Recent vulnerabilities

ID	Description	Published	Updated
ghsa-cvh9-3mpx-5p4r	Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting (XSS) via the Graph Explo…	2025-10-31T00:30:33Z	2025-11-05T18:31:30Z
ghsa-cpvv-mcg6-x5f6	Anheng Mingyu Operation and Maintenance Audit and Risk Control System up to 2023-08-10 contains a s…	2025-10-31T00:30:33Z	2025-10-31T00:30:33Z
ghsa-8x6f-f882-qfh8	Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting (XSS) via the Bulk Modifi…	2025-10-31T00:30:33Z	2025-11-05T18:31:30Z
ghsa-7429-79p7-vgcx	Nagios XI versions prior to 2024R1.1.3 did not invalidate all other active sessions for a user when…	2025-10-31T00:30:33Z	2025-11-06T18:32:47Z
ghsa-6q4w-8x5h-w5c4	Nagios Fusion versions prior to 4.2.0 contain a stored cross-site scripting (XSS) vulnerability in …	2025-10-31T00:30:33Z	2025-11-06T18:32:46Z
ghsa-66qm-mpmg-rpq7	Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting (XSS) via the Bandwidth R…	2025-10-31T00:30:33Z	2025-11-05T18:31:30Z
ghsa-5jcg-35jx-5h27	Nagios Network Analyzer versions prior to 2024R1 are vulnerable to cross-site scripting (XSS) via t…	2025-10-31T00:30:33Z	2025-11-07T21:31:19Z
ghsa-248r-c6gj-jwpq	Nagios XI versions prior to 2024R1.1.3, under certain circumstances, disclose the server's Active D…	2025-10-31T00:30:33Z	2025-11-06T18:32:47Z
ghsa-x9c7-c9vg-v4gf	Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting (XSS) via the Apply Config…	2025-10-31T00:30:32Z	2025-11-05T18:31:30Z
ghsa-vvmj-45c8-225f	Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting (XSS) in the BPI component…	2025-10-31T00:30:32Z	2025-11-05T18:31:30Z
ghsa-vjp9-58v6-m6fw	Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and…	2025-10-31T00:30:32Z	2025-10-31T00:30:32Z
ghsa-vgvw-hq2p-7666	Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting (XSS) and cross-site requ…	2025-10-31T00:30:32Z	2025-11-05T18:31:30Z
ghsa-v6f7-ffvc-p9q8	Nagios XI versions prior to 5.8.0 are vulnerable to cross-site scripting (XSS) via the Views featur…	2025-10-31T00:30:32Z	2025-11-05T18:31:30Z
ghsa-qvh9-4f56-7x24	Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting (XSS) in the update checki…	2025-10-31T00:30:32Z	2025-11-05T18:31:30Z
ghsa-pq2h-hv8m-4cxw	The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.1.1 / Nagios XI 5.8.2 contains m…	2025-10-31T00:30:32Z	2025-11-06T18:32:46Z
ghsa-m6rv-4f79-gr2c	Nagios XI versions prior to 5.8.0 are vulnerable to cross-site scripting (XSS) via BPI config ID ha…	2025-10-31T00:30:32Z	2025-11-05T18:31:30Z
ghsa-jphc-8p86-c5pc	Nagios XI versions prior to 5.8.7 are vulnerable to cross-site scripting (XSS) via the Audit Log pa…	2025-10-31T00:30:32Z	2025-11-05T18:31:30Z
ghsa-jp7v-jpwq-p4pw	The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.1.0 / Nagios XI 5.8.0 contais a …	2025-10-31T00:30:32Z	2025-11-06T18:32:46Z
ghsa-j34q-j9v4-prqm	The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.1.7 / Nagios XI 5.8.9 contains a…	2025-10-31T00:30:32Z	2025-11-06T18:32:46Z
ghsa-hg25-64qh-j4f4	The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.1.2 / Nagios XI 5.8.4 contains a…	2025-10-31T00:30:32Z	2025-10-31T15:30:30Z
ghsa-hfcv-97wg-h7wr	Nagios Fusion versions prior to 4.2.0 contain a reflected cross-site scripting (XSS) vulnerability …	2025-10-31T00:30:32Z	2025-11-06T18:32:46Z
ghsa-cgvq-7r44-r2pr	The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.1.3 / Nagios XI 5.8.5 contains a…	2025-10-31T00:30:32Z	2025-11-06T18:32:46Z
ghsa-c37p-r9f9-96fc	The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.1.6 / Nagios XI 5.8.8 contains a…	2025-10-31T00:30:32Z	2025-11-06T18:32:46Z
