor |
2025-10-31T11:42:23.045Z | 2025-11-13T10:33:49.526Z |
| cve-2025-64351 | N/A | WordPress Rank Math SEO plugin <= 1.0.252.1 - Sensitiv… |
Rank Math SEO |
Rank Math SEO |
2025-10-31T11:42:22.226Z | 2025-11-13T10:33:49.501Z |
| cve-2025-64350 | N/A | WordPress Rank Math SEO plugin <= 1.0.252.1 - Broken A… |
Rank Math SEO |
Rank Math SEO |
2025-10-31T11:42:17.908Z | 2025-11-13T10:33:49.500Z |
| cve-2025-40603 | N/A | A potential exposure of sensitive information in … |
SonicWall |
SMA100 |
2025-10-31T11:01:35.618Z | 2025-10-31T18:53:53.156Z |
| cve-2025-11602 | 6.3 (v4.0) | Untargeted information leak in Bolt protocol handshake |
neo4j |
Enterprise Edition |
2025-10-31T10:20:17.254Z | 2025-10-31T11:37:44.777Z |
| cve-2025-11843 | 8.8 (v4.0) | Therefore™ Online and Therefore™ On-Premises contains … |
Therefore Corporation GmbH |
Therefore Online and Therefore On-Premises |
2025-10-31T09:43:08.597Z | 2025-10-31T18:52:36.823Z |
| cve-2025-40106 | N/A | comedi: fix divide-by-zero in comedi_buf_munge() |
Linux |
Linux |
2025-10-31T09:41:46.740Z | 2025-10-31T09:41:46.740Z |
| cve-2025-12115 | WPC Name Your Price for WooCommerce <= 2.1.9 - Unauthe… |
wpclever |
WPC Name Your Price for WooCommerce |
2025-10-31T09:27:21.530Z | 2025-10-31T18:43:39.464Z | |
| cve-2025-12041 | ERI File Library <= 1.1.0 - Missing Authorization to U… |
apos37 |
ERI File Library |
2025-10-31T09:27:20.353Z | 2025-10-31T18:43:16.544Z | |
| cve-2025-30189 | 7.4 (v3.1) | When cache is enabled, some passdb/userdb drivers… |
Open-Xchange GmbH |
OX Dovecot Pro |
2025-10-31T09:02:33.273Z | 2025-11-04T21:09:57.944Z |
| cve-2025-30191 | 5.4 (v3.1) | Malicious content from E-Mail can be used to perf… |
Open-Xchange GmbH |
OX App Suite |
2025-10-31T08:54:42.202Z | 2025-10-31T18:27:58.679Z |
| cve-2025-30188 | 7.5 (v3.1) | Malicious or unintentional API requests can be us… |
Open-Xchange GmbH |
OX App Suite |
2025-10-31T08:54:41.426Z | 2025-10-31T18:10:29.713Z |
| cve-2025-62232 | Apache APISIX: basic-auth logs plaintext credentials a… |
Apache Software Foundation |
Apache APISIX |
2025-10-31T08:48:23.592Z | 2025-10-31T13:58:14.534Z | |
| cve-2025-8383 | Depicter <= 4.0.4 - Cross-Site Request Forgery |
averta |
Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel |
2025-10-31T08:25:55.580Z | 2025-10-31T17:51:16.878Z | |
| cve-2025-12094 | OOPSpam Anti-Spam: Spam Protection for WordPress Forms… |
oopspam |
OOPSpam Anti-Spam: Spam Protection for WordPress Forms & Comments (No CAPTCHA) |
2025-10-31T08:25:55.153Z | 2025-10-31T14:18:40.788Z | |
| cve-2025-12175 | The Events Calendar <= 6.15.9 - Missing Authorization … |
stellarwp |
The Events Calendar |
2025-10-31T08:25:54.534Z | 2025-10-31T17:48:37.987Z | |
| cve-2025-6520 | 9.8 (v3.1) | SQLi in Abis Technology's BAPSIS |
Abis Technology |
BAPSIS |
2025-10-31T07:44:20.397Z | 2025-10-31T17:27:27.106Z |
| cve-2025-8385 | Zombify <= 1.7.5 - Authenticated (Subscriber+) Path Tr… |
PX-lab |
Zombify |
2025-10-31T07:26:40.967Z | 2025-10-31T07:26:40.967Z | |
| cve-2025-10897 | WooCommerce Designer Pro <= 1.9.28 - Unauthenticated A… |
JMA Plugins |
WooCommerce Designer Pro |
2025-10-31T07:26:39.837Z | 2025-10-31T17:18:59.208Z | |
| cve-2025-7846 | WordPress User Extra Fields <= 16.7 - Authenticated (S… |
vanquish |
WordPress User Extra Fields |
2025-10-31T06:42:56.125Z | 2025-10-31T14:26:13.340Z | |
| cve-2025-8489 | King Addons for Elementor – Free Elements, Widgets, Te… |
kingaddons |
