Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-rmp9-wcq5-wff8 | Nagios XI versions prior to 2011R1.9 contain privilege escalation vulnerabilities in the scripts th… | 2025-10-31T00:30:30Z | 2025-11-06T15:31:02Z |
| ghsa-m4h2-vq52-xvqg | Nagios XI versions prior to 2011R1.9 are vulnerable to cross-site scripting (XSS) via the handling … | 2025-10-31T00:30:30Z | 2025-11-06T15:31:02Z |
| ghsa-8pr9-vvj4-gx32 | Nagios XI versions prior to 2011R1.9 are vulnerable to cross-site scripting (XSS) via the handling … | 2025-10-31T00:30:30Z | 2025-11-06T18:32:45Z |
| ghsa-3vg4-6fgq-6952 | Nagios XI versions prior to 2012R1.6 contain a reflected cross-site scripting (XSS) vulnerability i… | 2025-10-31T00:30:30Z | 2025-11-06T15:31:02Z |
| ghsa-2qr8-8m5h-4c3j | Nagios XI versions prior to 2012R1.3 contain a SQL injection vulnerability in the legacy Core Confi… | 2025-10-31T00:30:30Z | 2025-11-06T15:31:02Z |
| ghsa-2jv9-jhfm-qj68 | Nagios XI versions prior to 2011R1.9 are vulnerable to cross-site scripting (XSS) via the Alert Hea… | 2025-10-31T00:30:30Z | 2025-11-06T15:31:02Z |
| ghsa-x5w7-gch7-xjf6 | In danny-avila/librechat version 0.7.9, there is an insecure API design issue in the 2-Factor Authe… | 2025-10-30T21:30:46Z | 2025-10-30T21:30:46Z |
| ghsa-w3h9-r78g-92j8 | Cross-site scripting (XSS) vulnerability in Zucchetti Ad Hoc Infinity 4.2 and earlier allows remote… | 2025-10-30T21:30:46Z | 2025-10-31T21:31:00Z |
| ghsa-vvmv-j82j-96cm | IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to trav… | 2025-10-30T21:30:46Z | 2025-10-30T21:30:46Z |
| ghsa-mm44-q4q5-7mg9 | Kitware VTK (Visualization Toolkit) 9.5.0 is vulnerable to Heap Use-After-Free in vtkGLTFImporter::… | 2025-10-30T21:30:46Z | 2025-10-30T21:30:46Z |
| ghsa-h693-9mj7-pcj4 | A path traversal vulnerability was identified in SourceCodester Pet Grooming Management System 1.0,… | 2025-10-30T21:30:46Z | 2025-10-30T21:30:46Z |
| ghsa-fw76-qjj6-w857 | IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to trav… | 2025-10-30T21:30:46Z | 2025-10-30T21:30:46Z |
| ghsa-f9f4-5859-29mf | sqls-server/sqls is vulnerable to command injection in the config command | 2025-10-30T21:30:46Z | 2025-11-05T22:15:57Z |
| ghsa-8h77-xx8f-j4vm | Each Italy Wireless Mini Router WIRELESS-N 300M v28K.MiniRouter.20190211 was discovered to store th… | 2025-10-30T21:30:46Z | 2025-10-30T21:30:46Z |
| ghsa-64g6-xpc2-jfrj | Incorrect access control in the Web management interface in Each Italy Wireless Mini Router WIRELES… | 2025-10-30T21:30:46Z | 2025-10-30T21:30:46Z |
| ghsa-56jv-4ww3-65mw | Liferay Portal is vulnerable to XSS in the Blogs widget | 2025-10-30T21:30:46Z | 2025-10-31T17:52:07Z |
| ghsa-4fq3-g7gg-vxwr | Cross-site scripting (XSS) vulnerability in Zucchetti Ad Hoc Revolution 4.1 and earlier allows remo… | 2025-10-30T21:30:46Z | 2025-11-03T21:34:41Z |
| ghsa-4c6m-gmp8-84fq | IBM Sterling Connect Direct for Unix 6.2.0.7 through 6.2.0.9 iFix004, 6.4.0.0 through 6.4.0.2 iFix0… | 2025-10-30T21:30:46Z | 2025-10-30T21:30:46Z |
| ghsa-2m5r-g595-364q | A buffer overflow in the UPnP service of Tenda AC8 Hardware v03.03.10.01 allows attackers to cause … | 2025-10-30T21:30:46Z | 2025-10-30T21:30:46Z |
| ghsa-rh8r-96xx-9r65 | HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile applica… | 2025-10-30T21:30:39Z | 2025-10-30T21:30:39Z |
| ghsa-c6mc-44gq-3mrg | HCL DRYiCE AEX product is impacted by lack of input validation vulnerability in a particular web ap… | 2025-10-30T21:30:39Z | 2025-10-30T21:30:39Z |
| ghsa-82vg-m48p-wwpp | HCL DRYiCE AEX is impacted by a lack of clickjacking protection in the AEX web application. An att… | 2025-10-30T21:30:39Z | 2025-10-30T21:30:39Z |
| ghsa-6crx-c7g6-f3m8 | HCL DRYiCE AEX product is impacted by Missing Root Detection vulnerability in the mobile applicatio… | 2025-10-30T21:30:39Z | 2025-10-30T21:30:39Z |
