Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-mqcj-w4hv-fh6h | A stored cross-site scripting (XSS) vulnerability in AIxBlock commit 04f305 allows attackers to exe… | 2025-10-30T18:31:11Z | 2025-10-30T21:30:46Z |
| ghsa-h9f5-hrp4-5xx4 | A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the /publix/run endpoint of … | 2025-10-30T18:31:11Z | 2025-10-30T21:30:46Z |
| ghsa-h976-6mc8-5w2v | PerfreeBlog v4.0.11 is vulnerable to Server-Side Request Forgery due to a missing authorization che… | 2025-10-30T18:31:11Z | 2025-10-30T21:30:45Z |
| ghsa-f5vh-4rj2-w8r8 | Liferay Portal is vulnerable to DNS rebinding attacks | 2025-10-30T18:31:11Z | 2025-10-31T17:40:46Z |
| ghsa-cv6r-2w34-jh66 | 2nd Line Android App version v1.2.92 and before (package name com.mysecondline.app), developed by A… | 2025-10-30T18:31:11Z | 2025-10-30T21:30:46Z |
| ghsa-cr2f-9r84-8hf5 | AG Life Logger Android App version v1.0.2.72 and before (package name com.donki.healthy), developed… | 2025-10-30T18:31:11Z | 2025-10-30T21:30:46Z |
| ghsa-37qf-jwxf-87wg | Mobile Scanner Android App version 2.12.38 (package name com.glority.everlens), developed by Glorit… | 2025-10-30T18:31:11Z | 2025-10-30T21:30:46Z |
| ghsa-ww5x-wfrc-8h99 | mCarFix Motorists App version 2.3 (package name com.skytop.mcarfix), developed by Paniel Mwaura, co… | 2025-10-30T18:31:10Z | 2025-10-30T21:30:45Z |
| ghsa-28jp-44vh-q42h | Keras keras.utils.get_file API is vulnerable to a path traversal attack | 2025-10-30T18:31:10Z | 2025-10-31T17:39:47Z |
| ghsa-x7pr-477r-x4xv | ABC Fine Wine & Spirits Android App version v.11.27.5 and before (package name com.cta.abcfinewinea… | 2025-10-30T18:31:09Z | 2025-10-30T21:30:45Z |
| ghsa-qpc6-vqhv-h5vv | AdForest - Classified Android App version 4.0.12 (package name scriptsbundle.adforest), developed b… | 2025-10-30T18:31:09Z | 2025-10-30T21:30:45Z |
| ghsa-hxw6-3gmw-qjx9 | Dell Secure Connect Gateway (SCG) 5.0 Application and Appliance version(s) 5.26.00.00 - 5.30.00.00,… | 2025-10-30T18:31:09Z | 2025-10-30T18:31:09Z |
| ghsa-fhm9-w695-4vh7 | Senza: Keto & Fasting Android App version 2.10.15 (package name com.gl.senza), developed by Paul It… | 2025-10-30T18:31:09Z | 2025-10-30T21:30:45Z |
| ghsa-5rcc-qcxq-75f8 | TalkTalk 3.3.6 Android App contains improper access control vulnerabilities in multiple API endpoin… | 2025-10-30T18:31:09Z | 2025-10-30T21:30:45Z |
| ghsa-qv8q-v573-573h | The following HP Card Readers B Models (X3D03B & Y7C05B) are potentially vulnerable to information … | 2025-10-30T18:31:08Z | 2025-10-30T18:31:08Z |
| ghsa-g88q-58f2-qh8w | Systemic Internal Server Errors - HTTP 500 ResponseThis issue affects BLU-IC2: through 1.19.5; BLU-… | 2025-10-30T18:31:08Z | 2025-11-10T15:31:03Z |
| ghsa-5pqq-993m-xpc4 | Lack of Graceful Error Handling - HTTP 5xx ErrorThis issue affects BLU-IC2: through 1.19.5; BLU-IC4… | 2025-10-30T18:31:08Z | 2025-11-10T15:31:03Z |
| ghsa-49mp-2v92-m6vp | Dell Secure Connect Gateway (SCG) Policy Manager, version(s) 5.20. 5.22, 5.24, 5.26, 5.28, contain(… | 2025-10-30T18:31:08Z | 2025-10-30T18:31:08Z |
| ghsa-44vv-qwrx-c34r | Credits Page not Matching Versions in Use in the FirmwareThis issue affects BLU-IC2: through 1.19.5… | 2025-10-30T18:31:08Z | 2025-11-10T15:31:03Z |
| ghsa-g59r-24g3-h7cm | Statamic Vulnerable to Superadmin Account Takeover via Stored Cross-Site Scripting and Lack of Prop… | 2025-10-30T17:22:53Z | 2025-10-30T19:54:46Z |
| ghsa-29xp-372q-xqph | node-tar has a race condition leading to uninitialized memory exposure | 2025-10-30T17:13:17Z | 2025-10-30T19:53:34Z |
| ghsa-fj2x-735w-74vq | gnark-crypto allows unchecked memory allocation during vector deserialization | 2025-10-30T17:10:40Z | 2025-11-05T22:15:15Z |
| ghsa-cf57-c578-7jvv | Anubis vulnerable to possible XSS via redir parameter when using subrequest auth mode | 2025-10-30T17:08:12Z | 2025-11-05T22:14:39Z |
| ghsa-xgp7-7qjq-vg47 | n8n Vulnerable to Remote Code Execution via Git Node Pre-Commit Hook | 2025-10-30T17:04:26Z | 2025-10-30T19:54:37Z |