King Addons for Elementor – 4,000+ ready Elementor sections, 650+ templates, 70+ FREE widgets for Elementor |
2025-10-31T06:42:55.486Z | 2025-10-31T06:42:55.486Z | |
| cve-2025-5397 | Jobmonster - Job Board WordPress Theme <= 4.8.1 - Auth… |
Unknown |
Noo JobMonster |
2025-10-31T06:42:54.832Z | 2025-10-31T14:40:20.080Z | |
| cve-2025-11191 | N/A | RealPress < 1.1.0 - Unauthenticated Content Creation/E… |
Unknown |
RealPress |
2025-10-31T06:00:03.402Z | 2025-10-31T14:03:01.749Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-12553 | 10 (v4.0) | Server Certificate Verification Disabled |
Azure Access Technology |
BLU-IC2 |
2025-10-31T15:48:29.402Z | 2025-10-31T18:36:54.940Z |
| cve-2025-12552 | 6.9 (v4.0) | Insufficient Password Policy |
Azure Access Technology |
BLU-IC2 |
2025-10-31T15:43:44.961Z | 2025-10-31T18:24:19.770Z |
| cve-2025-12509 | 8.4 (v3.1) | Scripts for the module Global_Shipping executable on B… |
Bizerba |
BRAIN2 |
2025-10-31T15:51:25.120Z | 2025-10-31T17:43:51.160Z |
| cve-2025-12508 | 8.4 (v3.1) | Unencrypted communication to Active Directory services |
Bizerba |
BRAIN2 |
2025-10-31T15:49:54.429Z | 2025-10-31T17:44:27.867Z |
| cve-2025-12507 | 8.8 (v3.1) | Insecure service configuration – unquoted path |
Bizerba |
_connect.BRAIN |
2025-10-31T15:48:36.371Z | 2025-10-31T18:17:20.171Z |
| cve-2025-12357 | 8.3 (v3.1) 7.2 (v4.0) | International Standards Organization ISO 15118-2 Impro… |
ISO 15118-2 Network and Application Protocol Requirements |
EV Car Chargers |
2025-10-31T15:33:48.343Z | 2025-11-03T19:01:59.520Z |
| cve-2025-64389 | 8.3 (v4.0) | EXCHANGE OF SENSITIVE INFORMATION IN CLEAR TEXT |
Circutor |
TCPRS1plus |
2025-10-31T14:19:48.833Z | 2025-11-03T19:11:41.770Z |
| cve-2025-64388 | 9.2 (v4.0) | Denial of service through specific packets |
Circutor |
TCPRS1plus |
2025-10-31T14:17:00.827Z | 2025-11-03T15:47:20.502Z |
| cve-2025-64387 | 5.1 (v4.0) | CLICKJACKING |
Circutor |
TCPRS1plus |
2025-10-31T14:12:55.199Z | 2025-11-03T15:48:02.400Z |
| cve-2025-64385 | 9.2 (v4.0) | INCORRECT SECURITY VALIDATION IN SENDING UDP FRAMES |
Circutor |
TCPRS1plus |
2025-10-31T14:23:06.442Z | 2025-11-03T19:06:16.313Z |
| cve-2025-64168 | Agno session state overwrites between different sessio… |
agno-agi |
agno |
2025-10-31T14:58:54.447Z | 2025-10-31T15:39:39.368Z | |
| cve-2025-61427 | N/A | A reflected cross-site scripting (XSS) vulnerabil… |
n/a |
n/a |
2025-10-31T00:00:00.000Z | 2025-10-31T18:12:04.372Z |
| cve-2025-60749 | N/A | DLL Hijacking vulnerability in Trimble SketchUp d… |
n/a |
n/a |
2025-10-31T00:00:00.000Z | 2025-10-31T15:14:28.333Z |
| cve-2025-57108 | N/A | Kitware VTK (Visualization Toolkit) through 9.5.0… |
n/a |
n/a |
2025-10-31T00:00:00.000Z | 2025-10-31T19:07:13.950Z |
| cve-2025-57107 | N/A | Kitware VTK (Visualization Toolkit) through 9.5.0… |
n/a |
n/a |
2025-10-31T00:00:00.000Z | 2025-10-31T18:06:36.870Z |
| cve-2025-57106 | N/A | Kitware VTK (Visualization Toolkit) up to 9.5.0 i… |
n/a |
n/a |
2025-10-31T00:00:00.000Z | 2025-10-31T18:15:02.749Z |
| cve-2025-12501 | N/A | Integer overflow in GameMaker IDE below 2024.14.0… |
Opera Norway AS |
GameMaker IDE |
2025-10-31T14:10:19.919Z | 2025-10-31T14:53:19.356Z |
| cve-2025-64386 | 7.7 (v4.0) | HIJACKING OF THE TOKEN AND GAINING ACCESS |
Circutor |
TCPRS1plus |
2025-10-31T13:42:32.743Z | 2025-11-03T15:51:03.421Z |
| cve-2025-12521 | Analytify Pro <= 7.0.3 - Unauthenticated Information E… |
Analytify |
Analytify Pro |
2025-10-31T13:48:35.882Z | 2025-11-03T14:22:19.957Z | |