| ghsa-rjr4-6p27-h332 | Kanova Android App version 1.0.27 (package name com.karelane), developed by Karely L.L.C., contains… | 2025-10-30T18:31:11Z | 2025-10-30T21:30:46Z |
| ghsa-pqp3-hmp8-73fc | An issue in BusinessNext CRMnext v.10.8.3.0 allows a remote attacker to execute arbitrary code via … | 2025-10-30T18:31:11Z | 2025-10-30T21:30:46Z |
| ghsa-pmj4-vhx5-p99p | An arbitrary file upload vulnerability in the Data Preparation function of AIxBlock commit f60975 a… | 2025-10-30T18:31:11Z | 2025-10-30T21:30:46Z |
| ghsa-mqcj-w4hv-fh6h | A stored cross-site scripting (XSS) vulnerability in AIxBlock commit 04f305 allows attackers to exe… | 2025-10-30T18:31:11Z | 2025-10-30T21:30:46Z |
| ghsa-h9f5-hrp4-5xx4 | A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the /publix/run endpoint of … | 2025-10-30T18:31:11Z | 2025-10-30T21:30:46Z |
| ghsa-h976-6mc8-5w2v | PerfreeBlog v4.0.11 is vulnerable to Server-Side Request Forgery due to a missing authorization che… | 2025-10-30T18:31:11Z | 2025-10-30T21:30:45Z |
| ghsa-f5vh-4rj2-w8r8 | Liferay Portal is vulnerable to DNS rebinding attacks | 2025-10-30T18:31:11Z | 2025-10-31T17:40:46Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2020-36868 | 8.5 (v4.0) | Nagios XI < 5.7.3 Privilege escalation via Insecure ge… |
Nagios |
XI |
2025-10-30T21:40:03.387Z | 2025-10-31T13:24:59.886Z |
| cve-2025-34287 | 8.4 (v4.0) | Nagios XI < 2024R2 Privilege Escalation via process_pe… |
Nagios |
XI |
2025-10-30T21:39:43.482Z | 2025-10-31T13:56:07.335Z |
| cve-2025-34135 | 5.1 (v4.0) | Nagios XI < 2024R1.4.2 Overly Permissive Permissions o… |
Nagios |
XI |
2025-10-30T21:39:22.649Z | 2025-10-31T13:56:12.807Z |
| cve-2021-47700 | 8.5 (v4.0) | Nagios XI < 5.8.7 Insecure Permissions on Highcharts T… |
Nagios |
XI |
2025-10-30T21:39:02.693Z | 2025-10-31T13:25:10.658Z |
| cve-2024-14006 | 8.8 (v4.0) | Nagios XI < 2024R1.2.2 Host Header Injection |
Nagios |
XI |
2025-10-30T21:38:42.351Z | 2025-10-31T13:25:16.804Z |
| cve-2018-25122 | 8.7 (v4.0) | Nagios XI < 5.4.13 Component Download Page RCE |
Nagios |
XI |
2025-10-30T21:37:48.530Z | 2025-10-31T13:25:25.406Z |
| cve-2024-14005 | 9.4 (v4.0) | Nagios XI < 2024R1.2 Command Injection via Docker Wizard |
Nagios |
XI |
2025-10-30T21:37:28.667Z | 2025-10-31T13:25:31.802Z |
| cve-2020-36867 | 8.7 (v4.0) | Nagios XI < 5.7.3 Command Injection in Report PDF Download |
Nagios |
XI |
2025-10-30T21:37:09.717Z | 2025-10-31T13:25:40.026Z |
| cve-2021-47689 | 5.1 (v4.0) | Nagios XI < 5.8.0 Core Config Manager (CCM) XSS via Te… |
Nagios |
XI |
2025-10-30T21:36:50.105Z | 2025-10-31T13:56:18.435Z |
| cve-2021-47691 | 5.1 (v4.0) | Nagios XI < 5.8.2 Core Config Manager (CCM) XSS via Se… |
Nagios |
XI |
2025-10-30T21:36:28.131Z | 2025-10-31T14:19:56.267Z |
| cve-2022-50584 | 5.1 (v4.0) | Nagios XI < 5.8.8 Core Config Manager (CCM) XSS via Se… |
Nagios |
XI |
2025-10-30T21:36:08.674Z | 2025-10-31T14:20:17.635Z |
| cve-2020-36861 | 5.1 (v4.0) | Nagios XI < 5.7.5 Core Config Manager (CCM) XSS via Ov… |
Nagios |
XI |
2025-10-30T21:35:47.361Z | 2025-10-31T14:20:45.395Z |
| cve-2021-47690 | 5.1 (v4.0) | Nagios XI < 5.8.2 Core Config Manager (CCM) XSS via Ov… |
Nagios |
XI |
2025-10-30T21:35:22.207Z | 2025-10-31T14:21:05.278Z |
| cve-2020-36860 | 5.1 (v4.0) | Nagios XI < 5.7.4 Core Config Manager (CCM) XSS via Ob… |
Nagios |
XI |
2025-10-30T21:34:57.698Z | 2025-10-31T14:47:15.676Z |
| cve-2021-47692 | N/A | {'providerMetadata': {'orgId': '83251b91-4cc7-4094-a5c7-464a1b83ea10', 'shortName': 'VulnCheck', 'dateUpdated': '2025-10-31T13:48:07.570Z'}, 'rejectedReasons': [{'lang': 'en', 'supportingMedia': [{'base64': False, 'type': 'text/html', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. It has been identified as a duplicate of <span style="background-color: rgb(255, 255, 255);"><a target="_blank" rel="nofollow" href="https://www.cve.org/CVERecord?id=CVE-2021-33179">https://www.cve.org/CVERecord?id=CVE-2021-33179</a>.</span><br>'}], 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. It has been identified as a duplicate of\xa0 https://www.cve.org/CVERecord?id=CVE-2021-33179 .'}], 'x_generator': {'engine': 'Vulnogram 0.1.0-dev'}} | N/A | N/A | 2025-10-30T21:34:27.631Z | 2025-10-31T13:48:07.570Z |