| ghsa-xq93-2hg3-rpjx | Zohocorp ManageEngine Exchange Reporter Plus through 5721 are vulnerable to ReDOS vulnerability in … | 2025-10-30T15:32:37Z | 2025-10-30T15:32:37Z |
| ghsa-wg3v-82fv-xf99 | Zohocorp ManageEngine Exchange Reporter Plus versions through 5721 are vulnerable to Stored Cross S… | 2025-10-30T15:32:37Z | 2025-10-30T15:32:37Z |
| ghsa-8952-vh6w-hw5f | Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements use… | 2025-10-30T15:32:37Z | 2025-10-30T15:32:37Z |
| ghsa-658x-88gh-x9f8 | Cross-site scripting (XSS) vulnerability in blog-details.php in Hiruna Gallage's Glamour Salon Mana… | 2025-10-30T15:32:37Z | 2025-11-04T18:31:35Z |
| ghsa-2cf6-j6g5-qmwq | Zohocorp ManageEngine Exchange Reporter Plus versions before 5723 are vulnerable to Stored Cross Si… | 2025-10-30T15:32:37Z | 2025-10-30T15:32:37Z |
| ghsa-rfhj-94q7-4qhc | Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements use… | 2025-10-30T15:32:36Z | 2025-10-30T15:32:37Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2024-13999 | 7.3 (v4.0) | Nagios XI < 2024R1.1.3 AD/LDAP Token Authenticated Inf… |
Nagios |
XI |
2025-10-30T21:28:50.777Z | 2025-10-31T15:08:00.594Z |
| cve-2023-7319 | 5.1 (v4.0) | Nagios Network Analyzer < 2024R1 XSS via Percentile Ca… |
Nagios |
Network Analyzer |
2025-10-30T21:28:29.373Z | 2025-11-07T18:06:38.605Z |
| cve-2025-34278 | 5.1 (v4.0) | Nagios Network Analyzer < 2024R1 Source Groups / Perce… |
Nagios |
Network Analyzer |
2025-10-30T21:28:11.933Z | 2025-10-31T15:10:10.830Z |
| cve-2025-34280 | 8.6 (v4.0) | Nagios Network Analyzer < 2024R2.0.1 RCE in LDAP Certi… |
Nagios |
Network Analyzer |
2025-10-30T21:27:41.203Z | 2025-10-31T15:10:43.481Z |
| cve-2023-7321 | 5.1 (v4.0) | Nagios Log Server < 2.1.14 XSS via Snapshots Page |
Nagios |
Log Server |
2025-10-30T21:27:23.232Z | 2025-10-31T17:43:00.514Z |
| cve-2023-7323 | 5.1 (v4.0) | Nagios Log Server < 2024R1 XSS via Create User Function |
Nagios |
Log Server |
2025-10-30T21:27:03.493Z | 2025-10-31T17:42:22.015Z |
| cve-2020-36858 | 5.1 (v4.0) | Nagios Log Server < 2.1.6 XSS via Create User, Edit Us… |
Nagios |
Log Server |
2025-10-30T21:26:38.984Z | 2025-10-31T17:41:43.894Z |
| cve-2024-58272 | N/A | {'providerMetadata': {'orgId': '83251b91-4cc7-4094-a5c7-464a1b83ea10', 'shortName': 'VulnCheck', 'dateUpdated': '2025-11-10T18:51:10.222Z'}, 'rejectedReasons': [{'lang': 'en', 'supportingMedia': [{'base64': False, 'type': 'text/html', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it is a duplicate of CVE-2023-7323.'}], 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it is a duplicate of\xa0CVE-2023-7323.'}], 'replacedBy': ['CVE-2023-7323'], 'x_generator': {'engine': 'Vulnogram 0.1.0-dev'}} | N/A | N/A | 2025-10-30T21:26:13.848Z | 2025-11-10T18:51:10.222Z |
| cve-2025-34298 | 8.7 (v4.0) | Nagios Log Server < 2024R1.3.2 Set Email Privilege Esc… |
Nagios |
Log Server |
2025-10-30T21:25:52.056Z | 2025-10-31T17:40:32.919Z |
| cve-2025-34277 | 9.4 (v4.0) | Nagios Log Server < 2024R1.3.1 RCE via Malformed Dashb… |
Nagios |
Log Server |
2025-10-30T21:25:32.852Z | 2025-10-31T17:39:38.415Z |
| cve-2025-34272 | 5.3 (v4.0) | Nagios Log Server < 2024R2.0.3 Non-Empty Default Dashb… |
Nagios |
Log Server |
2025-10-30T21:25:10.601Z | 2025-10-31T17:25:33.564Z |
| cve-2025-34273 | 7.1 (v4.0) | Nagios Log Server < 2024R2.0.3 Non-Admin Dashboard Deletion |
Nagios |
Log Server |
2025-10-30T21:24:43.451Z | 2025-10-31T17:24:00.208Z |
| cve-2024-58273 | 8.5 (v4.0) | Nagios Log Server < 2024R1.0.2 LPE from Apache/Backend… |
Nagios |
Log Server |
2025-10-30T21:24:15.621Z | 2025-10-31T17:23:05.220Z |
| cve-2025-34274 | 9.3 (v4.0) | Nagios Log Server < 2024R2.0.3 Logstash Process Root P… |
Nagios |
Log Server |
2025-10-30T21:23:54.741Z | 2025-10-31T17:22:23.727Z |
| cve-2023-7322 | 8.7 (v4.0) | Nagios Log Server < 2024R1 Incorrect Authorization Gra… |
Nagios |
Log Server |
2025-10-30T21:23:34.547Z | 2025-10-31T15:11:35.246Z |
| cve-2016-15049 | 5.1 (v4.0) | Nagios Log Server < 1.4.2 Dashboards Logs Table XSS |
Nagios |
Log Server |
2025-10-30T21:23:13.241Z | 2025-10-31T15:13:55.413Z |