| cve-2025-12460 | 5.3 (v4.0) | Stored XSS vulnerability in Afterlogic Aurora webmail |
Afterlogic |
Aurora |
2025-10-31T13:53:58.574Z | 2025-10-31T14:09:59.967Z |
| cve-2025-4952 | 6.8 (v4.0) | Denial-of-service vulnerability in ESET security produ… |
ESET |
ESET NOD32 Antivirus |
2025-10-31T12:28:15.267Z | 2025-10-31T14:18:16.911Z |
| cve-2025-36249 | 3.7 (v3.1) | IBM Jazz for Service Management is vulnerable to "filt… |
IBM |
Jazz for Service Management |
2025-10-31T13:05:32.799Z | 2025-10-31T13:43:40.821Z |
| cve-2025-33003 | 7.8 (v3.1) | IBM InfoSphere Information Server is vulnerable to pri… |
IBM |
InfoSphere Information Server |
2025-10-31T13:04:31.204Z | 2025-11-01T03:55:53.966Z |
| cve-2024-13992 | 5.1 (v4.0) | Nagios XI < 2024R1.1 XSS via Missing Page / 404 |
Nagios |
XI |
2025-10-31T12:35:56.137Z | 2025-10-31T14:12:56.713Z |
| cve-2025-64368 | N/A | WordPress Bard theme <= 1.6 - Cross Site Request Forge… |
Mikado-Themes |
Bard |
2025-10-31T11:42:40.843Z | 2025-11-13T10:33:49.929Z |
| cve-2025-64367 | N/A | WordPress Groundhogg plugin <= 4.2.6 - Cross Site Scri… |
Adrian Tobey |
Groundhogg |
2025-10-31T11:42:40.076Z | 2025-11-13T10:33:49.935Z |
| cve-2025-64366 | N/A | WordPress MasterStudy LMS plugin <= 3.6.27 - SQL Injec… |
Stylemix |
MasterStudy LMS |
2025-10-31T11:42:39.301Z | 2025-11-13T10:33:49.936Z |
| cve-2025-64365 | N/A | WordPress Ohio Extra plugin <= 3.6.0 - Cross Site Scri… |
colabrio |
Ohio Extra |
2025-10-31T11:42:38.588Z | 2025-11-13T10:33:49.895Z |
| cve-2025-64364 | N/A | WordPress Masterstudy theme < 4.8.126 - Local File Inc… |
StylemixThemes |
Masterstudy |
2025-10-31T11:42:37.865Z | 2025-11-13T10:33:49.921Z |
| cve-2025-64363 | N/A | WordPress Kleo theme < 5.5.0 - Local File Inclusion vu… |
SeventhQueen |
Kleo |
2025-10-31T11:42:37.131Z | 2025-11-13T10:33:49.915Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-188756 | Malicious code in pm2-development-postcss-callback (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188755 | Malicious code in plutology-sass-loader-mongoose-extremophile (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188754 | Malicious code in plutology-release-it-despina-arcturus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188753 | Malicious code in plutology-meteor-xerxes-readable (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188752 | Malicious code in plutology-fusion-interstellarmedium-miranda (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188751 | Malicious code in plutology-cosmicray-fornax-babel (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188750 | Malicious code in plutology-async-firebase-run-script (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188749 | Malicious code in plutology-ariel-subscription-meissa (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188748 | Malicious code in plutology-alphard-achernar-antd (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188747 | Malicious code in playwright-wormhole-phylogenetics-inflation (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188746 | Malicious code in playwright-sqlite-neptunology-quasar (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188745 | Malicious code in playwright-rimraf-version-coronalmassejection (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188744 | Malicious code in playwright-quasar-tachyon-thuban (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188743 | Malicious code in