| cve-2022-50585 | 5.1 (v4.0) | Nagios XI < 5.8.9 Core Config Manager (CCM) XSS via Au… |
Nagios |
XI |
2025-10-30T21:34:05.777Z | 2025-10-31T14:48:16.097Z |
| cve-2020-36859 | 8.7 (v4.0) | Nagios XI < 5.7.4 Core Config Manager (CCM) SQL Inject… |
Nagios |
XI |
2025-10-30T21:33:40.529Z | 2025-10-31T14:51:05.332Z |
| cve-2021-47693 | 8.7 (v4.0) | Nagios XI < 5.8.5 Core Config Manager (CCM) SQL Inject… |
Nagios |
XI |
2025-10-30T21:33:18.775Z | 2025-10-31T14:52:53.982Z |
| cve-2021-47694 | 5.1 (v4.0) | Nagios XI < 5.8.6 Core Config Manager (CCM) Reflected … |
Nagios |
XI |
2025-10-30T21:32:43.970Z | 2025-10-31T15:02:06.747Z |
| cve-2013-10073 | 8.7 (v4.0) | Nagios XI < 2012R1.6 Auto-Discovery Shell Command Injection |
Nagios |
XI |
2025-10-30T21:32:22.811Z | 2025-10-31T15:02:39.752Z |
| cve-2013-10072 | 7.2 (v4.0) | Nagios XI < 2012R1.6 Auto-Discovery Missing Authorization |
Nagios |
XI |
2025-10-30T21:32:02.900Z | 2025-10-31T17:44:33.772Z |
| cve-2020-36857 | 8.6 (v4.0) | Nagios XI < 5.6.14 Authenticated SQL Injection via SNM… |
Nagios |
XI |
2025-10-30T21:31:41.981Z | 2025-10-31T17:44:09.989Z |
| cve-2012-10063 | 8.7 (v4.0) | Nagios XI < 2012R1.3 Authenticated SQL Injection in Le… |
Nagios |
XI |
2025-10-30T21:31:21.797Z | 2025-10-31T17:43:40.892Z |
| cve-2020-36856 | 9.4 (v4.0) | Nagios XI < 5.6.14 Authenticated RCE command_test.php … |
Nagios |
XI |
2025-10-30T21:30:59.762Z | 2025-10-31T15:03:27.598Z |
| cve-2024-14002 | 7.1 (v4.0) | Nagios XI < 2024R1.1.4 Authenticated Local File Inclus… |
Nagios |
XI |
2025-10-30T21:30:39.691Z | 2025-10-31T15:05:11.624Z |
| cve-2025-34284 | 9.4 (v4.0) | Nagios XI < 2024R2 Authenticated Command Injection via… |
Nagios |
XI |
2025-10-30T21:30:19.179Z | 2025-10-31T15:05:49.240Z |
| cve-2024-13995 | 7.1 (v4.0) | Nagios XI < 2024R1.1.2 API Keys & Hashed Passwords Aut… |
Nagios |
XI |
2025-10-30T21:29:55.745Z | 2025-10-31T15:06:19.925Z |
| cve-2025-34283 | 7.1 (v4.0) | Nagios XI < 2024R1.4.2 API Key Disclosure via Neptune Themes |
Nagios |
XI |
2025-10-30T21:29:37.293Z | 2025-10-31T15:06:58.704Z |
| cve-2024-13994 | 8.7 (v4.0) | Nagios XI < 2024R1.1.2 Allow Insecure Logins Missing A… |
Nagios |
XI |
2025-10-30T21:29:17.240Z | 2025-10-31T15:07:28.675Z |
| cve-2024-13999 | 7.3 (v4.0) | Nagios XI < 2024R1.1.3 AD/LDAP Token Authenticated Inf… |
Nagios |
XI |
2025-10-30T21:28:50.777Z | 2025-10-31T15:08:00.594Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2024-14009 | 9.4 (v4.0) | Nagios XI < 2024R1.0.1 Privilege Escalation via System… |
Nagios |
XI |
2025-10-30T21:41:13.594Z | 2025-10-31T13:24:39.298Z |
| cve-2024-14008 | 9.4 (v4.0) | Nagios XI < 2024R1.3.2 RCE via WinRM Configuration Wizard |
Nagios |
XI |
2025-10-30T21:43:07.355Z | 2025-10-31T13:24:00.739Z |
| cve-2024-14006 | 8.8 (v4.0) | Nagios XI < 2024R1.2.2 Host Header Injection |
Nagios |
XI |
2025-10-30T21:38:42.351Z | 2025-10-31T13:25:16.804Z |
| cve-2024-14005 | 9.4 (v4.0) | Nagios XI < 2024R1.2 Command Injection via Docker Wizard |
Nagios |
XI |
2025-10-30T21:37:28.667Z | 2025-10-31T13:25:31.802Z |
| cve-2024-14004 | 8.7 (v4.0) | Nagios XI < 2024R1.2 Privilege Escalation via NagVis C… |
Nagios |
XI |
2025-10-30T21:40:51.523Z | 2025-10-31T13:24:45.744Z |
| cve-2024-14003 | 9.4 (v4.0) | Nagios XI < 2024R1.2 RCE via NRDP Server Plugins |
Nagios |
XI |
2025-10-30T21:42:19.225Z | 2025-10-31T13:24:16.576Z |
| cve-2024-14002 | 7.1 (v4.0) | Nagios XI < 2024R1.1.4 Authenticated Local File Inclus… |
Nagios |
XI |
2025-10-30T21:30:39.691Z | 2025-10-31T15:05:11.624Z |