| cve-2025-34271 | 8.7 (v4.0) | Nagios Log Server < 2024R2.0.2 Cluster Manager Credent… |
Nagios |
Log Server |
2025-10-30T21:22:51.043Z | 2025-10-31T15:14:30.335Z |
| cve-2025-34270 | 6.9 (v4.0) | Nagios Log Server < 2024R2.0.2 AD/LDAP Import Password… |
Nagios |
Log Server |
2025-10-30T21:22:28.949Z | 2025-10-31T15:15:43.748Z |
| cve-2017-20209 | 5.1 (v4.0) | Nagios Fusion < 4.0.1 XSS via Users/Servers Page |
Nagios |
Fusion |
2025-10-30T21:22:07.861Z | 2025-10-31T15:16:16.255Z |
| cve-2018-25119 | 5.1 (v4.0) | Nagios Fusion < 4.1.5 XSS via fusionwindow Parameter |
Nagios |
Fusion |
2025-10-30T21:21:46.769Z | 2025-10-31T15:23:03.483Z |
| cve-2023-53689 | 6 (v4.0) | Nagios Fusion < 4.2.0 License Information Reflected XSS |
Nagios |
Fusion |
2025-10-30T21:20:59.302Z | 2025-10-31T16:40:29.216Z |
| cve-2023-53690 | 6.2 (v4.0) | Nagios Fusion < 4.2.0 LDAP/AD Integration Stored XSS |
Nagios |
Fusion |
2025-10-30T21:20:37.543Z | 2025-11-03T19:13:27.132Z |
| cve-2023-7312 | 6.2 (v4.0) | Nagios Fusion < 4.2.0 Email Settings Stored XSS via SM… |
Nagios |
Fusion |
2025-10-30T21:19:51.723Z | 2025-11-03T18:37:04.782Z |
| cve-2025-34269 | N/A | {'providerMetadata': {'orgId': '83251b91-4cc7-4094-a5c7-464a1b83ea10', 'shortName': 'VulnCheck', 'dateUpdated': '2025-11-07T18:20:15.157Z'}, 'rejectedReasons': [{'lang': 'en', 'supportingMedia': [{'base64': False, 'type': 'text/html', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it is a duplicate of CVE-2025-60424.'}], 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it is a duplicate of CVE-2025-60424.'}], 'replacedBy': ['CVE-2025-60424'], 'x_generator': {'engine': 'Vulnogram 0.1.0-dev'}} | N/A | N/A | 2025-10-30T21:19:26.752Z | 2025-11-07T18:20:15.157Z |
| cve-2025-34249 | N/A | {'providerMetadata': {'orgId': '83251b91-4cc7-4094-a5c7-464a1b83ea10', 'shortName': 'VulnCheck', 'dateUpdated': '2025-11-07T18:19:39.010Z'}, 'rejectedReasons': [{'lang': 'en', 'supportingMedia': [{'base64': False, 'type': 'text/html', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it is a duplicate of CVE-2025-60425.'}], 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it is a duplicate of\xa0CVE-2025-60425.'}], 'replacedBy': ['CVE-2025-60425'], 'x_generator': {'engine': 'Vulnogram 0.1.0-dev'}} | N/A | N/A | 2025-10-30T21:19:05.690Z | 2025-11-07T18:19:39.010Z |
| cve-2023-7325 | 9.3 (v4.0) | Mingyu Operations and Maintenance Audit and Risk Contr… |
Anheng Information (Hangzhou DBAPP Security Information Technology Co., Ltd.) |
Mingyu Operations and Maintenance Audit and Risk Control System |
2025-10-30T21:17:54.830Z | 2025-10-31T17:18:04.911Z |
| cve-2021-4461 | 9.3 (v4.0) | Seeyon Zhiyuan OA Web Application System < 7.0 SP1 Aut… |
Seeyon |
Zhiyuan OA Web Application System |
2025-10-30T21:16:23.161Z | 2025-10-31T18:35:21.327Z |
| cve-2025-8850 | Insecure API Design in danny-avila/librechat |
danny-avila |
danny-avila/librechat |
2025-10-30T19:59:36.327Z | 2025-11-05T14:57:26.783Z | |
| cve-2025-3356 | 8.6 (v3.1) | IBM Tivoli Monitoring is vulnerable to unauthenticated… |
IBM |
Tivoli Monitoring |
2025-10-30T19:22:37.371Z | 2025-10-30T19:41:12.149Z |
| cve-2025-3355 | 7.5 (v3.1) | IBM Tivoli Monitoring is vulnerable to unauthenticated… |
IBM |
Tivoli Monitoring |
2025-10-30T19:21:42.496Z | 2025-10-30T19:51:08.264Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2022-50587 | 5.1 (v4.0) | Nagios XI < 5.8.9 Stored XSS via Command Names in Appl… |
Nagios |
XI |
2025-10-30T21:46:15.817Z | 2025-10-31T13:55:41.690Z |
| cve-2022-50586 | 5.1 (v4.0) | Nagios XI < 5.8.9 Stored XSS via BPI Info URL |
Nagios |
XI |
2025-10-30T21:45:53.493Z | 2025-10-31T13:55:47.451Z |
| cve-2022-50585 | 5.1 (v4.0) | Nagios XI < 5.8.9 Core Config Manager (CCM) XSS via Au… |
Nagios |
XI |
2025-10-30T21:34:05.777Z | 2025-10-31T14:48:16.097Z |
| cve-2022-50584 | 5.1 (v4.0) | Nagios XI < 5.8.8 Core Config Manager (CCM) XSS via Se… |
Nagios |
XI |
2025-10-30T21:36:08.674Z | 2025-10-31T14:20:17.635Z |
| cve-2021-4461 | 9.3 (v4.0) | Seeyon Zhiyuan OA Web Application System < 7.0 SP1 Aut… |