ghsa-94gv-43w2-9f3r	Nagios XI versions prior to 5.8.0 are vulnerable to stored cross-site scripting (XSS) via the My To…	2025-10-31T00:30:32Z	2025-11-05T18:31:30Z
ghsa-8hx4-cg23-rf4x	The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.1.1 / Nagios XI 5.8.2 contains m…	2025-10-31T00:30:32Z	2025-11-06T18:32:46Z
ghsa-3qxh-pr59-jwh7	Nagios XI versions prior to 5.7.3 contain a command injection vulnerability in the report PDF downl…	2025-10-31T00:30:32Z	2025-11-05T18:31:30Z
ghsa-3ph4-2g83-q4c3	Nagios XI versions prior to 5.7.5 contain a SQL injection vulnerability in the SNMP Trap Interface …	2025-10-31T00:30:32Z	2025-11-05T18:31:30Z
ghsa-32f6-jrx4-x77h	Nagios XI versions prior to 5.8.7 used a temporary directory for Highcharts exports with overly per…	2025-10-31T00:30:32Z	2025-11-05T18:31:30Z
ghsa-2mjm-mg2q-7whf	The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.1.4 / Nagios XI 5.8.6 contains a…	2025-10-31T00:30:32Z	2025-11-06T18:32:46Z
ghsa-xjhg-wrcc-8945	Nagios XI versions prior to 5.7.3 contain a privilege escalation vulnerability in the getprofile.sh…	2025-10-31T00:30:31Z	2025-11-05T18:31:30Z

ID	CVSS	Description	Vendor	Product	Published	Updated
cve-2025-29270	N/A	Incorrect access control in the realtime.cgi endp…	n/a	n/a	2025-10-31T00:00:00.000Z	2025-10-31T19:20:26.805Z
cve-2025-23050		QLowEnergyController in Qt before 6.8.2 mishandle…	Qt	Qt	2025-10-31T00:00:00.000Z	2025-10-31T16:47:22.226Z
cve-2025-8849		Denial of Service in danny-avila/librechat	danny-avila	danny-avila/librechat	2025-10-30T23:42:41.552Z	2025-10-31T15:09:34.057Z
cve-2025-48983		A vulnerability in the Mount service of Veeam Bac…	Veeam	Backup and Replication	2025-10-30T23:33:01.993Z	2025-11-01T03:55:50.741Z
cve-2025-48982		This vulnerability in Veeam Agent for Microsoft W…	Veeam	Agent for Microsoft Windows	2025-10-30T23:33:01.695Z	2025-11-01T03:55:49.438Z
cve-2025-27208		A reflected Cross-Site Scripting (XSS) vulnerabil…	Revive	Revive Adserver	2025-10-30T23:32:11.103Z	2025-11-03T17:32:21.909Z
cve-2025-48984	N/A	A vulnerability allowing remote code execution (R…	Veeam	Backup and Replication	2025-10-30T23:31:34.218Z	2025-11-01T03:55:51.554Z
cve-2025-52665	N/A	A malicious actor with access to the management n…	Ubiquiti Inc	UniFi Access Application	2025-10-30T23:30:28.329Z	2025-10-31T14:07:27.850Z
cve-2025-52663	N/A	A vulnerability was identified in certain UniFi T…	Ubiquiti Inc	UniFi Talk Touch	2025-10-30T23:30:28.298Z	2025-11-03T15:36:24.687Z
cve-2025-48980		In Brave Browser Desktop versions prior to 1.83.1…	Brave	Desktop Browser	2025-10-30T23:29:44.075Z	2025-10-31T14:48:00.254Z
cve-2025-52664		SQL injection in Revive Adserver 6.0.0 causes pot…	Revive	Revive Adserver	2025-10-30T23:29:22.906Z	2025-11-03T17:44:56.120Z
cve-2011-10037	5.1 (v4.0)	Nagios XI < 2011R1.9 XSS via xiwindow Variables Affect…	Nagios	XI	2025-10-30T21:57:27.150Z	2025-11-06T16:23:47.767Z
cve-2021-47697	5.1 (v4.0)	Nagios XI < 5.8.0 XSS via Views URL Handling	Nagios	XI	2025-10-30T21:57:03.111Z	2025-10-31T12:31:07.963Z
cve-2018-25121	5.1 (v4.0)	Nagios XI < 5.4.13 XSS via Views Page	Nagios	XI	2025-10-30T21:56:43.433Z	2025-10-31T12:30:29.928Z
cve-2013-10074	5.1 (v4.0)	Nagios XI < 2012R2.6 XSS via Tools Menu	Nagios	XI	2025-10-30T21:56:22.290Z	2025-10-31T12:29:54.947Z
cve-2011-10040	5.1 (v4.0)	Nagios XI < 2011R1.9 XSS via Status/Report Page Link F…	Nagios	XI	2025-10-30T21:55:55.168Z	2025-10-31T12:29:32.349Z
cve-2016-15051	5.1 (v4.0)	Nagios XI < 5.2.4 XSS via Report startdate/enddate Fields	Nagios	XI	2025-10-30T21:55:32.598Z	2025-10-31T12:28:52.622Z