| cve-2024-14001 | 5.1 (v4.0) | Nagios XI < 2024R1.1.3 XSS via Executive Summary Report |
Nagios |
XI |
2025-10-30T21:52:13.095Z | 2025-10-31T13:54:41.878Z |
| cve-2024-14000 | 5.1 (v4.0) | Nagios XI < 2024R1.1.3 XSS via Capacity Planning Report |
Nagios |
XI |
2025-10-30T21:51:02.400Z | 2025-10-31T13:54:59.034Z |
| cve-2024-13999 | 7.3 (v4.0) | Nagios XI < 2024R1.1.3 AD/LDAP Token Authenticated Inf… |
Nagios |
XI |
2025-10-30T21:28:50.777Z | 2025-10-31T15:08:00.594Z |
| cve-2024-13996 | 9.2 (v4.0) | Nagios XI < 2024R1.1.3 Session Not Invalidated After P… |
Nagios |
XI |
2025-10-30T21:44:26.053Z | 2025-10-31T13:55:58.885Z |
| cve-2024-13995 | 7.1 (v4.0) | Nagios XI < 2024R1.1.2 API Keys & Hashed Passwords Aut… |
Nagios |
XI |
2025-10-30T21:29:55.745Z | 2025-10-31T15:06:19.925Z |
| cve-2024-13994 | 8.7 (v4.0) | Nagios XI < 2024R1.1.2 Allow Insecure Logins Missing A… |
Nagios |
XI |
2025-10-30T21:29:17.240Z | 2025-10-31T15:07:28.675Z |
| cve-2024-13993 | 5.1 (v4.0) | Nagios XI < 2024R1.1.2 Reflected XSS via Login Page on… |
Nagios |
XI |
2025-10-30T21:43:55.640Z | 2025-10-31T13:23:45.427Z |
| cve-2023-7325 | 9.3 (v4.0) | Mingyu Operations and Maintenance Audit and Risk Contr… |
Anheng Information (Hangzhou DBAPP Security Information Technology Co., Ltd.) |
Mingyu Operations and Maintenance Audit and Risk Control System |
2025-10-30T21:17:54.830Z | 2025-10-31T17:18:04.911Z |
| cve-2023-7323 | 5.1 (v4.0) | Nagios Log Server < 2024R1 XSS via Create User Function |
Nagios |
Log Server |
2025-10-30T21:27:03.493Z | 2025-10-31T17:42:22.015Z |
| cve-2023-7322 | 8.7 (v4.0) | Nagios Log Server < 2024R1 Incorrect Authorization Gra… |
Nagios |
Log Server |
2025-10-30T21:23:34.547Z | 2025-10-31T15:11:35.246Z |
| cve-2023-7321 | 5.1 (v4.0) | Nagios Log Server < 2.1.14 XSS via Snapshots Page |
Nagios |
Log Server |
2025-10-30T21:27:23.232Z | 2025-10-31T17:43:00.514Z |
| cve-2023-7319 | 5.1 (v4.0) | Nagios Network Analyzer < 2024R1 XSS via Percentile Ca… |
Nagios |
Network Analyzer |
2025-10-30T21:28:29.373Z | 2025-11-07T18:06:38.605Z |
| cve-2023-7318 | 5.1 (v4.0) | Nagios XI < 2024R1.0.2 XSS via Core Command Expansion |
Nagios |
XI |
2025-10-30T21:51:25.049Z | 2025-10-31T13:54:53.359Z |
| cve-2023-7317 | 9.4 (v4.0) | Nagios XI < 2024R1 Web SSH Terminal Missing Access Control |
Nagios |
XI |
2025-10-30T21:47:19.903Z | 2025-10-31T13:23:05.947Z |
| cve-2023-7316 | 5.1 (v4.0) | Nagios XI < 2024R1 XSS via Graph Explorer |
Nagios |
XI |
2025-10-30T21:52:58.088Z | 2025-10-31T13:54:30.336Z |
| cve-2023-7315 | 5.1 (v4.0) | Nagios XI < 5.11.3 XSS via Graph Explorer |
Nagios |
XI |
2025-10-30T21:52:33.775Z | 2025-10-31T13:54:36.404Z |
| cve-2023-7314 | 5.1 (v4.0) | Nagios XI < 5.11.3 XSS via Bandwidth Report |
Nagios |
XI |
2025-10-30T21:49:27.209Z | 2025-10-31T13:55:18.483Z |
| cve-2023-7313 | 5.1 (v4.0) | Nagios XI < 5.11.3 XSS via Bulk Modifications |
Nagios |
XI |
2025-10-30T21:50:39.771Z | 2025-10-31T13:55:06.276Z |
| cve-2023-7312 | 6.2 (v4.0) | Nagios Fusion < 4.2.0 Email Settings Stored XSS via SM… |
Nagios |
Fusion |
2025-10-30T21:19:51.723Z | 2025-11-03T18:37:04.782Z |
| cve-2023-53690 | 6.2 (v4.0) | Nagios Fusion < 4.2.0 LDAP/AD Integration Stored XSS |
Nagios |
Fusion |
2025-10-30T21:20:37.543Z | 2025-11-03T19:13:27.132Z |
| cve-2023-53689 | 6 (v4.0) | Nagios Fusion < 4.2.0 License Information Reflected XSS |
Nagios |
Fusion |
2025-10-30T21:20:59.302Z | 2025-10-31T16:40:29.216Z |
| cve-2023-53688 | 5.1 (v4.0) | Nagios XI < 5.11.3 XSS & CSRF via Hypermap Replay |
Nagios |
XI |
2025-10-30T21:47:42.470Z | 2025-10-31T13:22:57.676Z |
| cve-2022-50588 | 5.1 (v4.0) | Nagios XI < 5.8.9 Stored XSS in Update Checking |
Nagios |
XI |