Seeyon |
Zhiyuan OA Web Application System |
2025-10-30T21:16:23.161Z | 2025-10-31T18:35:21.327Z |
| cve-2021-47700 | 8.5 (v4.0) | Nagios XI < 5.8.7 Insecure Permissions on Highcharts T… |
Nagios |
XI |
2025-10-30T21:39:02.693Z | 2025-10-31T13:25:10.658Z |
| cve-2021-47699 | 5.1 (v4.0) | Nagios XI < 5.8.7 XSS in Audit Log via Send to NLS Form |
Nagios |
XI |
2025-10-30T21:48:05.631Z | 2025-10-31T13:55:35.903Z |
| cve-2021-47697 | 5.1 (v4.0) | Nagios XI < 5.8.0 XSS via Views URL Handling |
Nagios |
XI |
2025-10-30T21:57:03.111Z | 2025-10-31T12:31:07.963Z |
| cve-2021-47696 | 5.1 (v4.0) | Nagios XI < 5.8.0 XSS via BPI Config ID Handling |
Nagios |
XI |
2025-10-30T21:49:49.447Z | 2025-10-31T13:55:12.351Z |
| cve-2021-47695 | 5.1 (v4.0) | Nagios XI < 5.8.0 XSS via My Tools Page |
Nagios |
XI |
2025-10-30T21:54:48.701Z | 2025-10-31T13:54:07.677Z |
| cve-2021-47694 | 5.1 (v4.0) | Nagios XI < 5.8.6 Core Config Manager (CCM) Reflected … |
Nagios |
XI |
2025-10-30T21:32:43.970Z | 2025-10-31T15:02:06.747Z |
| cve-2021-47693 | 8.7 (v4.0) | Nagios XI < 5.8.5 Core Config Manager (CCM) SQL Inject… |
Nagios |
XI |
2025-10-30T21:33:18.775Z | 2025-10-31T14:52:53.982Z |
| cve-2021-47692 | N/A | {'providerMetadata': {'orgId': '83251b91-4cc7-4094-a5c7-464a1b83ea10', 'shortName': 'VulnCheck', 'dateUpdated': '2025-10-31T13:48:07.570Z'}, 'rejectedReasons': [{'lang': 'en', 'supportingMedia': [{'base64': False, 'type': 'text/html', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. It has been identified as a duplicate of <span style="background-color: rgb(255, 255, 255);"><a target="_blank" rel="nofollow" href="https://www.cve.org/CVERecord?id=CVE-2021-33179">https://www.cve.org/CVERecord?id=CVE-2021-33179</a>.</span><br>'}], 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. It has been identified as a duplicate of\xa0 https://www.cve.org/CVERecord?id=CVE-2021-33179 .'}], 'x_generator': {'engine': 'Vulnogram 0.1.0-dev'}} | N/A | N/A | 2025-10-30T21:34:27.631Z | 2025-10-31T13:48:07.570Z |
| cve-2021-47691 | 5.1 (v4.0) | Nagios XI < 5.8.2 Core Config Manager (CCM) XSS via Se… |
Nagios |
XI |
2025-10-30T21:36:28.131Z | 2025-10-31T14:19:56.267Z |
| cve-2021-47690 | 5.1 (v4.0) | Nagios XI < 5.8.2 Core Config Manager (CCM) XSS via Ov… |
Nagios |
XI |
2025-10-30T21:35:22.207Z | 2025-10-31T14:21:05.278Z |
| cve-2021-47689 | 5.1 (v4.0) | Nagios XI < 5.8.0 Core Config Manager (CCM) XSS via Te… |
Nagios |
XI |
2025-10-30T21:36:50.105Z | 2025-10-31T13:56:18.435Z |
| cve-2020-36869 | 8.7 (v4.0) | Nagios XI < 5.7.5 SQL injection via SNMP Trap Interfac… |
Nagios |
XI |
2025-10-30T21:45:10.468Z | 2025-10-31T13:23:30.086Z |
| cve-2020-36868 | 8.5 (v4.0) | Nagios XI < 5.7.3 Privilege escalation via Insecure ge… |
Nagios |
XI |
2025-10-30T21:40:03.387Z | 2025-10-31T13:24:59.886Z |
| cve-2020-36867 | 8.7 (v4.0) | Nagios XI < 5.7.3 Command Injection in Report PDF Download |
Nagios |
XI |
2025-10-30T21:37:09.717Z | 2025-10-31T13:25:40.026Z |
| cve-2020-36866 | 5.1 (v4.0) | Nagios XI < 5.7.3 XSS via Manage Users in Admin Interface |
Nagios |
XI |
2025-10-30T21:53:41.720Z | 2025-11-06T19:15:53.720Z |
| cve-2020-36865 | 5.1 (v4.0) | Nagios XI < 5.7.2 XSS via BPI Config Management |
Nagios |
XI |
2025-10-30T21:50:14.113Z | 2025-10-31T14:13:33.104Z |
| cve-2020-36864 | 5.1 (v4.0) | Nagios XI < 5.7.2 XSS via Dashboard Background Color Setting |
Nagios |
XI |
2025-10-30T21:51:46.256Z | 2025-10-31T13:54:47.922Z |
| cve-2020-36863 | 8.7 (v4.0) | Nagios XI < 5.7.2 Unrestricted File Upload via Audio I… |
Nagios |
XI |
2025-10-30T21:46:58.792Z | 2025-10-31T13:23:15.327Z |
| cve-2020-36862 | 6.9 (v4.0) | Nagios XI < 5.6.11 Unauthenticated XSS and SSRF via Hi… |
Nagios |
XI |
2025-10-30T21:46:37.314Z | 2025-10-31T13:23:22.228Z |
| cve-2020-36861 | 5.1 (v4.0) | Nagios XI < 5.7.5 Core Config Manager (CCM) XSS via Ov… |
Nagios |
XI |
2025-10-30T21:35:47.361Z | 2025-10-31T14:20:45.395Z |
| cve-2020-36860 | 5.1 (v4.0) | Nagios XI < 5.7.4 Core Config Manager (CCM) XSS via Ob… |