playwright-phylogenetics-eigenstate-hexo (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188742 | Malicious code in playwright-dotenv-parse-variables-parcel-less (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188741 | Malicious code in playwright-asthenosphere-norma-cassini (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188740 | Malicious code in planetology-virgo-archaeometry-envconfig (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188739 | Malicious code in planetology-stratosphere-library-csrf (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188738 | Malicious code in planetology-sociobiology-spawn-deimos (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188737 | Malicious code in planetology-phenomic-accretion-galaxy (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188736 | Malicious code in planetology-neptune-bellatrix-on (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188735 | Malicious code in planetology-deneb-betelgeuse-ini (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188734 | Malicious code in planetology-borealis-nashira-celeste (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188733 | Malicious code in planetology-biogeochemistry-areology-equinox (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188732 | Malicious code in planckscale-webpack-json-neptunology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188731 | Malicious code in planckscale-ora-envconfig-antares (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188730 | Malicious code in planckscale-lynx-global-transform (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188729 | Malicious code in planckscale-augmentedreality-relay-planckscale (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188728 | Malicious code in pipe-wavefunction-test-redis (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188727 | Malicious code in pipe-virgo-perseus-auth (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:8510 | Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.7 security and bug fix update | 2025-06-04T12:26:00+00:00 | 2025-11-13T23:02:06+00:00 |
| rhsa-2025:8299 | Red Hat Security Advisory: OpenShift Container Platform 4.15.52 bug fix and security update | 2025-06-04T12:16:12+00:00 | 2025-11-13T23:02:03+00:00 |
| rhsa-2025:8507 | Red Hat Security Advisory: thunderbird security update | 2025-06-04T11:46:07+00:00 | 2025-11-06T23:15:39+00:00 |
| rhsa-2025:8280 | Red Hat Security Advisory: OpenShift Container Platform 4.17.32 bug fix and security update | 2025-06-04T09:19:59+00:00 | 2025-11-13T23:02:03+00:00 |
| rhsa-2025:8482 | Red Hat Security Advisory: libsoup security update | 2025-06-04T03:49:50+00:00 | 2025-11-06T23:15:39+00:00 |
| rhsa-2025:8480 | Red Hat Security Advisory: libsoup security update | 2025-06-04T03:41:29+00:00 | 2025-11-06T23:15:38+00:00 |
| rhsa-2025:8481 | Red Hat Security Advisory: libsoup security update | 2025-06-04T03:34:04+00:00 | 2025-11-06T23:15:39+00:00 |
| rhsa-2025:8479 | Red Hat Security Advisory: RHODF-4.16-RHEL-9 security update | 2025-06-04T01:58:44+00:00 | 2025-11-13T23:02:06+00:00 |
| rhsa-2025:8301 | Red Hat Security Advisory: OpenShift Container Platform 4.15.52 security and extras update | 2025-06-04T00:50:17+00:00 | 2025-11-11T16:07:18+00:00 |
| rhsa-2025:8478 | Red Hat Security Advisory: go-toolset:rhel8 security update | 2025-06-04T00:45:24+00:00 | 2025-11-14T00:56:21+00:00 |