2025-10-30T21:45:33.708Z | 2025-10-31T13:55:52.866Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-188641 | Malicious code in perturbation-css-loader-loopback-uninstall (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188640 | Malicious code in perturbation-coronalmassejection-terser-ganymede (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188639 | Malicious code in perturbation-bulma-mensa-eventhoriz (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188638 | Malicious code in perturbation-blaze-singularity-hermes (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188637 | Malicious code in perseus-xenon-grus-polaris (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188636 | Malicious code in perseus-websockets-wasat-hydra (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188635 | Malicious code in perseus-vuepress-hydra-backend (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188634 | Malicious code in perseus-tectonophysics-iota-xenobiology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188633 | Malicious code in perseus-subscription-quito-uranology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188632 | Malicious code in perseus-selenium-lepton-ganymede (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188631 | Malicious code in perseus-query-halley-selenology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188630 | Malicious code in perseus-orbit-iota-aquarius (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188629 | Malicious code in perseus-odin-neptune-cli (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188628 | Malicious code in perseus-metalsmith-acamar-iota (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188627 | Malicious code in perseus-lyra-css-minimizer-webpack-plugin-loop (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188626 | Malicious code in perseus-hermes-polaris-event (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188625 | Malicious code in perseus-global-meissa-terser-webpack-plugin (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188624 | Malicious code in perseus-geoarchaeology-husky-changelog (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188623 | Malicious code in perseus-css-minimizer-webpack-plugin-janus-dependencies (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188622 | Malicious code in perseus-cosmogenic-spectron-webdriver-meissa (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188621 | Malicious code in perseus-cordelia-google-express (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188620 | Malicious code in perseus-carina-duplex-bellatrix (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188619 | Malicious code in perseus-cache-neptune-jupiter (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188618 | Malicious code in perseus-babel-spectron-antares (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188617 | Malicious code in perseus-astrobiology-xo-postgres (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188616 | Malicious code in perseus-ablation-elara-cryptography (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188615 | Malicious code in permission-resolve-function-fast-try (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188614 | Malicious code in permission-permission-link-monitor-web (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188613 | Malicious code in permission-index-zero-visualize-private (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188612 | Malicious code in permission-eta-float-gamma-psi (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:7893 | Red Hat Security Advisory: grafana security update | 2025-05-19T06:24:19+00:00 | 2025-11-11T09:58:28+00:00 |
| rhsa-2025:7898 | Red Hat Security Advisory: kernel security update | 2025-05-19T06:23:54+00:00 | 2025-11-07T16:29:10+00:00 |
| rhsa-2025:7894 | Red Hat Security Advisory: grafana security update | 2025-05-19T06:21:49+00:00 | 2025-11-11T09:58:28+00:00 |