Nagios |
XI |
2025-10-30T21:34:57.698Z | 2025-10-31T14:47:15.676Z |
| cve-2020-36859 | 8.7 (v4.0) | Nagios XI < 5.7.4 Core Config Manager (CCM) SQL Inject… |
Nagios |
XI |
2025-10-30T21:33:40.529Z | 2025-10-31T14:51:05.332Z |
| cve-2020-36858 | 5.1 (v4.0) | Nagios Log Server < 2.1.6 XSS via Create User, Edit Us… |
Nagios |
Log Server |
2025-10-30T21:26:38.984Z | 2025-10-31T17:41:43.894Z |
| cve-2020-36857 | 8.6 (v4.0) | Nagios XI < 5.6.14 Authenticated SQL Injection via SNM… |
Nagios |
XI |
2025-10-30T21:31:41.981Z | 2025-10-31T17:44:09.989Z |
| cve-2020-36856 | 9.4 (v4.0) | Nagios XI < 5.6.14 Authenticated RCE command_test.php … |
Nagios |
XI |
2025-10-30T21:30:59.762Z | 2025-10-31T15:03:27.598Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-188611 | Malicious code in permission-emulate-cloud-beta-stub (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188610 | Malicious code in permission-big-omega-alert-phi (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188609 | Malicious code in pegasus-xo-charon-karma (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188608 | Malicious code in pegasus-toml-neptune-nightwatch (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188607 | Malicious code in pegasus-shelljs-public-seismology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188606 | Malicious code in pegasus-scripts-antd-antares (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188605 | Malicious code in pegasus-resolvers-leda-mechatronics (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188604 | Malicious code in pegasus-radiant-sedna-juno (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188603 | Malicious code in pegasus-quasar-oscillation-titan (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188602 | Malicious code in pegasus-pulsar-plutology-astrochemistry (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188601 | Malicious code in pegasus-parcel-gravity-cassini (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188600 | Malicious code in pegasus-nightwatch-nconf-selenium (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188599 | Malicious code in pegasus-nightwatch-andromeda-prettier-stylelint (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188598 | Malicious code in pegasus-mui-dactyl-terser (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188597 | Malicious code in pegasus-mdx-pino-izar (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188596 | Malicious code in pegasus-kinetic-betelgeuse-selenium (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188595 | Malicious code in pegasus-hermes-greatfilter-procyon (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188594 | Malicious code in pegasus-filament-meteor-impulse (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188593 | Malicious code in pegasus-deneb-iota-mira (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188592 | Malicious code in pegasus-cache-passport-vortex (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188591 | Malicious code in pavo-xenon-markdownlint-enceladus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188590 | Malicious code in pavo-paleoecology-pavo-kaus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188589 | Malicious code in pavo-helmet-titan-kinetic (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188588 | Malicious code in pavo-hapi-hyperion-rollup-plugin (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188587 | Malicious code in pavo-colors-taurus-eslint-plugin (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188586 | Malicious code in pavo-auth-sedna-polaris (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188585 | Malicious code in pavo-auriga-jest-apollo (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188584 | Malicious code in passport-wasat-javascript-link (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188583 | Malicious code in passport-sirius-solis-quantum-computing (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188582 | Malicious code in passport-semantic-ui-miranda-dotenv-safe (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:4730 | Red Hat Security Advisory: OpenShift Container Platform 4.16.40 security and extras update | 2025-05-15T00:27:35+00:00 | 2025-11-13T17:26:59+00:00 |