cve-2011-10038	5.1 (v4.0)	Nagios XI < 2011R1.9 XSS via Recurring Downtime Script	Nagios	XI	2025-10-30T21:55:10.682Z	2025-10-31T12:28:12.837Z
cve-2021-47695	5.1 (v4.0)	Nagios XI < 5.8.0 XSS via My Tools Page	Nagios	XI	2025-10-30T21:54:48.701Z	2025-10-31T13:54:07.677Z
cve-2016-15053	5.1 (v4.0)	Nagios XI < 5.2.4 XSS via “My Reports” Listing	Nagios	XI	2025-10-30T21:54:25.746Z	2025-10-31T13:54:13.555Z
cve-2016-15052	5.1 (v4.0)	Nagios XI < 5.2.4 XSS via Menu System	Nagios	XI	2025-10-30T21:54:04.092Z	2025-10-31T13:54:19.252Z
cve-2020-36866	5.1 (v4.0)	Nagios XI < 5.7.3 XSS via Manage Users in Admin Interface	Nagios	XI	2025-10-30T21:53:41.720Z	2025-11-06T19:15:53.720Z
cve-2023-7316	5.1 (v4.0)	Nagios XI < 2024R1 XSS via Graph Explorer	Nagios	XI	2025-10-30T21:52:58.088Z	2025-10-31T13:54:30.336Z
cve-2023-7315	5.1 (v4.0)	Nagios XI < 5.11.3 XSS via Graph Explorer	Nagios	XI	2025-10-30T21:52:33.775Z	2025-10-31T13:54:36.404Z
cve-2024-14001	5.1 (v4.0)	Nagios XI < 2024R1.1.3 XSS via Executive Summary Report	Nagios	XI	2025-10-30T21:52:13.095Z	2025-10-31T13:54:41.878Z
cve-2020-36864	5.1 (v4.0)	Nagios XI < 5.7.2 XSS via Dashboard Background Color Setting	Nagios	XI	2025-10-30T21:51:46.256Z	2025-10-31T13:54:47.922Z
cve-2023-7318	5.1 (v4.0)	Nagios XI < 2024R1.0.2 XSS via Core Command Expansion	Nagios	XI	2025-10-30T21:51:25.049Z	2025-10-31T13:54:53.359Z
cve-2024-14000	5.1 (v4.0)	Nagios XI < 2024R1.1.3 XSS via Capacity Planning Report	Nagios	XI	2025-10-30T21:51:02.400Z	2025-10-31T13:54:59.034Z
cve-2023-7313	5.1 (v4.0)	Nagios XI < 5.11.3 XSS via Bulk Modifications	Nagios	XI	2025-10-30T21:50:39.771Z	2025-10-31T13:55:06.276Z
cve-2020-36865	5.1 (v4.0)	Nagios XI < 5.7.2 XSS via BPI Config Management	Nagios	XI	2025-10-30T21:50:14.113Z	2025-10-31T14:13:33.104Z

ID	CVSS	Description	Vendor	Product	Published	Updated
cve-2025-11602	6.3 (v4.0)	Untargeted information leak in Bolt protocol handshake	neo4j	Enterprise Edition	2025-10-31T10:20:17.254Z	2025-10-31T11:37:44.777Z
cve-2025-40106	N/A	comedi: fix divide-by-zero in comedi_buf_munge()	Linux	Linux	2025-10-31T09:41:46.740Z	2025-10-31T09:41:46.740Z
cve-2025-12115		WPC Name Your Price for WooCommerce <= 2.1.9 - Unauthe…	wpclever	WPC Name Your Price for WooCommerce	2025-10-31T09:27:21.530Z	2025-10-31T18:43:39.464Z
cve-2025-12041		ERI File Library <= 1.1.0 - Missing Authorization to U…	apos37	ERI File Library	2025-10-31T09:27:20.353Z	2025-10-31T18:43:16.544Z
cve-2025-11843	8.8 (v4.0)	Therefore™ Online and Therefore™ On-Premises contains …	Therefore Corporation GmbH	Therefore Online and Therefore On-Premises	2025-10-31T09:43:08.597Z	2025-10-31T18:52:36.823Z
cve-2025-8383		Depicter <= 4.0.4 - Cross-Site Request Forgery	averta	Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel	2025-10-31T08:25:55.580Z	2025-10-31T17:51:16.878Z
cve-2025-62232		Apache APISIX: basic-auth logs plaintext credentials a…	Apache Software Foundation	Apache APISIX	2025-10-31T08:48:23.592Z	2025-10-31T13:58:14.534Z
cve-2025-30191	5.4 (v3.1)	Malicious content from E-Mail can be used to perf…	Open-Xchange GmbH	OX App Suite	2025-10-31T08:54:42.202Z	2025-10-31T18:27:58.679Z
cve-2025-30189	7.4 (v3.1)	When cache is enabled, some passdb/userdb drivers…	Open-Xchange GmbH	OX Dovecot Pro	2025-10-31T09:02:33.273Z	2025-11-04T21:09:57.944Z
cve-2025-30188	7.5 (v3.1)	Malicious or unintentional API requests can be us…	Open-Xchange GmbH	OX App Suite	2025-10-31T08:54:41.426Z	2025-10-31T18:10:29.713Z
