Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-4735-r254-hcj8 | An allocation of resources without limits or throttling vulnerability has been reported to affect F… | 2025-11-07T18:30:29Z | 2025-11-07T18:30:29Z |
| ghsa-3vg5-p6w2-984m | An allocation of resources without limits or throttling vulnerability has been reported to affect F… | 2025-11-07T18:30:29Z | 2025-11-07T18:30:29Z |
| ghsa-v7p2-phgw-4fh4 | A vulnerability was determined in DedeBIZ up to 6.3.2. Affected by this vulnerability is an unknown… | 2025-11-07T18:30:28Z | 2025-11-07T18:30:28Z |
| ghsa-cm35-v4vp-5xvx | Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events | 2025-11-07T17:37:33Z | 2025-11-07T17:37:33Z |
| ghsa-3fv2-ccqm-h3x9 | A vulnerability was found in DedeBIZ up to 6.3.2. Affected is an unknown function of the file /admi… | 2025-11-07T15:31:31Z | 2025-11-07T15:31:31Z |
| ghsa-v4pm-h4rc-6r9v | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 564 - S… | 2025-11-07T15:31:30Z | 2025-11-07T15:31:30Z |
| ghsa-q2pr-r6jf-wv38 | A security flaw has been discovered in code-projects Responsive Hotel Site 1.0. This issue affects … | 2025-11-07T15:31:30Z | 2025-11-07T15:31:30Z |
| ghsa-p5v7-wc9g-p479 | A vulnerability has been found in DedeBIZ up to 6.3.2. This impacts an unknown function of the file… | 2025-11-07T15:31:30Z | 2025-11-07T15:31:30Z |
| ghsa-mr8h-778f-8vq8 | A vulnerability was identified in newbee-mall-plus up to 2.4.1. This vulnerability affects the func… | 2025-11-07T15:31:30Z | 2025-11-07T15:31:30Z |
| ghsa-fv27-q26g-hwf7 | A weakness has been identified in code-projects Responsive Hotel Site 1.0. Impacted is an unknown f… | 2025-11-07T15:31:30Z | 2025-11-07T15:31:30Z |
| ghsa-7wcr-q663-xpqj | A vulnerability was determined in SourceCodester Best House Rental Management System 1.0. This affe… | 2025-11-07T15:31:30Z | 2025-11-07T15:31:30Z |
| ghsa-47v8-g3h7-xwrj | A security vulnerability has been detected in code-projects Responsive Hotel Site 1.0. The affected… | 2025-11-07T15:31:30Z | 2025-11-07T15:31:30Z |
| ghsa-42m5-3r2p-wr92 | Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated arbitrary … | 2025-11-07T15:31:30Z | 2025-11-07T15:31:30Z |
| ghsa-w7xj-8fx7-wfch | Open WebUI vulnerable to Stored DOM XSS via prompts when 'Insert Prompt as Rich Text' is enabled re… | 2025-11-07T15:25:23Z | 2025-11-07T15:25:23Z |
| ghsa-qj3m-73c6-4ww7 | SQL injection vulnerability in DIAL's CentrosNet v2.64. Allows an attacker to retrieve, create, upd… | 2025-11-07T12:31:11Z | 2025-11-07T12:31:11Z |
| ghsa-v3pv-cj5w-92hv | Use of password hash with insufficient computational effort issue exists in BUFFALO Wi-Fi router 'W… | 2025-11-07T09:30:24Z | 2025-11-07T09:30:24Z |
| ghsa-5gff-h54g-38r2 | curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was f… | 2025-11-07T09:30:24Z | 2025-11-07T09:30:24Z |
| ghsa-w86f-f8mj-wm7p | The Page & Post Notes plugin for WordPress is vulnerable to unauthorized modification of notes due … | 2025-11-07T06:30:29Z | 2025-11-07T06:30:29Z |
| ghsa-999f-q85h-g4q7 | The WP Airbnb Review Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a… | 2025-11-07T06:30:29Z | 2025-11-07T06:30:29Z |
| ghsa-g482-6rxp-qvg7 | The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerabl… | 2025-11-07T06:30:28Z | 2025-11-07T06:30:28Z |
| ghsa-8ff8-c7j7-c996 | The Gravity Forms plugin for WordPress is vulnerable to arbitrary file uploads due to missing file … | 2025-11-07T06:30:28Z | 2025-11-07T06:30:28Z |
| ghsa-822f-xqj8-8w45 | The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerabl… | 2025-11-07T06:30:28Z | 2025-11-07T06:30:28Z |
| ghsa-w5cv-jqj9-8f97 | The LC Wizard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capabilit… | 2025-11-07T06:30:27Z | 2025-11-07T06:30:27Z |
| ghsa-xmq3-q5pm-rp26 | Nuxt DevTools vulnerable to cross-site scripting (XSS) | 2025-11-07T03:30:25Z | 2025-11-07T17:41:22Z |
| ghsa-rwvc-j5jr-mgvh | Vercel’s AI SDK's filetype whitelists can be bypassed when uploading files | 2025-11-07T03:30:25Z | 2025-11-07T17:39:02Z |
| ghsa-hxh9-cj4v-cqch | Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ve… | 2025-11-07T03:30:25Z | 2025-11-07T03:30:25Z |