| rhsa-2025:7895 | Red Hat Security Advisory: compat-openssl10 security update | 2025-05-19T06:21:29+00:00 | 2025-11-06T21:44:13+00:00 |
| rhsa-2025:7901 | Red Hat Security Advisory: kernel security update | 2025-05-19T06:20:44+00:00 | 2025-11-07T16:29:10+00:00 |
| rhsa-2025:7897 | Red Hat Security Advisory: kernel security update | 2025-05-19T06:20:19+00:00 | 2025-11-07T16:29:10+00:00 |
| rhsa-2025:7892 | Red Hat Security Advisory: grafana security update | 2025-05-19T06:20:19+00:00 | 2025-11-11T09:58:28+00:00 |
| rhsa-2025:7902 | Red Hat Security Advisory: kernel-rt security update | 2025-05-19T06:20:04+00:00 | 2025-11-07T16:29:11+00:00 |
| rhsa-2025:7899 | Red Hat Security Advisory: kernel security update | 2025-05-19T06:19:54+00:00 | 2025-11-07T16:29:10+00:00 |
| rhsa-2025:7896 | Red Hat Security Advisory: kernel-rt security update | 2025-05-19T06:19:04+00:00 | 2025-11-07T16:29:09+00:00 |
| rhsa-2025:7733 | Red Hat Security Advisory: compat-openssl11 security update | 2025-05-15T18:36:35+00:00 | 2025-11-06T21:44:11+00:00 |
| rhsa-2025:7683 | Red Hat Security Advisory: kernel security update | 2025-05-15T18:26:00+00:00 | 2025-11-06T22:56:49+00:00 |
| rhsa-2025:7695 | Red Hat Security Advisory: thunderbird security update | 2025-05-15T17:29:30+00:00 | 2025-11-06T23:15:33+00:00 |
| rhsa-2025:7732 | Red Hat Security Advisory: kernel-rt security update | 2025-05-15T17:22:05+00:00 | 2025-11-07T16:29:09+00:00 |
| rhsa-2025:7682 | Red Hat Security Advisory: kernel security update | 2025-05-15T17:19:50+00:00 | 2025-11-07T16:29:08+00:00 |
| rhsa-2025:7753 | Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.15.2 security update | 2025-05-15T17:09:32+00:00 | 2025-11-14T04:51:35+00:00 |
| rhsa-2025:7694 | Red Hat Security Advisory: thunderbird security update | 2025-05-15T17:07:30+00:00 | 2025-11-06T23:15:33+00:00 |
| rhsa-2025:4677 | Red Hat Security Advisory: OpenShift Container Platform 4.13.58 bug fix and security update | 2025-05-15T16:34:38+00:00 | 2025-11-14T04:51:25+00:00 |
| rhsa-2025:7689 | Red Hat Security Advisory: thunderbird security update | 2025-05-15T16:29:20+00:00 | 2025-11-06T23:15:31+00:00 |
| rhsa-2025:7690 | Red Hat Security Advisory: thunderbird security update | 2025-05-15T16:07:55+00:00 | 2025-11-06T23:15:32+00:00 |
| rhsa-2025:7692 | Red Hat Security Advisory: thunderbird security update | 2025-05-15T16:05:25+00:00 | 2025-11-06T23:15:32+00:00 |
| rhsa-2025:7691 | Red Hat Security Advisory: thunderbird security update | 2025-05-15T15:59:25+00:00 | 2025-11-06T23:15:32+00:00 |
| rhsa-2025:7686 | Red Hat Security Advisory: redis:6 security update | 2025-05-15T15:50:09+00:00 | 2025-11-14T00:56:20+00:00 |
| rhsa-2025:7693 | Red Hat Security Advisory: thunderbird security update | 2025-05-15T15:39:25+00:00 | 2025-11-06T23:15:33+00:00 |
| rhsa-2025:7696 | Red Hat Security Advisory: Red Hat Build of Apache Camel 4.10.3 for Spring Boot release, security update. | 2025-05-15T15:17:00+00:00 | 2025-11-11T16:22:41+00:00 |
| rhsa-2025:7676 | Red Hat Security Advisory: kernel-rt security update | 2025-05-15T13:20:31+00:00 | 2025-11-06T22:56:49+00:00 |
| rhsa-2025:7675 | Red Hat Security Advisory: kernel security update | 2025-05-15T13:12:55+00:00 | 2025-11-07T16:29:08+00:00 |
| rhsa-2025:7652 | Red Hat Security Advisory: kernel security update | 2025-05-15T07:30:31+00:00 | 2025-11-07T16:29:07+00:00 |
| rhsa-2025:7630 | Red Hat Security Advisory: updated discovery-cli RPMs | 2025-05-15T02:54:01+00:00 | 2025-11-14T00:56:19+00:00 |
| rhsa-2025:4731 | Red Hat Security Advisory: OpenShift Container Platform 4.16.40 bug fix and security update | 2025-05-15T00:44:29+00:00 | 2025-11-14T04:51:27+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2022-49636 | vlan: fix memory leak in vlan_newlink() | 2025-02-02T00:00:00.000Z | 2025-09-03T21:57:17.000Z |
| msrc_cve-2022-49635 | drm/i915/selftests: fix subtraction overflow bug | 2025-02-02T00:00:00.000Z | 2025-10-24T01:02:36.000Z |