cve-2025-12175		The Events Calendar <= 6.15.9 - Missing Authorization …	stellarwp	The Events Calendar	2025-10-31T08:25:54.534Z	2025-10-31T17:48:37.987Z
cve-2025-12094		OOPSpam Anti-Spam: Spam Protection for WordPress Forms…	oopspam	OOPSpam Anti-Spam: Spam Protection for WordPress Forms & Comments (No CAPTCHA)	2025-10-31T08:25:55.153Z	2025-10-31T14:18:40.788Z
cve-2025-8385		Zombify <= 1.7.5 - Authenticated (Subscriber+) Path Tr…	PX-lab	Zombify	2025-10-31T07:26:40.967Z	2025-10-31T07:26:40.967Z
cve-2025-6520	9.8 (v3.1)	SQLi in Abis Technology's BAPSIS	Abis Technology	BAPSIS	2025-10-31T07:44:20.397Z	2025-10-31T17:27:27.106Z
cve-2025-10897		WooCommerce Designer Pro <= 1.9.28 - Unauthenticated A…	JMA Plugins	WooCommerce Designer Pro	2025-10-31T07:26:39.837Z	2025-10-31T17:18:59.208Z
cve-2025-8489		King Addons for Elementor – Free Elements, Widgets, Te…	kingaddons	King Addons for Elementor – 4,000+ ready Elementor sections, 650+ templates, 70+ FREE widgets for Elementor	2025-10-31T06:42:55.486Z	2025-10-31T06:42:55.486Z
cve-2025-7846		WordPress User Extra Fields <= 16.7 - Authenticated (S…	vanquish	WordPress User Extra Fields	2025-10-31T06:42:56.125Z	2025-10-31T14:26:13.340Z
cve-2025-63675		cryptidy through 1.2.4 allows code execution via …	cryptidy	cryptidy	2025-10-31T00:00:00.000Z	2025-10-31T16:44:37.610Z
cve-2025-5397		Jobmonster - Job Board WordPress Theme <= 4.8.1 - Auth…	Unknown	Noo JobMonster	2025-10-31T06:42:54.832Z	2025-10-31T14:40:20.080Z
cve-2025-58152	5.3 (v3.1) 6.9 (v4.0)	FutureNet MA and IP-K series provided by Century …	Century Systems Co., Ltd.	FutureNet MA-X series	2025-10-31T05:55:02.996Z	2025-10-31T17:07:56.496Z
cve-2025-54763	7.2 (v3.1) 8.6 (v4.0)	FutureNet MA and IP-K series provided by Century …	Century Systems Co., Ltd.	FutureNet MA-X series	2025-10-31T05:55:24.573Z	2025-10-31T17:15:10.387Z
cve-2025-11191	N/A	RealPress < 1.1.0 - Unauthenticated Content Creation/E…	Unknown	RealPress	2025-10-31T06:00:03.402Z	2025-10-31T14:03:01.749Z
cve-2025-11975		FuseWP – WordPress User Sync to Email List & Marketing…	fusewp	FuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.)	2025-10-31T02:26:03.735Z	2025-10-31T16:35:36.186Z
cve-2025-11806		Qzzr Shortcode Plugin <= 1.0.1 - Authenticated (Contri…	qzzr	Qzzr Shortcode Plugin	2025-10-31T02:26:04.351Z	2025-10-31T17:04:00.928Z
cve-2025-23050		QLowEnergyController in Qt before 6.8.2 mishandle…	Qt	Qt	2025-10-31T00:00:00.000Z	2025-10-31T16:47:22.226Z
cve-2025-8849		Denial of Service in danny-avila/librechat	danny-avila	danny-avila/librechat	2025-10-30T23:42:41.552Z	2025-10-31T15:09:34.057Z
cve-2025-6176		Brotli decompression bomb DoS in scrapy/scrapy	scrapy	scrapy/scrapy	2025-10-31T00:00:21.219Z	2025-10-31T16:21:32.237Z
cve-2025-52665	N/A	A malicious actor with access to the management n…	Ubiquiti Inc	UniFi Access Application	2025-10-30T23:30:28.329Z	2025-10-31T14:07:27.850Z
cve-2025-52664		SQL injection in Revive Adserver 6.0.0 causes pot…	Revive	Revive Adserver	2025-10-30T23:29:22.906Z	2025-11-03T17:44:56.120Z
cve-2025-52663	N/A	A vulnerability was identified in certain UniFi T…	Ubiquiti Inc	UniFi Talk Touch	2025-10-30T23:30:28.298Z	2025-11-03T15:36:24.687Z

ID	Description	Published	Updated

ID	Description	Package	Published	Updated

ID	Description	Updated

ID	Description	Published	Updated