| ghsa-phcq-jxj6-jpjq | A flaw was found in Red Hat Single Sign-On. This issue is an Open Redirect vulnerability that occur… | 2025-11-07T00:30:32Z | 2025-11-07T00:30:32Z |
| ghsa-jq2j-98mw-mwjp | Insufficient input sanitization in the dashboard label or path can allow an attacker to trigger a … | 2025-11-07T00:30:32Z | 2025-11-07T00:30:32Z |
| ghsa-j478-73x8-84h7 | Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to… | 2025-11-07T00:30:32Z | 2025-11-07T00:30:32Z |
| ghsa-xr3x-3m9h-jg3r | Use after free in Storage in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to exec… | 2025-11-07T00:30:31Z | 2025-11-07T00:30:31Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-53413 | 4.9 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:13:03.060Z | 2025-11-07T15:57:08.616Z |
| cve-2025-54167 | 7.2 (v4.0) | Notification Center |
QNAP Systems Inc. |
Notification Center |
2025-11-07T15:12:39.176Z | 2025-11-07T15:57:14.662Z |
| cve-2025-54168 | 2.2 (v4.0) | QuLog Center |
QNAP Systems Inc. |
QuLog Center |
2025-11-07T15:12:10.966Z | 2025-11-07T15:57:21.137Z |
| cve-2025-57706 | 2.2 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:11:47.864Z | 2025-11-07T15:57:28.627Z |
| cve-2025-57712 | 4 (v4.0) | Qsync Central |
QNAP Systems Inc. |
Qsync Central |
2025-11-07T15:11:14.888Z | 2025-11-07T16:11:21.520Z |
| cve-2025-58463 | 2.3 (v4.0) | Download Station |
QNAP Systems Inc. |
Download Station |
2025-11-07T15:10:42.856Z | 2025-11-07T16:11:30.915Z |
| cve-2025-58464 | 7.8 (v4.0) | QuMagie |
QNAP Systems Inc. |
QuMagie |
2025-11-07T15:10:10.396Z | 2025-11-07T16:11:39.344Z |
| cve-2025-58465 | 2.2 (v4.0) | Download Station |
QNAP Systems Inc. |
Download Station |
2025-11-07T15:09:31.301Z | 2025-11-07T15:47:03.235Z |
| cve-2025-58469 | 1.2 (v4.0) | QuLog Center |
QNAP Systems Inc. |
QuLog Center |
2025-11-07T15:08:56.159Z | 2025-11-07T15:48:30.618Z |
| cve-2025-12860 | DedeBIZ freelist_main.php sql injection |
n/a |
DedeBIZ |
2025-11-07T15:02:08.895Z | 2025-11-07T20:42:56.659Z | |
| cve-2025-12859 | DedeBIZ templets_one_edit.php sql injection |
n/a |
DedeBIZ |
2025-11-07T15:02:06.353Z | 2025-11-07T20:42:21.782Z | |
| cve-2025-12857 | code-projects Responsive Hotel Site roombook.php sql i… |
code-projects |
Responsive Hotel Site |
2025-11-07T14:02:06.372Z | 2025-11-07T14:45:22.090Z | |
| cve-2025-34299 | 9.3 (v4.0) | Monsta FTP <= 2.11 Unauthenticated Arbitrary File Upload |
Monsta Limited of New Zealand |
Monsta FTP |
2025-11-07T13:51:33.738Z | 2025-11-07T19:20:52.087Z |
| cve-2025-12856 | code-projects Responsive Hotel Site reservation.php sq… |
code-projects |
Responsive Hotel Site |
2025-11-07T13:32:08.786Z | 2025-11-07T17:19:51.164Z | |
| cve-2025-12855 | code-projects Responsive Hotel Site newsletterdel.php … |
code-projects |
Responsive Hotel Site |
2025-11-07T13:32:06.643Z | 2025-11-07T15:57:29.740Z | |
| cve-2025-10968 | 8.8 (v3.1) | SQLi in GG Soft's PaperWork |
GG Soft Software Services Inc. |
PaperWork |
2025-11-07T13:08:41.209Z | 2025-11-07T13:22:39.031Z |
| cve-2025-12854 | newbee-mall-plus seckillExecution executeSeckill autho… |
n/a |
newbee-mall-plus |
2025-11-07T12:32:09.758Z | 2025-11-07T13:04:37.110Z | |
| cve-2025-12853 | SourceCodester Best House Rental Management System adm… |
SourceCodester |
Best House Rental Management System |
2025-11-07T12:32:07.272Z | 2025-11-07T13:07:26.074Z | |
| cve-2025-10870 | 9.3 (v4.0) | SQL injection in DIAL's CentrosNet |
DIAL |
CentrosNet |
2025-11-07T09:26:39.503Z | 2025-11-07T12:09:38.397Z |
| cve-2025-46413 | 4.3 (v3.0) 5.3 (v4.0) | Use of password hash with insufficient computatio… |
BUFFALO INC. |
WSR-1800AX4 |
2025-11-07T08:51:52.847Z | 2025-11-07T13:15:18.610Z |
| cve-2025-10966 | N/A | missing SFTP host verification with wolfSSH |
curl |
curl |
2025-11-07T07:26:30.351Z | 2025-11-07T08:05:50.150Z |
| cve-2025-64346 | archives: Improper Limitation of a Pathname to a Restr… |
jaredallard |
archives |
2025-11-07T05:32:09.605Z | 2025-11-07T13:19:52.595Z | |
| cve-2025-12527 | Page & Post Notes <= 1.3.4 - Missing Authorization to … |
yydevelopment |
Page & Post Notes |
2025-11-07T05:29:58.432Z | 2025-11-07T13:22:13.626Z | |
| cve-2025-12520 | WP Airbnb Review Slider <= 4.2 - Authenticated (Admin+… |
jgwhite33 |
WP Airbnb Review Slider |
2025-11-07T05:29:57.900Z | 2025-11-07T13:25:00.440Z | |
| cve-2025-64343 | (conda) Constructor: Excessive permissions during and … |
conda |
constructor |
2025-11-07T05:20:38.659Z | 2025-11-07T17:24:38.228Z | |
| cve-2025-64339 | ClipBucket v5: Stored XSS Vulnerability in Manage Playlists |
MacWarrior |
clipbucket-v5 |
2025-11-07T05:12:37.704Z | 2025-11-07T17:33:46.877Z | |
| cve-2025-64336 | ClipBucket v5's Manage Photo Feature is Vulnerable to … |
MacWarrior |
clipbucket-v5 |
2025-11-07T04:32:10.401Z | 2025-11-07T17:38:36.524Z | |
| cve-2025-4522 | IDonate 2.0.0 - 2.1.9 - Insecure Direct Object Referen… |
themeatelier |
IDonate – Blood Donation, Request And Donor Management System |
2025-11-07T04:28:54.987Z | 2025-11-07T14:55:14.133Z | |
| cve-2025-4519 | IDonate 2.1.5 - 2.1.9 - Missing Authorization to Authe… |
themeatelier |
IDonate – Blood Donation, Request And Donor Management System |
2025-11-07T04:28:54.561Z | 2025-11-07T14:55:39.666Z | |
| cve-2025-12352 | Gravity Forms <= 2.9.20 - Unauthenticated Arbitrary Fi… |
Gravity Forms |
Gravity Forms |
2025-11-07T04:28:53.882Z | 2025-11-07T17:41:19.665Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-7719 | 5.3 (v4.0) | Smallworld SWMFS Arbitrary File Ops |
GE Vernova |
Smallworld |
2025-11-07T16:28:03.432Z | 2025-11-07T19:17:44.314Z |
| cve-2025-63785 | N/A | A DOM-based Cross-Site Scripting (XSS) vulnerabil… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T16:33:57.050Z |
| cve-2025-63784 | N/A | An Open Redirect vulnerability exists in the OAut… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T16:13:38.874Z |
| cve-2025-57698 | N/A | AstrBot Project v3.5.22 contains a directory trav… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T16:43:54.572Z |
| cve-2025-3222 | 9.3 (v4.0) | Smallworld SWMFS Improper Authentication |
GE Vernova |
Smallworld |
2025-11-07T16:28:45.217Z | 2025-11-07T19:17:12.529Z |
| cve-2025-12862 | projectworlds Online Notes Sharing Platform userprofil… |
projectworlds |
Online Notes Sharing Platform |
2025-11-07T16:32:06.297Z | 2025-11-07T19:16:42.717Z | |
| cve-2025-63783 | N/A | A Broken Object Level Authorization (BOLA) vulner… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T16:00:11.579Z |
| cve-2025-63691 | N/A | In pig-mesh In Pig version 3.8.2 and below, withi… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T18:49:24.568Z |
| cve-2025-63690 | N/A | In pig-mesh Pig versions 3.8.2 and below, when se… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T18:41:28.538Z |
| cve-2025-63689 | N/A | Multiple SQL injection vulnerabilitites in ycf199… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T15:59:41.661Z |
| cve-2025-63687 | N/A | An issue was discovered in rymcu forest thru comm… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T15:43:28.239Z |
| cve-2025-63686 | N/A | There is an arbitrary file download vulnerability… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T15:49:04.881Z |
| cve-2025-58469 | 1.2 (v4.0) | QuLog Center |
QNAP Systems Inc. |
QuLog Center |
2025-11-07T15:08:56.159Z | 2025-11-07T15:48:30.618Z |
| cve-2025-58465 | 2.2 (v4.0) | Download Station |
QNAP Systems Inc. |
Download Station |
2025-11-07T15:09:31.301Z | 2025-11-07T15:47:03.235Z |
| cve-2025-58464 | 7.8 (v4.0) | QuMagie |
QNAP Systems Inc. |
QuMagie |
2025-11-07T15:10:10.396Z | 2025-11-07T16:11:39.344Z |
| cve-2025-58463 | 2.3 (v4.0) | Download Station |
QNAP Systems Inc. |
Download Station |
2025-11-07T15:10:42.856Z | 2025-11-07T16:11:30.915Z |
| cve-2025-57712 | 4 (v4.0) | Qsync Central |
QNAP Systems Inc. |
Qsync Central |
2025-11-07T15:11:14.888Z | 2025-11-07T16:11:21.520Z |
| cve-2025-57706 | 2.2 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:11:47.864Z | 2025-11-07T15:57:28.627Z |
| cve-2025-54168 | 2.2 (v4.0) | QuLog Center |
QNAP Systems Inc. |
QuLog Center |
2025-11-07T15:12:10.966Z | 2025-11-07T15:57:21.137Z |
| cve-2025-54167 | 7.2 (v4.0) | Notification Center |