| rhsa-2025:8392 | Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.9.9 bug fixes and container updates | 2025-06-04T00:41:53+00:00 | 2025-11-13T23:02:05+00:00 |
| rhsa-2025:8476 | Red Hat Security Advisory: golang security update | 2025-06-04T00:30:09+00:00 | 2025-11-14T00:56:20+00:00 |
| rhsa-2025:8477 | Red Hat Security Advisory: golang security update | 2025-06-04T00:26:24+00:00 | 2025-11-14T00:56:25+00:00 |
| rhsa-2025:8465 | Red Hat Security Advisory: firefox security update | 2025-06-03T16:45:58+00:00 | 2025-11-06T23:42:57+00:00 |
| rhsa-2025:8284 | Red Hat Security Advisory: OpenShift Container Platform 4.18.16 bug fix and security update | 2025-06-03T10:16:45+00:00 | 2025-11-13T23:02:03+00:00 |
| rhsa-2025:8432 | Red Hat Security Advisory: perl-CPAN security update | 2025-06-03T07:45:18+00:00 | 2025-10-28T01:41:23+00:00 |
| rhsa-2025:8421 | Red Hat Security Advisory: ghostscript security update | 2025-06-03T02:19:38+00:00 | 2025-11-06T23:15:38+00:00 |
| rhsa-2025:8411 | Red Hat Security Advisory: krb5 security update | 2025-06-03T01:28:14+00:00 | 2025-11-13T11:42:40+00:00 |
| rhsa-2025:8427 | Red Hat Security Advisory: pandoc security update | 2025-06-03T00:43:18+00:00 | 2025-11-08T06:42:42+00:00 |
| rhsa-2025:8431 | Red Hat Security Advisory: java-1.8.0-ibm security update | 2025-06-03T00:37:57+00:00 | 2025-11-11T07:51:21+00:00 |
| rhsa-2025:8258 | Red Hat Security Advisory: Red Hat build of Quarkus 3.20.1 release | 2025-06-02T21:25:36+00:00 | 2025-11-06T23:35:12+00:00 |
| rhsa-2025:8395 | Red Hat Security Advisory: rsync security update | 2025-06-02T21:24:57+00:00 | 2025-11-08T04:24:28+00:00 |
| rhsa-2025:8390 | Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.4.9 security updates and bug fixes | 2025-06-02T17:37:18+00:00 | 2025-11-13T23:02:05+00:00 |
| rhsa-2025:8391 | Red Hat Security Advisory: thunderbird security update | 2025-06-02T17:30:47+00:00 | 2025-11-06T23:15:38+00:00 |
| rhsa-2025:8384 | Red Hat Security Advisory: Red Hat multicluster global hub 1.4.1 bug fixes and container updates | 2025-06-02T14:56:45+00:00 | 2025-11-13T23:02:04+00:00 |
| rhsa-2025:8385 | Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage | 2025-06-02T14:07:46+00:00 | 2025-11-07T18:40:26+00:00 |
| rhsa-2025:8374 | Red Hat Security Advisory: kernel security update | 2025-06-02T10:12:06+00:00 | 2025-11-11T08:33:05+00:00 |
| rhsa-2025:8370 | Red Hat Security Advisory: firefox security update | 2025-06-02T08:02:01+00:00 | 2025-11-06T23:42:56+00:00 |
| rhsa-2025:8369 | Red Hat Security Advisory: firefox security update | 2025-06-02T08:01:16+00:00 | 2025-11-06T23:42:56+00:00 |
| rhsa-2025:8371 | Red Hat Security Advisory: firefox security update | 2025-06-02T07:59:46+00:00 | 2025-11-06T23:42:56+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-21748 | ksmbd: fix integer overflows on 32 bit systems | 2025-02-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21745 | blk-cgroup: Fix class @block_class's subsystem refcount leakage | 2025-02-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21744 | wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() | 2025-02-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21743 | usbnet: ipheth: fix possible overflow in DPE length check | 2025-02-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21742 | usbnet: ipheth: use static NDP16 location in URB | 2025-02-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21741 | usbnet: ipheth: fix DPE OoB read | 2025-02-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21736 | nilfs2: fix possible int overflows in nilfs_fiemap() | 2025-02-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21735 | NFC: nci: Add bounds checking in nci_hci_create_pipe() | 2025-02-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21732 | RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error | 2025-02-02T00:00:00.000Z | 2025-09-04T00:16:07.000Z |
| msrc_cve-2025-21731 | nbd: don't allow reconnect after disconnect | 2025-02-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21727 | padata: fix UAF in padata_reorder | 2025-02-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21722 | nilfs2: do not force clear folio if buffer is referenced | 2025-02-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21718 | net: rose: fix timer races against user threads | 2025-02-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21716 | vxlan: Fix uninit-value in vxlan_vnifilter_dump() | 2025-02-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21715 | net: davicom: fix UAF in dm9000_drv_remove | 2025-02-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21711 | net/rose: prevent integer overflows in rose_setsockopt() | 2025-02-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21707 | mptcp: consolidate suboption status | 2025-02-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21703 | netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() | 2025-02-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21700 | net: sched: Disallow replacing of child qdisc from one parent to another | 2025-02-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21699 | gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag | 2025-02-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21697 | drm/v3d: Ensure job pointer is set to NULL after job completion | 2025-02-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21696 | mm: clear uffd-wp PTE/PMD state on mremap() | 2025-02-02T00:00:00.000Z | 2025-09-03T22:03:00.000Z |
| msrc_cve-2025-21694 | fs/proc: fix softlockup in __read_vmcore (part 2) | 2025-02-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21693 | mm: zswap: properly synchronize freeing resources during CPU hotunplug | 2025-02-02T00:00:00.000Z | 2025-09-04T04:03:26.000Z |
| msrc_cve-2025-21692 | net: sched: fix ets qdisc OOB Indexing | 2025-02-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21690 | scsi: storvsc: Ratelimit warning logs to prevent VM denial of service | 2025-02-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21689 | USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() | 2025-02-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21687 | vfio/platform: check the bounds of read/write syscalls | 2025-02-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21684 | gpio: xilinx: Convert gpio_lock to raw spinlock | 2025-02-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-1795 | Mishandling of comma during folding and unicode-encoding of email headers | 2025-02-02T00:00:00.000Z | 2025-04-11T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2016-000025 | Cybozu Office vulnerable to open redirect | 2016-02-15T16:20+09:00 | 2016-02-23T16:32+09:00 |
| jvndb-2016-000024 | Cybozu Office vulnerable to cross-site request forgery | 2016-02-15T16:20+09:00 | 2016-02-23T16:32+09:00 |
| jvndb-2016-000023 | Cybozu Office access restriction bypass vulnerability | 2016-02-15T15:45+09:00 | 2016-02-23T16:32+09:00 |