mal-2025-188701	Malicious code in pino-loopback-private-phenomic (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188700	Malicious code in pino-cygnus-eris-odin (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188699	Malicious code in pino-avior-nightwatch-betelgeuse (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188698	Malicious code in pi-validate-water-test-tau (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188697	Malicious code in pi-quick-cron-book-compile (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188696	Malicious code in pi-permission-debug-decrypt-slow (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188695	Malicious code in pi-emulate-lambda-alert-sandbox (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188694	Malicious code in pi-compress-grid-class-fast (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188693	Malicious code in pi-authenticate-cold-encrypt-alert (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188692	Malicious code in phylogenetics-fork-tectonic-cosmology (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188691	Malicious code in phylogenetics-elektra-mocha-cosmogenic (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188690	Malicious code in photon-transhumanism-cosmicray-neptune (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188689	Malicious code in photon-sqlite-package-archaeoastronomy (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188688	Malicious code in photon-sedna-hugo-palynology (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188687	Malicious code in photon-darkenergy-mocha-terraforming (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188686	Malicious code in photon-airbnb-virgo-websockets (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188685	Malicious code in phoenix-perseus-mocha-html-webpack-plugin (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188684	Malicious code in phoenix-nova-pulsar-rigel (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188683	Malicious code in phoenix-eleventy-io-radiant (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188682	Malicious code in phoenix-cache-dione-package (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188681	Malicious code in phoenix-apollo-nextjs-nova (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188680	Malicious code in phoebe-yildun-gravity-meissa (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188679	Malicious code in phoebe-tectonophysics-nestjs-dependencies (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188678	Malicious code in phoebe-taurus-xerxes-quantum (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188677	Malicious code in phoebe-stop-mongoose-gatsby (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188676	Malicious code in phoebe-sagitta-cosmiconfig-got (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188675	Malicious code in phoebe-react-bootstrap-heliophysics-nebula (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188674	Malicious code in phoebe-petrology-sirius-fermiparadox (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188673	Malicious code in phoebe-magnetar-biogeochemistry-vulcan (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z
mal-2025-188672	Malicious code in phoebe-holography-deimos-json (npm)	2025-11-13T03:23:14Z	2025-11-13T03:23:14Z

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated
rhsa-2025:8289	Red Hat Security Advisory: pcs security update	2025-05-29T06:28:44+00:00	2025-11-06T23:42:52+00:00
rhsa-2025:8291	Red Hat Security Advisory: pcs security update	2025-05-29T06:28:26+00:00	2025-11-08T07:17:34+00:00
rhsa-2025:8290	Red Hat Security Advisory: pcs security update	2025-05-29T06:28:14+00:00	2025-11-08T07:17:33+00:00
rhsa-2025:8279	Red Hat Security Advisory: pcs security update	2025-05-28T23:37:50+00:00	2025-11-08T07:17:33+00:00