QNAP Systems Inc. |
Notification Center |
2025-11-07T15:12:39.176Z | 2025-11-07T15:57:14.662Z |
| cve-2025-53413 | 4.9 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:13:03.060Z | 2025-11-07T15:57:08.616Z |
| cve-2025-53412 | 0.6 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:13:34.575Z | 2025-11-07T15:57:02.038Z |
| cve-2025-53411 | 1.2 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:13:57.618Z | 2025-11-07T15:56:50.992Z |
| cve-2025-53410 | 4.9 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:14:20.754Z | 2025-11-07T15:56:28.129Z |
| cve-2025-53409 | 4.9 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:14:44.914Z | 2025-11-07T15:56:12.638Z |
| cve-2025-53408 | 1.3 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:15:11.361Z | 2025-11-07T15:43:49.566Z |
| cve-2025-52865 | 1.3 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:15:20.701Z | 2025-11-07T15:55:41.114Z |
| cve-2025-52425 | 9.5 (v4.0) | QuMagie |
QNAP Systems Inc. |
QuMagie |
2025-11-07T15:15:57.937Z | 2025-11-07T15:55:26.440Z |
| cve-2025-47207 | 5.3 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:16:08.604Z | 2025-11-07T15:56:40.737Z |
| cve-2025-12861 | DedeBIZ spec_add.php sql injection |
n/a |
DedeBIZ |
2025-11-07T16:02:05.050Z | 2025-11-07T19:25:27.663Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-52245 | Malicious code in mulyono-serabi95-breki (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52244 | Malicious code in mulyono-rendang60-breki (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52243 | Malicious code in mulyono-oncom16-breki (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52242 | Malicious code in mulyono-miebogor21-sluey (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52241 | Malicious code in mulyono-mieayam82-sukiwir (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52240 | Malicious code in mulyono-lepet46-miaww (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52239 | Malicious code in mulyono-kue67-sukiwir (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52238 | Malicious code in mulyono-kue58-sukiwir (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52237 | Malicious code in mulyono-kolak27-riris (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52236 | Malicious code in mulyono-ketan83-sluey (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52235 | Malicious code in mulyono-ketan40-breki (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52234 | Malicious code in maya-tek13-ruro (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52233 | Malicious code in maya-tahu75-breki (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52232 | Malicious code in maya-rujaksoto21-breki (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52231 | Malicious code in maya-lengko95-breki (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52230 | Malicious code in maya-kue82-breki (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52229 | Malicious code in maya-kue30-sluey (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52228 | Malicious code in maya-kue1-sluey (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52227 | Malicious code in maya-kripik76-miaww (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52226 | Malicious code in maya-kacang25-sukiwir (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52225 | Malicious code in maya-gorengan12-sukiwir (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52224 | Malicious code in maya-empal1-sluey (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52223 | Malicious code in maya-botok5-miaww (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52222 | Malicious code in maman-sroto4-riris (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52221 | Malicious code in maman-sate70-kyuki (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52220 | Malicious code in maman-rawon57-sluey (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52219 | Malicious code in maman-mangut22-breki (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52218 | Malicious code in maman-liwet93-wekto (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52217 | Malicious code in maman-kupang98-breki (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| mal-2025-52216 | Malicious code in maman-klipo15-sluey (npm) | 2025-11-10T04:40:39Z | 2025-11-10T04:40:39Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-1389 | Podman: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-06-24T22:00:00.000+00:00 | 2025-10-21T22:00:00.000+00:00 |
| wid-sec-w-2025-1372 | Linux Kernel: Schwachstelle ermöglicht Manipulation von Daten und Denial of Service | 2025-06-22T22:00:00.000+00:00 | 2025-10-21T22:00:00.000+00:00 |
| wid-sec-w-2025-1350 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-06-17T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-1339 | PAM: Schwachstelle ermöglicht Privilegieneskalation | 2025-06-17T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1334 | Apache Commons FileUpload: Schwachstelle ermöglicht Denial of Service | 2025-06-16T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1312 | libxml2: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-06-11T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-1277 | Microsoft Windows: Mehrere Schwachstellen | 2025-06-10T22:00:00.000+00:00 | 2025-10-20T22:00:00.000+00:00 |
| wid-sec-w-2025-1169 | Apache Commons BeanUtils: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-05-29T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1114 | Linux Kernel: Mehrere Schwachstellen | 2025-05-20T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1055 | Node.js: Mehrere Schwachstellen | 2025-05-14T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-0987 | Eclipse Jetty: Mehrere Schwachstellen | 2025-05-08T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0922 | Linux Kernel: Mehrere Schwachstellen | 2025-05-01T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0837 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-04-15T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0683 | Linux Kernel: Mehrere Schwachstellen | 2025-04-01T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0649 | Linux Kernel: Mehrere Schwachstellen | 2025-03-27T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0453 | Linux Kernel: Mehrere Schwachstellen | 2025-02-26T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0403 | libxml2: Mehrere Schwachstellen | 2025-02-18T23:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-0132 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2025-01-20T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2024-3762 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2024-12-29T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2024-3690 | Gitea: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2024-12-11T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2024-3497 | Linux Kernel: Mehrere Schwachstellen | 2024-11-18T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2024-3368 | Linux Kernel: Mehrere Schwachstellen | 2024-11-06T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2024-3338 | Red Hat OpenShift: Mehrere Schwachstelle | 2024-11-05T23:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2024-1944 | Red Hat multicluster engine for Kubernetes: Schwachstelle ermöglicht Denial of Service | 2024-08-28T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2024-1606 | Bootstrap: Mehrere Schwachstellen ermöglichen Cross-Site Scripting | 2024-07-11T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2024-1547 | OpenSSH auf Red Hat Enterprise Linux 9: Schwachstelle ermöglicht Denial of Service | 2024-07-08T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2024-0459 | Linux Kernel: Mehrere Schwachstellen | 2024-02-21T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2023-3022 | Apache ActiveMQ: Schwachstelle ermöglicht Codeausführung | 2023-11-28T23:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2023-2864 | Linux Kernel: Mehrere Schwachstellen | 2023-11-08T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2023-2434 | Linux Kernel: Schwachstelle ermöglicht Codeausführung | 2023-09-24T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:19047 | Red Hat Security Advisory: OpenShift Container Platform 4.18.27 bug fix and security update | 2025-10-29T08:31:22+00:00 | 2025-11-06T22:56:43+00:00 |