| msrc_cve-2022-49610 | KVM: VMX: Prevent RSB underflow before vmenter | 2025-02-02T00:00:00.000Z | 2025-10-24T01:02:30.000Z |
| msrc_cve-2022-49562 | KVM: x86: Use __try_cmpxchg_user() to update guest PTE A/D bits | 2025-02-02T00:00:00.000Z | 2025-10-24T01:01:54.000Z |
| msrc_cve-2022-49552 | bpf: Fix combination of jit blinding and pointers to bpf subprogs. | 2025-02-02T00:00:00.000Z | 2025-10-24T01:01:49.000Z |
| msrc_cve-2022-49547 | btrfs: fix deadlock between concurrent dio writes when low on free data space | 2025-02-02T00:00:00.000Z | 2025-09-03T21:48:49.000Z |
| msrc_cve-2022-49543 | ath11k: fix the warning of dev_wake in mhi_pm_disable_transition() | 2025-02-02T00:00:00.000Z | 2025-10-24T01:01:44.000Z |
| msrc_cve-2022-49535 | scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI | 2025-02-02T00:00:00.000Z | 2025-09-04T03:58:29.000Z |
| msrc_cve-2022-49534 | scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT | 2025-02-02T00:00:00.000Z | 2025-09-03T21:50:59.000Z |
| msrc_cve-2022-49533 | ath11k: Change max no of active probe SSID and BSSID to fw capability | 2025-02-02T00:00:00.000Z | 2025-10-22T01:02:31.000Z |
| msrc_cve-2022-49531 | loop: implement ->free_disk | 2025-02-02T00:00:00.000Z | 2025-09-03T23:52:36.000Z |
| msrc_cve-2022-49529 | drm/amdgpu/pm: fix the null pointer while the smu is disabled | 2025-02-02T00:00:00.000Z | 2025-09-03T21:46:35.000Z |
| msrc_cve-2022-49528 | media: i2c: dw9714: Disable the regulator when the driver fails to probe | 2025-02-02T00:00:00.000Z | 2025-10-22T01:02:25.000Z |
| msrc_cve-2022-49516 | ice: always check VF VSI pointer values | 2025-02-02T00:00:00.000Z | 2025-09-03T23:37:34.000Z |
| msrc_cve-2022-49504 | scsi: lpfc: Inhibit aborts if external loopback plug is inserted | 2025-02-02T00:00:00.000Z | 2025-10-22T01:02:20.000Z |
| msrc_cve-2022-49496 | media: mediatek: vcodec: prevent kernel crash when rmmod mtk-vcodec-dec.ko | 2025-02-02T00:00:00.000Z | 2025-09-04T00:07:01.000Z |
| msrc_cve-2022-49484 | mt76: mt7915: fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector | 2025-02-02T00:00:00.000Z | 2025-09-04T00:44:03.000Z |
| msrc_cve-2022-49476 | mt76: mt7921: fix kernel crash at mt7921_pci_remove | 2025-02-02T00:00:00.000Z | 2025-09-04T00:34:18.000Z |
| msrc_cve-2022-49471 | rtw89: cfo: check mac_id to avoid out-of-bounds | 2025-02-02T00:00:00.000Z | 2025-09-03T23:34:41.000Z |
| msrc_cve-2022-49469 | btrfs: fix anon_dev leak in create_subvol() | 2025-02-02T00:00:00.000Z | 2025-10-24T01:01:38.000Z |
| msrc_cve-2022-49465 | blk-throttle: Set BIO_THROTTLED when bio has been throttled | 2025-02-02T00:00:00.000Z | 2025-09-04T04:15:17.000Z |
| msrc_cve-2022-49420 | net: annotate races around sk->sk_bound_dev_if | 2025-02-02T00:00:00.000Z | 2025-10-22T01:02:14.000Z |
| msrc_cve-2022-49342 | net: ethernet: bgmac: Fix refcount leak in bcma_mdio_mii_register | 2025-02-02T00:00:00.000Z | 2025-09-03T23:11:30.000Z |
| msrc_cve-2022-49333 | net/mlx5: E-Switch, pair only capable devices | 2025-02-02T00:00:00.000Z | 2025-10-22T01:02:09.000Z |
| msrc_cve-2022-49317 | f2fs: avoid infinite loop to flush node pages | 2025-02-02T00:00:00.000Z | 2025-09-03T21:57:57.000Z |
| msrc_cve-2022-49306 | usb: dwc3: host: Stop setting the ACPI companion | 2025-02-02T00:00:00.000Z | 2025-10-22T01:02:03.000Z |
| msrc_cve-2022-49303 | drivers: staging: rtl8192eu: Fix deadlock in rtw_joinbss_event_prehandle | 2025-02-02T00:00:00.000Z | 2025-09-03T23:27:51.000Z |
| msrc_cve-2022-49296 | ceph: fix possible deadlock when holding Fwb to get inline_data | 2025-02-02T00:00:00.000Z | 2025-09-03T23:43:53.000Z |
| msrc_cve-2022-49267 | mmc: core: use sysfs_emit() instead of sprintf() | 2025-02-02T00:00:00.000Z | 2025-10-22T01:01:58.000Z |
| msrc_cve-2022-49234 | net: dsa: Avoid cross-chip syncing of VLAN filtering | 2025-02-02T00:00:00.000Z | 2025-09-24T01:01:24.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2014-007612 | Welcart vulnerable to SQL injection | 2015-07-24T14:52+09:00 | 2015-07-24T14:52+09:00 |
| jvndb-2015-000105 | Research Artisan Lite does not properly perform authentication | 2015-07-24T14:46+09:00 | 2015-07-28T17:22+09:00 |
| jvndb-2015-000104 | Research Artisan Lite vulnerable to cross-site scripting | 2015-07-24T14:36+09:00 | 2015-07-28T17:29+09:00 |
| jvndb-2015-000103 | Welcart vulnerable to cross-site scripting | 2015-07-24T14:33+09:00 | 2015-07-28T17:51+09:00 |
| jvndb-2015-000101 | PHP for Windows vulnerable to OS command injection | 2015-07-17T14:44+09:00 | 2016-05-19T17:43+09:00 |
| jvndb-2015-000099 | Thetis vulnerable to SQL injection | 2015-07-15T15:54+09:00 | 2015-07-27T15:07+09:00 |
| jvndb-2015-000098 | acmailer vulnerable to directory traversal | 2015-07-15T15:53+09:00 | 2015-07-27T15:12+09:00 |
| jvndb-2015-000095 | LINE@ vulnerable to script injection | 2015-07-10T14:50+09:00 | 2024-05-09T18:05+09:00 |
| jvndb-2015-000097 | Simple Oekaki BBS vulnerability where arbitrary files may be deleted | 2015-07-10T13:57+09:00 | 2015-07-14T18:11+09:00 |
| jvndb-2015-000096 | Simple Oekaki BBS vulnerable to cross-site scripting | 2015-07-10T13:57+09:00 | 2015-07-14T18:09+09:00 |
| jvndb-2015-000094 | Cacti vulnerable to cross-site scripting | 2015-07-09T14:41+09:00 | 2015-07-14T18:03+09:00 |
| jvndb-2014-002239 | Cacti vulnerable to cross-site request forgery | 2015-07-09T14:41+09:00 | 2015-07-09T14:41+09:00 |
| jvndb-2009-003901 | Cacti vulnerable to cross-site scripting | 2015-07-09T14:41+09:00 | 2015-07-09T14:41+09:00 |
| jvndb-2015-000093 | Explorer+ File Manager vulnerable to directory traversal | 2015-06-30T13:56+09:00 | 2015-07-02T15:04+09:00 |
| jvndb-2015-000092 | OpenEMR vulnerable to authentication bypass | 2015-06-30T13:55+09:00 | 2015-07-14T17:16+09:00 |
| jvndb-2015-000091 | osCommerce Japanese version vulnerable to directory traversal | 2015-06-25T15:53+09:00 | 2015-06-30T11:53+09:00 |
| jvndb-2015-000090 | namshi/jose fails to verify token signatures | 2015-06-25T15:00+09:00 | 2015-07-14T17:18+09:00 |
| jvndb-2015-000089 | Symfony vulnerable to code injection | 2015-06-23T12:29+09:00 | 2015-06-25T17:34+09:00 |
| jvndb-2015-000088 | Ruby on Rails library Paperclip vulnerable to cross-site scripting | 2015-06-18T14:14+09:00 | 2015-07-14T18:15+09:00 |
| jvndb-2015-000077 | MilkyStep fails to restrict access permissions | 2015-06-12T14:13+09:00 | 2015-06-16T16:52+09:00 |
| jvndb-2015-000087 | BloBee vulnerable to arbitrary file creation | 2015-06-12T14:12+09:00 | 2015-06-16T16:51+09:00 |
| jvndb-2015-000086 | LoadLibrary function in Microsoft Windows fails to validate input properly | 2015-06-12T14:11+09:00 | 2015-06-12T14:11+09:00 |
| jvndb-2015-000083 | MilkyStep fails to restrict access permissions | 2015-06-09T14:16+09:00 | 2015-06-16T16:51+09:00 |
| jvndb-2015-000082 | MilkyStep vulnerable to cross-site scripting | 2015-06-09T14:15+09:00 | 2015-06-16T16:52+09:00 |
| jvndb-2015-000081 | MilkyStep vulnerable to SQL injection | 2015-06-09T14:15+09:00 | 2015-06-16T16:52+09:00 |
| jvndb-2015-000080 | MilkyStep vulnerable to OS command injection | 2015-06-09T14:02+09:00 | 2015-06-16T16:52+09:00 |
| jvndb-2015-000079 | MilkyStep vulnerable to cross-site request forgery | 2015-06-09T13:45+09:00 | 2015-06-16T16:52+09:00 |
| jvndb-2015-000078 | MilkyStep fails to restrict access permissions | 2015-06-09T13:43+09:00 | 2015-06-16T16:52+09:00 |
| jvndb-2015-000085 | Multiple Buffalo wireless LAN routers vulnerable to OS command injection | 2015-06-05T14:16+09:00 | 2015-06-10T17:54+09:00 |
| jvndb-2015-000076 | NetFlow Analyzer vulnerable to cross-site request forgery | 2015-06-05T14:14+09:00 | 2015-06-10T16:14+09:00 |
| ID | Description | Updated |
|---|