rhsa-2025:8274	Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.14.4 security update	2025-05-28T20:39:49+00:00	2025-11-14T04:51:39+00:00
rhsa-2025:8267	Red Hat Security Advisory: osbuild-composer security update	2025-05-28T15:24:18+00:00	2025-11-14T04:51:39+00:00
rhsa-2025:8256	Red Hat Security Advisory: pcs security update	2025-05-28T11:44:22+00:00	2025-11-06T23:42:52+00:00
rhsa-2025:8254	Red Hat Security Advisory: pcs security update	2025-05-28T10:43:02+00:00	2025-11-08T07:17:33+00:00
rhsa-2025:8252	Red Hat Security Advisory: libsoup security update	2025-05-28T08:05:32+00:00	2025-11-06T23:15:36+00:00
rhsa-2025:8253	Red Hat Security Advisory: spice-client-win security update	2025-05-28T08:03:42+00:00	2025-10-21T14:07:53+00:00
rhsa-2025:8248	Red Hat Security Advisory: kernel security update	2025-05-28T03:30:41+00:00	2025-11-11T16:17:56+00:00
rhsa-2025:8244	Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.21.0 release	2025-05-28T02:39:39+00:00	2025-11-14T04:51:39+00:00
rhsa-2025:8246	Red Hat Security Advisory: kernel security update	2025-05-28T00:42:46+00:00	2025-11-08T07:17:33+00:00
rhsa-2025:8247	Red Hat Security Advisory: kernel-rt security update	2025-05-28T00:37:16+00:00	2025-11-08T07:17:33+00:00
rhsa-2025:8221	Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Container Release Update	2025-05-27T18:15:16+00:00	2025-11-14T00:56:20+00:00
rhsa-2025:8226	Red Hat Security Advisory: python-tornado security update	2025-05-27T17:49:35+00:00	2025-11-08T07:17:33+00:00
rhsa-2025:8224	Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 10.18.1 product release	2025-05-27T17:21:15+00:00	2025-11-14T04:51:38+00:00
rhsa-2025:8223	Red Hat Security Advisory: python-tornado security update	2025-05-27T16:53:50+00:00	2025-11-08T07:17:32+00:00
rhsa-2025:8219	Red Hat Security Advisory: spice-client-win security update	2025-05-27T15:16:01+00:00	2025-10-21T14:07:52+00:00
rhsa-2025:8203	Red Hat Security Advisory: thunderbird security update	2025-05-27T12:28:25+00:00	2025-11-06T23:15:36+00:00
rhsa-2025:8201	Red Hat Security Advisory: gstreamer1-plugins-bad-free security update	2025-05-27T12:05:20+00:00	2025-11-11T10:13:21+00:00
rhsa-2025:8197	Red Hat Security Advisory: unbound security update	2025-05-27T11:49:30+00:00	2025-11-11T16:08:11+00:00
rhsa-2025:8196	Red Hat Security Advisory: thunderbird security update	2025-05-27T10:04:04+00:00	2025-11-06T23:15:36+00:00
rhsa-2025:8195	Red Hat Security Advisory: mingw-freetype and spice-client-win security update	2025-05-27T09:32:45+00:00	2025-10-21T14:07:52+00:00
rhsa-2025:8194	Red Hat Security Advisory: webkit2gtk3 security update	2025-05-27T07:26:50+00:00	2025-11-06T22:36:02+00:00
rhsa-2025:8183	Red Hat Security Advisory: gstreamer1-plugins-bad-free security update	2025-05-27T01:46:49+00:00	2025-11-11T10:13:17+00:00
rhsa-2025:8184	Red Hat Security Advisory: gstreamer1-plugins-bad-free security update	2025-05-27T01:36:13+00:00	2025-11-11T10:13:18+00:00
rhsa-2025:8142	Red Hat Security Advisory: kernel security update	2025-05-26T12:10:27+00:00	2025-11-06T23:35:12+00:00
rhsa-2025:8140	Red Hat Security Advisory: libsoup security update	2025-05-26T11:08:17+00:00	2025-11-06T23:15:36+00:00
rhsa-2025:8139	Red Hat Security Advisory: libsoup security update	2025-05-26T10:56:57+00:00	2025-11-06T23:15:35+00:00

ID	Description	Published	Updated
msrc_cve-2025-0624	Grub2: net: out-of-bounds write in grub_net_search_config_file()	2025-02-02T00:00:00.000Z	2025-07-11T00:00:00.000Z