| rhsa-2025:19222 | Red Hat Security Advisory: kernel security update | 2025-10-29T00:46:08+00:00 | 2025-11-08T07:17:26+00:00 |
| rhsa-2025:19224 | Red Hat Security Advisory: kernel security update | 2025-10-29T00:45:53+00:00 | 2025-11-06T23:15:13+00:00 |
| rhsa-2025:19223 | Red Hat Security Advisory: kernel-rt security update | 2025-10-29T00:20:39+00:00 | 2025-11-06T23:15:12+00:00 |
| rhsa-2025:19221 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Container Release Update | 2025-10-28T21:16:15+00:00 | 2025-11-10T01:32:54+00:00 |
| rhsa-2025:19201 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update | 2025-10-28T19:18:04+00:00 | 2025-11-06T23:42:41+00:00 |
| rhsa-2025:19167 | Red Hat Security Advisory: squid security update | 2025-10-28T12:21:02+00:00 | 2025-11-06T23:42:41+00:00 |
| rhsa-2025:19165 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-10-28T11:21:52+00:00 | 2025-11-06T23:15:12+00:00 |
| rhsa-2025:19157 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-10-28T09:07:47+00:00 | 2025-11-06T23:15:12+00:00 |
| rhsa-2025:19156 | Red Hat Security Advisory: libtiff security update | 2025-10-28T08:49:12+00:00 | 2025-11-10T02:22:44+00:00 |
| rhsa-2025:19115 | Red Hat Security Advisory: squid security update | 2025-10-28T01:56:56+00:00 | 2025-11-06T23:42:40+00:00 |
| rhsa-2025:19118 | Red Hat Security Advisory: squid security update | 2025-10-28T01:49:06+00:00 | 2025-11-06T23:42:41+00:00 |
| rhsa-2025:19114 | Red Hat Security Advisory: squid security update | 2025-10-28T01:18:01+00:00 | 2025-11-06T23:42:40+00:00 |
| rhsa-2025:19113 | Red Hat Security Advisory: libtiff security update | 2025-10-28T00:30:51+00:00 | 2025-11-10T02:22:42+00:00 |
| rhsa-2025:19105 | Red Hat Security Advisory: kernel security update | 2025-10-27T20:25:15+00:00 | 2025-11-06T22:02:24+00:00 |
| rhsa-2025:19109 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-10-27T19:58:20+00:00 | 2025-11-06T23:15:11+00:00 |
| rhsa-2025:19106 | Red Hat Security Advisory: kernel security update | 2025-10-27T19:03:20+00:00 | 2025-11-06T23:15:11+00:00 |
| rhsa-2025:19020 | Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP2 security update | 2025-10-27T17:46:24+00:00 | 2025-11-07T21:45:03+00:00 |
| rhsa-2025:19107 | Red Hat Security Advisory: squid:4 security update | 2025-10-27T16:55:20+00:00 | 2025-11-06T23:42:40+00:00 |
| rhsa-2025:19104 | Red Hat Security Advisory: kernel security update | 2025-10-27T16:41:00+00:00 | 2025-11-07T19:47:54+00:00 |
| rhsa-2025:19102 | Red Hat Security Advisory: kernel security update | 2025-10-27T09:51:24+00:00 | 2025-11-06T21:43:52+00:00 |
| rhsa-2025:19103 | Red Hat Security Advisory: kernel-rt security update | 2025-10-27T09:41:54+00:00 | 2025-11-06T21:43:52+00:00 |
| rhsa-2025:19101 | Red Hat Security Advisory: libssh security update | 2025-10-27T08:30:35+00:00 | 2025-11-06T23:42:40+00:00 |
| rhsa-2025:19098 | Red Hat Security Advisory: libssh security update | 2025-10-27T01:38:38+00:00 | 2025-11-06T23:42:40+00:00 |
| rhsa-2025:19095 | Red Hat Security Advisory: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available (RHBQ 3.27.0.GA) | 2025-10-23T21:55:17+00:00 | 2025-10-24T00:00:13+00:00 |
| rhsa-2025:19094 | Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.24.0 Release. | 2025-10-23T20:33:38+00:00 | 2025-11-07T20:55:56+00:00 |
| rhsa-2025:19086 | Red Hat Security Advisory: redis security update | 2025-10-23T20:28:12+00:00 | 2025-11-06T23:42:39+00:00 |
| rhsa-2025:18819 | Red Hat Security Advisory: OpenJDK 11.0.29 ELS Security Update for Portable Linux Builds | 2025-10-23T20:23:08+00:00 | 2025-11-06T23:42:34+00:00 |
| rhsa-2025:18818 | Red Hat Security Advisory: java-11-openjdk ELS security update | 2025-10-23T20:11:52+00:00 | 2025-11-06T23:42:34+00:00 |
| rhsa-2025:18820 | Red Hat Security Advisory: OpenJDK 11.0.29 ELS Security Update for Windows Builds | 2025-10-23T20:04:33+00:00 | 2025-11-06T23:42:35+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-40003 | net: mscc: ocelot: Fix use-after-free caused by cyclic delayed work | 2025-10-02T00:00:00.000Z | 2025-10-19T01:01:44.000Z |
| msrc_cve-2025-40001 | scsi: mvsas: Fix use-after-free bugs in mvs_work_queue | 2025-10-02T00:00:00.000Z | 2025-10-19T01:01:49.000Z |
| msrc_cve-2025-40000 | wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:49.000Z |
| msrc_cve-2025-39998 | scsi: target: target_core_configfs: Add length check to avoid buffer overflow | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:33.000Z |
| msrc_cve-2025-39996 | media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove | 2025-10-02T00:00:00.000Z | 2025-10-16T01:03:22.000Z |
| msrc_cve-2025-39995 | media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:10.000Z |
| msrc_cve-2025-39994 | media: tuner: xc5000: Fix use-after-free in xc5000_release | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:44.000Z |
| msrc_cve-2025-39993 | media: rc: fix races with imon_disconnect() | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:22.000Z |
| msrc_cve-2025-39990 | bpf: Check the helper function is valid in get_helper_proto | 2025-10-02T00:00:00.000Z | 2025-10-16T01:03:00.000Z |
| msrc_cve-2025-39988 | can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow | 2025-10-02T00:00:00.000Z | 2025-10-16T01:01:43.000Z |
| msrc_cve-2025-39987 | can: hi311x: populate ndo_change_mtu() to prevent buffer overflow | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:55.000Z |
| msrc_cve-2025-39986 | can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow | 2025-10-02T00:00:00.000Z | 2025-10-16T01:03:16.000Z |
| msrc_cve-2025-39985 | can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow | 2025-10-02T00:00:00.000Z | 2025-10-16T01:01:37.000Z |
| msrc_cve-2025-39982 | Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync | 2025-10-02T00:00:00.000Z | 2025-10-16T01:03:06.000Z |
| msrc_cve-2025-39981 | Bluetooth: MGMT: Fix possible UAFs | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:27.000Z |
| msrc_cve-2025-39980 | nexthop: Forbid FDB status change while nexthop is in a group | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:38.000Z |
| msrc_cve-2025-39978 | octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() | 2025-10-02T00:00:00.000Z | 2025-10-16T01:01:59.000Z |
| msrc_cve-2025-39977 | futex: Prevent use-after-free during requeue-PI | 2025-10-02T00:00:00.000Z | 2025-10-16T01:03:11.000Z |
| msrc_cve-2025-39973 | i40e: add validation for ring_len param | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:16.000Z |
| msrc_cve-2025-39972 | i40e: fix idx validation in i40e_validate_queue_map | 2025-10-02T00:00:00.000Z | 2025-10-16T01:01:53.000Z |
| msrc_cve-2025-39971 | i40e: fix idx validation in config queues msg | 2025-10-02T00:00:00.000Z | 2025-10-16T01:01:48.000Z |
| msrc_cve-2025-39970 | i40e: fix input validation logic for action_meta | 2025-10-02T00:00:00.000Z | 2025-10-16T01:01:31.000Z |
| msrc_cve-2025-39969 | i40e: fix validation of VF state in get resources | 2025-10-02T00:00:00.000Z | 2025-10-16T01:02:04.000Z |
| msrc_cve-2025-39968 | i40e: add max boundary check for VF filters | 2025-10-02T00:00:00.000Z | 2025-10-16T01:01:21.000Z |
| msrc_cve-2025-39967 | fbcon: fix integer overflow in fbcon_do_set_font | 2025-10-02T00:00:00.000Z | 2025-10-16T01:01:26.000Z |
| msrc_cve-2025-39965 | xfrm: xfrm_alloc_spi shouldn't use 0 as SPI | 2025-10-02T00:00:00.000Z | 2025-10-15T01:01:28.000Z |
| msrc_cve-2025-39964 | crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg | 2025-10-02T00:00:00.000Z | 2025-10-15T01:01:33.000Z |
| msrc_cve-2025-39961 | iommu/amd/pgtbl: Fix possible race while increase page table level | 2025-10-02T00:00:00.000Z | 2025-10-11T01:01:50.000Z |
| msrc_cve-2025-39958 | iommu/s390: Make attach succeed when the device was surprise removed | 2025-10-02T00:00:00.000Z | 2025-10-10T01:02:11.000Z |
| msrc_cve-2025-39957 | wifi: mac80211: increase scan_ies_len for S1G | 2025-10-02T00:00:00.000Z | 2025-10-10T01:02:23.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-002790 | Out-of-bounds Write vulnerabilities in Canon Printer Drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers | 2025-04-02T15:05+09:00 | 2025-04-02T15:05+09:00 |
| jvndb-2025-000023 | WordPress plugin "Welcart e-Commerce" vulnerable to untrusted data deserialization | 2025-04-01T14:20+09:00 | 2025-04-01T14:20+09:00 |
| jvndb-2025-002714 | Improper symbolic link file handling in FutureNet NXR series, VXR series and WXR series routers | 2025-03-31T16:59+09:00 | 2025-04-03T15:19+09:00 |
| jvndb-2025-000024 | a-blog cms vulnerable to untrusted data deserialization | 2025-03-28T10:46+09:00 | 2025-03-28T10:46+09:00 |
| jvndb-2025-000021 | Multiple vulnerabilities in PowerCMS | 2025-03-26T18:13+09:00 | 2025-03-26T18:13+09:00 |
| jvndb-2025-002592 | Multiple vulnerabilities in CHOCO TEI WATCHER mini | 2025-03-26T13:25+09:00 | 2025-03-26T13:25+09:00 |
| jvndb-2025-000019 | Multiple vulnerabilities in AssetView | 2025-03-25T17:10+09:00 | 2025-03-25T17:10+09:00 |
| jvndb-2025-000018 | Multiple vulnerabilities in home gateway HGW-BL1500HM | 2025-03-19T15:33+09:00 | 2025-03-28T11:48+09:00 |
| jvndb-2025-000020 | +F FS010M vulnerable to OS command injection | 2025-03-18T15:01+09:00 | 2025-03-18T15:01+09:00 |
| jvndb-2025-000017 | hostapd vulnerable to improper processing of RADIUS packets | 2025-03-12T14:19+09:00 | 2025-03-12T14:19+09:00 |
| jvndb-2025-000016 | Multiple vulnerabilities in RemoteView Agent (for Windows) | 2025-03-06T14:27+09:00 | 2025-03-10T15:22+09:00 |
| jvndb-2025-001898 | Multiple vulnerabilities in FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine) | 2025-03-04T14:56+09:00 | 2025-03-04T14:56+09:00 |
| jvndb-2025-001605 | "RoboForm Password Manager" App for Android vulnerable to authentication bypass using an alternate path or channel | 2025-02-20T20:15+09:00 | 2025-02-20T20:15+09:00 |
| jvndb-2025-000014 | Multiple cross-site scripting vulnerabilities in Movable Type | 2025-02-19T16:19+09:00 | 2025-02-19T16:19+09:00 |
| jvndb-2025-000015 | RevoWorks SCVX and RevoWorks Browser vulnerable to incorrect resource transfer between spheres | 2025-02-19T14:51+09:00 | 2025-02-19T14:51+09:00 |
| jvndb-2025-001563 | Out-of-bounds write vulnerability in FUJIFILM Business Innovation Corp. MFPs | 2025-02-18T16:33+09:00 | 2025-02-18T16:33+09:00 |
| jvndb-2025-001562 | Out-of-bounds read vulnerability in OMRON CX-Programmer | 2025-02-18T16:24+09:00 | 2025-02-18T16:24+09:00 |
| jvndb-2025-001548 | Out-of-bounds read vulnerability in Cente middleware | 2025-02-17T18:22+09:00 | 2025-02-17T18:22+09:00 |
| jvndb-2025-000012 | Multiple vulnerabilities in The LuxCal Web Calendar | 2025-02-17T13:43+09:00 | 2025-02-17T13:43+09:00 |
| jvndb-2025-000013 | acmailer CGI and acmailer DB vulnerable to OS command injection | 2025-02-14T16:39+09:00 | 2025-02-14T16:39+09:00 |
| jvndb-2025-000002 | Multiple vulnerabilities in NEC Aterm series (NV25-003) | 2025-02-14T15:48+09:00 | 2025-02-14T15:48+09:00 |
| jvndb-2025-000011 | Multiple vulnerabilities in FileMegane | 2025-02-13T13:39+09:00 | 2025-02-13T13:39+09:00 |
| jvndb-2025-000010 | acmailer vulnerable to cross-site scripting | 2025-02-12T15:05+09:00 | 2025-02-12T15:05+09:00 |
| jvndb-2025-001017 | Multiple vulnerabilities in STEALTHONE D220/D340/D440 | 2025-02-06T18:27+09:00 | 2025-02-06T18:27+09:00 |
| jvndb-2025-001016 | OMRON NJ/NX series vulnerable to path traversal | 2025-02-06T18:27+09:00 | 2025-05-08T17:44+09:00 |
| jvndb-2025-001018 | Improper restriction of XML external entity reference (XXE) vulnerability in OMRON NB-Designer | 2025-02-06T18:26+09:00 | 2025-02-06T18:26+09:00 |
| jvndb-2025-000008 | Multiple vulnerabilities in Defense Platform Home Edition | 2025-02-05T14:06+09:00 | 2025-02-05T14:06+09:00 |
| jvndb-2025-000009 | WordPress Plugin "Activity Log WinterLock" vulnerable to cross-site request forgery | 2025-02-04T13:58+09:00 | 2025-02-04T13:58+09:00 |
| jvndb-2025-001244 | Clickjacking Vulnerability in JP1/ServerConductor/Deployment Manager | 2025-01-30T18:19+09:00 | 2025-01-30T18:19+09:00 |
| jvndb-2025-000007 | SXF Common Library vulnerable to improper input data handling | 2025-01-29T14:57+09:00 | 2025-01-29T14:57+09:00 |
| ID | Description | Updated |
|---|