| rhsa-2025:7449 | Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.9.14 | 2025-05-14T19:18:43+00:00 | 2025-11-11T16:07:17+00:00 |
| rhsa-2025:7626 | Red Hat Security Advisory: Red Hat Developer Hub 1.6.0 release. | 2025-05-14T17:51:56+00:00 | 2025-11-11T16:11:03+00:00 |
| rhsa-2025:7625 | Red Hat Security Advisory: Red Hat AMQ Broker 7.13.0 release and security update | 2025-05-14T17:51:15+00:00 | 2025-11-11T16:21:38+00:00 |
| rhsa-2025:7619 | Red Hat Security Advisory: nginx security update | 2025-05-14T16:21:20+00:00 | 2025-11-06T21:44:11+00:00 |
| rhsa-2025:7620 | Red Hat Security Advisory: JBoss EAP XP 5.0 Update 2.0 release. See references for release notes. | 2025-05-14T16:05:43+00:00 | 2025-11-11T16:21:35+00:00 |
| rhsa-2025:7451 | Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.8.20 | 2025-05-14T15:49:22+00:00 | 2025-11-11T16:07:17+00:00 |
| rhsa-2025:7600 | Red Hat Security Advisory: .NET 9.0 security update | 2025-05-14T14:53:04+00:00 | 2025-11-11T10:13:14+00:00 |
| rhsa-2025:7616 | Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.18.3 Bug Fix Update | 2025-05-14T14:49:22+00:00 | 2025-11-14T04:51:34+00:00 |
| rhsa-2025:7603 | Red Hat Security Advisory: .NET 8.0 security update | 2025-05-14T14:43:30+00:00 | 2025-11-11T10:13:16+00:00 |
| rhsa-2025:7598 | Red Hat Security Advisory: .NET 8.0 security update | 2025-05-14T14:21:54+00:00 | 2025-11-11T10:13:13+00:00 |
| rhsa-2025:7605 | Red Hat Security Advisory: Satellite 6.16.5.1 Async Update | 2025-05-14T14:14:20+00:00 | 2025-11-06T23:42:50+00:00 |
| rhsa-2025:7604 | Red Hat Security Advisory: Satellite 6.17.0.1 Async Update | 2025-05-14T14:14:09+00:00 | 2025-11-06T23:42:50+00:00 |
| rhsa-2025:7601 | Red Hat Security Advisory: .NET 9.0 security update | 2025-05-14T14:05:39+00:00 | 2025-11-11T10:13:16+00:00 |
| rhsa-2025:7599 | Red Hat Security Advisory: .NET 8.0 security update | 2025-05-14T14:03:34+00:00 | 2025-11-11T10:13:14+00:00 |
| rhsa-2025:7593 | Red Hat Security Advisory: ghostscript security update | 2025-05-14T12:40:40+00:00 | 2025-11-06T23:15:34+00:00 |
| rhsa-2025:7592 | Red Hat Security Advisory: yggdrasil security update | 2025-05-14T11:52:59+00:00 | 2025-11-13T16:46:31+00:00 |
| rhsa-2025:7586 | Red Hat Security Advisory: ghostscript security update | 2025-05-14T11:48:59+00:00 | 2025-11-06T23:15:30+00:00 |
| rhsa-2025:7589 | Red Hat Security Advisory: .NET 8.0 security update | 2025-05-14T11:46:05+00:00 | 2025-11-11T10:13:13+00:00 |
| rhsa-2025:7571 | Red Hat Security Advisory: .NET 9.0 security update | 2025-05-14T09:19:00+00:00 | 2025-11-11T10:13:13+00:00 |
| rhsa-2025:7569 | Red Hat Security Advisory: yelp and yelp-xsl security update | 2025-05-14T08:05:20+00:00 | 2025-11-11T12:11:42+00:00 |
| rhsa-2025:7549 | Red Hat Security Advisory: nginx:1.22 security update | 2025-05-14T02:29:36+00:00 | 2025-11-06T23:24:29+00:00 |
| rhsa-2025:7539 | Red Hat Security Advisory: ruby:2.5 security update | 2025-05-14T02:21:28+00:00 | 2025-11-06T22:23:27+00:00 |
| rhsa-2025:7548 | Red Hat Security Advisory: nginx:1.22 security update | 2025-05-14T02:18:48+00:00 | 2025-11-06T23:24:28+00:00 |
| rhsa-2025:4712 | Red Hat Security Advisory: OpenShift Container Platform 4.18.13 bug fix and security update | 2025-05-14T02:10:27+00:00 | 2025-11-14T04:51:27+00:00 |
| rhsa-2025:7542 | Red Hat Security Advisory: nginx:1.24 security update | 2025-05-14T02:06:53+00:00 | 2025-11-06T23:24:27+00:00 |
| rhsa-2025:7546 | Red Hat Security Advisory: nginx security update | 2025-05-14T02:04:28+00:00 | 2025-11-06T21:44:07+00:00 |
| rhsa-2025:7543 | Red Hat Security Advisory: firefox security update | 2025-05-14T01:56:03+00:00 | 2025-11-06T23:15:30+00:00 |
| rhsa-2025:7544 | Red Hat Security Advisory: firefox security update | 2025-05-14T01:55:48+00:00 | 2025-11-06T23:15:30+00:00 |
| rhsa-2025:7547 | Red Hat Security Advisory: firefox security update | 2025-05-14T01:53:28+00:00 | 2025-11-06T23:15:30+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2022-49218 | drm/dp: Fix OOB read when handling Post Cursor2 register | 2025-02-02T00:00:00.000Z | 2025-09-04T01:25:00.000Z |
| msrc_cve-2022-49178 | memstick/mspro_block: fix handling of read-only devices | 2025-02-02T00:00:00.000Z | 2025-09-25T01:01:40.000Z |
| msrc_cve-2022-49177 | hwrng: cavium - fix NULL but dereferenced coccicheck error | 2025-02-02T00:00:00.000Z | 2025-09-03T23:45:45.000Z |
| msrc_cve-2022-49173 | spi: fsi: Implement a timeout for polling status | 2025-02-02T00:00:00.000Z | 2025-10-24T01:01:33.000Z |
| msrc_cve-2022-49172 | parisc: Fix non-access data TLB cache flush faults | 2025-02-02T00:00:00.000Z | 2025-09-25T01:01:35.000Z |
| msrc_cve-2022-49161 | ASoC: mediatek: Fix error handling in mt8183_da7219_max98357_dev_probe | 2025-02-02T00:00:00.000Z | 2025-09-25T01:01:29.000Z |
| msrc_cve-2022-49138 | Bluetooth: hci_event: Ignore multiple conn complete events | 2025-02-02T00:00:00.000Z | 2025-09-25T01:01:24.000Z |
| msrc_cve-2022-49134 | mlxsw: spectrum: Guard against invalid local ports | 2025-02-02T00:00:00.000Z | 2025-09-03T22:14:37.000Z |
| msrc_cve-2022-49133 | drm/amdkfd: svm range restore work deadlock when process exit | 2025-02-02T00:00:00.000Z | 2025-10-17T01:01:22.000Z |
| msrc_cve-2022-49125 | drm/sprd: fix potential NULL dereference | 2025-02-02T00:00:00.000Z | 2025-09-03T22:55:52.000Z |
| msrc_cve-2022-49124 | x86/mce: Work around an erratum on fast string copy instructions | 2025-02-02T00:00:00.000Z | 2025-10-17T01:01:16.000Z |
| msrc_cve-2022-49123 | ath11k: Fix frames flush failure caused by deadlock | 2025-02-02T00:00:00.000Z | 2025-09-03T22:16:58.000Z |
| msrc_cve-2022-49108 | clk: mediatek: Fix memory leaks on probe | 2025-02-02T00:00:00.000Z | 2025-09-03T22:53:13.000Z |
| msrc_cve-2022-49069 | drm/amd/display: Fix by adding FPU protection for dcn30_internal_validate_bw | 2025-02-02T00:00:00.000Z | 2025-10-16T01:01:15.000Z |
| msrc_cve-2022-49063 | ice: arfs: fix use-after-free when freeing @rx_cpu_rmap | 2025-02-02T00:00:00.000Z | 2025-09-04T04:20:29.000Z |
| msrc_cve-2021-47658 | drm/amd/pm: fix a potential gpu_metrics_table memory leak | 2025-02-02T00:00:00.000Z | 2025-09-25T01:01:19.000Z |
| msrc_cve-2025-24014 | segmentation fault in win_line() in Vim < 9.1.1043 | 2025-01-02T00:00:00.000Z | 2025-08-14T00:00:00.000Z |
| msrc_cve-2025-23090 | Rejected reason: This CVE record has been withdrawn due to a duplicate entry CVE-2025-23083. | 2025-01-02T00:00:00.000Z | 2025-09-03T22:50:35.000Z |
| msrc_cve-2025-23016 | FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c. | 2025-01-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-22150 | Undici Uses Insufficiently Random Values | 2025-01-02T00:00:00.000Z | 2025-02-20T00:00:00.000Z |
| msrc_cve-2025-22134 | heap-buffer-overflow with visual mode in Vim < 9.1.1003 | 2025-01-02T00:00:00.000Z | 2025-08-14T00:00:00.000Z |
| msrc_cve-2025-21683 | bpf: Fix bpf_sk_select_reuseport() memory leak | 2025-01-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21682 | eth: bnxt: always recalculate features after XDP clearing, fix null-deref | 2025-01-02T00:00:00.000Z | 2025-09-03T21:21:53.000Z |
| msrc_cve-2025-21681 | openvswitch: fix lockup on tx to unregistering netdev with carrier | 2025-01-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21680 | pktgen: Avoid out-of-bounds access in get_imix_entries | 2025-01-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21676 | net: fec: handle page_pool_dev_alloc_pages error | 2025-01-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21675 | net/mlx5: Clear port select structure when fail to create | 2025-01-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21674 | net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel | 2025-01-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21673 | smb: client: fix double free of TCP_Server_Info::hostname | 2025-01-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21670 | vsock/bpf: return early if transport is not assigned | 2025-01-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2015-000075 | NetFlow Analyzer fails to restrict access permissions | 2015-06-05T14:02+09:00 | 2015-06-10T16:10+09:00 |
| jvndb-2015-000074 | NetFlow Analyzer vulnerable to cross-site scripting | 2015-06-05T13:59+09:00 | 2015-06-10T16:06+09:00 |
| jvndb-2015-000073 | F21 JWT fails to verify token signatures | 2015-06-03T15:01+09:00 | 2015-06-08T12:04+09:00 |
| jvndb-2015-000072 | "Open Explorer Beta" App for Android vulnerable to directory traversal | 2015-06-03T14:59+09:00 | 2015-06-08T12:25+09:00 |
| jvndb-2015-000071 | ZenPhoto20 vulnerable to cross-site scripting | 2015-05-28T13:42+09:00 | 2015-06-03T18:06+09:00 |
| jvndb-2015-000070 | Zenphoto vulnerable to cross-site scripting | 2015-05-28T13:42+09:00 | 2015-06-03T18:06+09:00 |
| jvndb-2015-000069 | Apache Sling API and Servlets Post components vulnerable to cross-site scripting | 2015-05-27T14:43+09:00 | 2015-06-04T15:39+09:00 |
| jvndb-2015-000068 | SXF Common Library vulnerable to buffer overflow | 2015-05-22T14:15+09:00 | 2015-05-28T18:14+09:00 |
| jvndb-2015-002706 | Information Disclosure Vulnerability in JP1/Integrated Management - Universal CMDB | 2015-05-21T16:37+09:00 | 2015-05-21T16:37+09:00 |
| jvndb-2015-002705 | Problem with directory permissions in JP1/Automatic Operation | 2015-05-21T16:36+09:00 | 2015-05-21T16:36+09:00 |
| jvndb-2015-000067 | mt-phpincgi vulnerable to PHP object injection | 2015-05-20T14:34+09:00 | 2015-05-28T18:05+09:00 |
| jvndb-2015-000066 | BGA32.DLL and QBga32.DLL contain multiple vulnerabilities | 2015-05-19T13:40+09:00 | 2015-05-22T14:26+09:00 |
| jvndb-2015-000065 | "Honda Moto LINC" App for Android fails to verify SSL server certificates | 2015-05-15T12:23+09:00 | 2018-02-28T14:36+09:00 |
| jvndb-2015-000064 | Cacti vulnerable to SQL injection | 2015-05-14T13:39+09:00 | 2015-05-25T15:29+09:00 |
| jvndb-2015-000063 | MailDealer vulnerable to cross-site scripting | 2015-05-12T14:07+09:00 | 2015-05-12T14:07+09:00 |
| jvndb-2015-000062 | EasyCTF vulnerable to session management | 2015-05-01T14:00+09:00 | 2015-05-07T16:03+09:00 |
| jvndb-2015-000061 | EasyCTF vulnerable to cross-site scripting | 2015-05-01T13:49+09:00 | 2015-05-07T16:02+09:00 |
| jvndb-2015-000060 | EasyCTF vulnerable to arbitrary file creation | 2015-05-01T13:37+09:00 | 2015-05-07T16:00+09:00 |
| jvndb-2015-000055 | TransmitMail vulnerable to directory traversal | 2015-04-23T14:12+09:00 | 2015-04-27T16:12+09:00 |
| jvndb-2015-000054 | TransmitMail vulnerable to cross-site scripting | 2015-04-23T13:47+09:00 | 2015-04-27T16:13+09:00 |
| jvndb-2015-001959 | JBoss RichFaces vulnerable to remote Java code execution | 2015-04-14T13:24+09:00 | 2015-04-14T13:24+09:00 |
| jvndb-2015-000052 | Seasar S2Struts vulnerable to input validation bypass | 2015-04-10T14:38+09:00 | 2016-08-26T16:39+09:00 |
| jvndb-2015-000051 | Lhaplus vulnerable to remote code execution | 2015-04-09T13:59+09:00 | 2015-04-16T18:00+09:00 |
| jvndb-2015-000050 | Lhaplus vulnerable to directory traversal | 2015-04-09T13:57+09:00 | 2015-04-16T18:00+09:00 |
| jvndb-2015-000047 | bBlog vulnerable to cross-site request forgery | 2015-04-07T12:12+09:00 | 2015-04-09T14:05+09:00 |
| jvndb-2015-000049 | "Restaurant Karaoke SHIDAX" App for Android fails to verify SSL server certificates | 2015-04-03T13:36+09:00 | 2018-01-24T14:03+09:00 |
| jvndb-2015-000048 | Maruo Editor vulnerable to buffer overflow | 2015-04-02T12:30+09:00 | 2015-04-07T17:28+09:00 |
| jvndb-2015-000046 | All in One SEO Pack information management vulnerability | 2015-03-31T13:48+09:00 | 2015-04-07T17:27+09:00 |
| jvndb-2015-000045 | Android OS may behave as an open resolver | 2015-03-27T14:12+09:00 | 2015-03-27T14:12+09:00 |
| jvndb-2015-000044 | WordPress theme flashy vulnerable to cross-site scripting | 2015-03-26T14:04+09:00 | 2015-04-07T17:25+09:00 |
| ID | Description | Updated |
|---|