msrc_cve-2025-0426	A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk.	2025-02-02T00:00:00.000Z	2025-03-14T00:00:00.000Z
msrc_cve-2025-0167	netrc and default credential leak	2025-02-02T00:00:00.000Z	2025-07-11T00:00:00.000Z
msrc_cve-2024-58034	memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code()	2025-02-02T00:00:00.000Z	2025-05-05T00:00:00.000Z
msrc_cve-2024-58020	HID: multitouch: Add NULL check in mt_input_configured	2025-02-02T00:00:00.000Z	2025-04-09T00:00:00.000Z
msrc_cve-2024-58017	printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX	2025-02-02T00:00:00.000Z	2025-03-13T00:00:00.000Z
msrc_cve-2024-58015	wifi: ath12k: Fix for out-of bound access error	2025-02-02T00:00:00.000Z	2025-09-04T01:44:58.000Z
msrc_cve-2024-58011	platform/x86: int3472: Check for adev == NULL	2025-02-02T00:00:00.000Z	2025-03-13T00:00:00.000Z
msrc_cve-2024-58010	binfmt_flat: Fix integer overflow bug on 32 bit systems	2025-02-02T00:00:00.000Z	2025-03-13T00:00:00.000Z
msrc_cve-2024-58007	soc: qcom: socinfo: Avoid out of bounds read of serial number	2025-02-02T00:00:00.000Z	2025-03-13T00:00:00.000Z
msrc_cve-2024-58006	PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar()	2025-02-02T00:00:00.000Z	2025-09-04T01:52:18.000Z
msrc_cve-2024-58005	tpm: Change to kvalloc() in eventlog/acpi.c	2025-02-02T00:00:00.000Z	2025-03-13T00:00:00.000Z
msrc_cve-2024-58002	media: uvcvideo: Remove dangling pointers	2025-02-02T00:00:00.000Z	2025-04-09T00:00:00.000Z
msrc_cve-2024-57999	powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW	2025-02-02T00:00:00.000Z	2025-09-03T23:54:29.000Z
msrc_cve-2024-57997	wifi: wcn36xx: fix channel survey memory allocation size	2025-02-02T00:00:00.000Z	2025-03-13T00:00:00.000Z
msrc_cve-2024-57996	net_sched: sch_sfq: don't allow 1 packet limit	2025-02-02T00:00:00.000Z	2025-03-13T00:00:00.000Z
msrc_cve-2024-57994	ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple()	2025-02-02T00:00:00.000Z	2025-09-03T22:40:08.000Z
msrc_cve-2024-57984	i3c: dw: Fix use-after-free in dw_i3c_master driver due to race condition	2025-02-02T00:00:00.000Z	2025-09-04T03:45:33.000Z
msrc_cve-2024-57981	usb: xhci: Fix NULL pointer dereference on certain command aborts	2025-02-02T00:00:00.000Z	2025-03-13T00:00:00.000Z
msrc_cve-2024-57980	media: uvcvideo: Fix double free in error path	2025-02-02T00:00:00.000Z	2025-03-13T00:00:00.000Z
msrc_cve-2024-57979	pps: Fix a use-after-free	2025-02-02T00:00:00.000Z	2025-05-05T00:00:00.000Z
msrc_cve-2024-57978	media: imx-jpeg: Fix potential error pointer dereference in detach_pm()	2025-02-02T00:00:00.000Z	2025-03-13T00:00:00.000Z
msrc_cve-2024-57977	memcg: fix soft lockup in the OOM process	2025-02-02T00:00:00.000Z	2025-09-03T21:30:48.000Z
msrc_cve-2024-57976	btrfs: do proper folio cleanup when cow_file_range() failed	2025-02-02T00:00:00.000Z	2025-09-03T23:28:32.000Z
msrc_cve-2024-57975	btrfs: do proper folio cleanup when run_delalloc_nocow() failed	2025-02-02T00:00:00.000Z	2025-09-03T22:05:55.000Z
msrc_cve-2024-57974	udp: Deal with race between UDP socket address change and rehash	2025-02-02T00:00:00.000Z	2025-09-03T22:31:39.000Z
msrc_cve-2024-57973	rdma/cxgb4: Prevent potential integer overflow on 32bit	2025-02-02T00:00:00.000Z	2025-03-13T00:00:00.000Z
msrc_cve-2024-57970	libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.	2025-02-02T00:00:00.000Z	2025-09-03T22:29:47.000Z
msrc_cve-2024-57951	hrtimers: Handle CPU state correctly on hotplug	2025-02-02T00:00:00.000Z	2025-05-05T00:00:00.000Z
msrc_cve-2024-57950	drm/amd/display: Initialize denominator defaults to 1	2025-02-02T00:00:00.000Z	2025-09-04T00:17:33.000Z