| jvndb-2016-000022 | Cybozu Office vulnerable to information disclosure | 2016-02-15T15:44+09:00 | 2016-02-23T16:32+09:00 |
| jvndb-2016-000021 | Cybozu Office vulnerable to information disclosure | 2016-02-15T15:44+09:00 | 2016-02-23T16:32+09:00 |
| jvndb-2016-000020 | Cybozu Office vulnerable to denial-of-service (DoS) | 2016-02-15T15:43+09:00 | 2016-02-23T16:32+09:00 |
| jvndb-2016-000018 | Microsoft Producer for Microsoft Office PowerPoint vulnerable to cross-site scripting | 2016-02-15T09:56+09:00 | 2016-02-15T09:56+09:00 |
| jvndb-2016-000019 | Akerun - Smart Lock Robot App for iOS fails to verify SSL server certificates | 2016-02-12T15:59+09:00 | 2017-05-23T12:25+09:00 |
| jvndb-2016-000017 | JOB-CUBE vulnerable to cross-site scripting | 2016-01-29T14:06+09:00 | 2016-03-04T17:47+09:00 |
| jvndb-2016-000016 | Vine MV vulnerable to cross-site scripting | 2016-01-29T13:50+09:00 | 2016-02-10T10:19+09:00 |
| jvndb-2016-000015 | EXPRESSCLUSTER X vulnerable to directory traversal | 2016-01-29T13:45+09:00 | 2016-03-16T14:24+09:00 |
| jvndb-2016-000012 | HOME SPOT CUBE vulnerable to OS command injection | 2016-01-27T14:40+09:00 | 2016-02-16T17:26+09:00 |
| jvndb-2016-000011 | HOME SPOT CUBE vulnerable to clickjacking | 2016-01-27T14:40+09:00 | 2016-02-16T17:26+09:00 |
| jvndb-2016-000010 | HOME SPOT CUBE vulnerable to cross-site request forgery | 2016-01-27T14:40+09:00 | 2016-02-16T17:26+09:00 |
| jvndb-2016-000009 | HOME SPOT CUBE vulnerable to HTTP header injection | 2016-01-27T14:40+09:00 | 2016-02-16T17:26+09:00 |
| jvndb-2016-000008 | HOME SPOT CUBE vulnerable to open redirect | 2016-01-27T14:40+09:00 | 2016-02-16T17:26+09:00 |
| jvndb-2016-000007 | HOME SPOT CUBE vulnerable to cross-site scripting | 2016-01-27T14:40+09:00 | 2016-02-16T17:26+09:00 |
| jvndb-2016-000006 | Multiple Buffalo network devices vulnerable to cross-site scripting | 2016-01-22T14:36+09:00 | 2016-03-10T17:53+09:00 |
| jvndb-2016-000005 | Multiple Buffalo network devices vulnerable to cross-site request forgery | 2016-01-22T14:36+09:00 | 2016-03-10T17:53+09:00 |
| jvndb-2016-000004 | Shoplat App for iOS issue in the verification of SSL certificates | 2016-01-18T14:24+09:00 | 2017-05-23T13:57+09:00 |
| jvndb-2016-000003 | H2O vulnerable to HTTP header injection | 2016-01-15T13:57+09:00 | 2016-01-27T17:33+09:00 |
| jvndb-2016-000002 | acmailer vulnerable to OS command injection | 2016-01-15T13:57+09:00 | 2016-01-27T17:20+09:00 |
| jvndb-2016-000001 | DX Library vulnerable to buffer overflow | 2016-01-05T14:26+09:00 | 2016-06-08T18:06+09:00 |
| jvndb-2015-006527 | Cross-site Scripting Vulnerability in uCosminexus Portal Framework and Groupmax Collaboration | 2015-12-28T13:51+09:00 | 2016-02-10T14:36+09:00 |
| jvndb-2015-000203 | CG-WLNCM4G may behave as an open resolver | 2015-12-25T14:45+09:00 | 2016-01-07T15:32+09:00 |
| jvndb-2015-000202 | CG-WLBARAGM may behave as an open proxy | 2015-12-25T14:45+09:00 | 2016-01-07T15:32+09:00 |
| jvndb-2015-000201 | CG-WLBARGS does not properly perform authentication | 2015-12-25T14:33+09:00 | 2016-01-07T15:32+09:00 |
| jvndb-2015-006130 | Vulnerability in JP1/Automatic Job Management System 3 | 2015-12-17T16:19+09:00 | 2016-09-14T18:18+09:00 |
| jvndb-2015-006129 | Multiple Cross-site Scripting Vulnerabilities in EUR | 2015-12-17T16:18+09:00 | 2015-12-28T13:54+09:00 |
| jvndb-2015-005234 | Adobe Flash Player issue where iframe contents may be overwritten | 2015-12-17T15:19+09:00 | 2015-12-17T15:19+09:00 |
| ID | Description | Updated |
|---|