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Updated

ID	Description	Published	Updated
jvndb-2015-000169	Enisys Gw vulnerable to cross-site scripting	2015-10-29T13:46+09:00	2015-11-02T18:05+09:00
jvndb-2015-000168	Enisys Gw vulnerable to arbitrary file creation	2015-10-29T13:37+09:00	2015-11-02T18:05+09:00
jvndb-2015-000167	Enisys Gw vulnerable to SQL injection	2015-10-29T13:37+09:00	2015-11-02T18:05+09:00
jvndb-2015-000164	ANA App fails to verify SSL server certificates	2015-10-28T14:50+09:00	2018-03-07T13:50+09:00
jvndb-2015-000166	EC-CUBE vulnerable to cross-site request forgery	2015-10-26T12:27+09:00	2015-11-13T19:36+09:00
jvndb-2015-000162	AirDroid for Android vulnerable in handling of implicit intents	2015-10-16T14:00+09:00	2015-10-20T17:56+09:00
jvndb-2015-000160	Avast vulnerable to directory traversal	2015-10-16T14:00+09:00	2015-10-20T17:56+09:00
jvndb-2015-000126	eXtplorer vulnerable to cross-site request forgery	2015-10-15T12:24+09:00	2015-10-19T15:55+09:00
jvndb-2015-000159	Party Track SDK for iOS fails to verify server certificates	2015-10-14T15:41+09:00	2015-11-11T17:32+09:00
jvndb-2015-000158	Pref Shimane CMS vulnerable to SQL injection	2015-10-09T14:12+09:00	2015-10-14T17:26+09:00
jvndb-2015-000154	phpRechnung vulnerable to SQL injection	2015-10-09T14:12+09:00	2015-10-14T17:26+09:00
jvndb-2015-000153	Dojo Toolkit vulnerable to cross-site scripting	2015-10-09T14:12+09:00	2015-10-14T17:26+09:00
jvndb-2015-000152	Cybozu Garoon vulnerable to LDAP injection	2015-10-07T14:48+09:00	2016-06-02T19:15+09:00
jvndb-2015-000151	Multiple PHP code execution vulnerabilitles in Cybozu Garoon	2015-10-07T14:48+09:00	2016-05-30T15:34+09:00
jvndb-2015-000149	gollum vulnerable to file exposure	2015-10-02T13:36+09:00	2015-10-08T15:26+09:00
jvndb-2015-000148	Dotclear vulnerable to cross-site scripting	2015-10-02T13:36+09:00	2015-10-06T18:02+09:00
jvndb-2015-000147	AjaXplorer vulnerable to directory traversal	2015-10-01T14:11+09:00	2015-10-07T17:38+09:00
jvndb-2015-000141	Python for Windows may insecurely load dynamic libraries	2015-10-01T14:11+09:00	2015-10-08T15:25+09:00
jvndb-2015-000140	Canary Labs Trend Web Server vulnerable to buffer overflow	2015-10-01T14:11+09:00	2015-10-06T18:00+09:00
jvndb-2015-000146	MATCHA SNS access restriction bypass vulnerability	2015-09-30T15:05+09:00	2015-10-08T15:25+09:00
jvndb-2015-000145	MATCHA SNS vulnerable to code injection	2015-09-30T15:05+09:00	2015-10-08T15:25+09:00
jvndb-2015-000144	MATCHA INVOICE vulnerable to code injection	2015-09-30T15:04+09:00	2015-10-08T15:25+09:00
jvndb-2015-000143	MATCHA INVOICE vulnerable to SQL injection	2015-09-30T15:04+09:00	2015-10-08T15:25+09:00
jvndb-2015-000139	baserCMS vulnerable to SQL injection	2015-09-30T14:46+09:00	2015-10-07T17:38+09:00
jvndb-2015-000138	baserCMS fails to restrict access permissions	2015-09-30T14:46+09:00	2015-10-07T17:38+09:00
jvndb-2015-000137	niconico App for iOS fails to verify SSL server certificates	2015-09-29T14:05+09:00	2018-03-07T12:26+09:00
jvndb-2015-000142	Apache Cordova plugin cordova-plugin-file-transfer vulnerable to HTTP header injection	2015-09-29T14:04+09:00	2015-12-21T17:45+09:00
jvndb-2015-000136	H2O vulnerable to directory traversal	2015-09-17T13:36+09:00	2015-10-05T17:32+09:00
jvndb-2015-000135	Photon vulnerable to URL whitelist bypass	2015-09-16T16:58+09:00	2015-10-02T17:15+09:00
jvndb-2015-000134	Reversi vulnerable to URL whitelist bypass	2015-09-16T16:58+09:00	2015-10-02T17:18+09:00

ID	Description	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated