Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-pfrv-63w8-q7rq | Byaidu PDFMathTranslate vulnerable to open redirect | 2025-10-30T15:32:36Z | 2025-10-30T17:12:40Z |
| ghsa-mw66-q494-6v6w | iib0011 omni-tools v0.4.0 is vulnerable to remote code execution via unsafe JSON deserialization. | 2025-10-30T15:32:36Z | 2025-11-04T18:31:35Z |
| ghsa-gh9q-3jr7-5c6p | A critical severity vulnerability has been identified in the ALPR Manager role of Security Center t… | 2025-10-30T15:32:36Z | 2025-10-30T15:32:36Z |
| ghsa-g482-3fq3-j5cm | Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements use… | 2025-10-30T15:32:36Z | 2025-10-30T15:32:36Z |
| ghsa-fg7q-2h54-3cr2 | Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements use… | 2025-10-30T15:32:36Z | 2025-10-30T15:32:36Z |
| ghsa-67rm-pq6h-93hc | Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements use… | 2025-10-30T15:32:36Z | 2025-10-30T15:32:36Z |
| ghsa-3r6h-87g3-r779 | Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements use… | 2025-10-30T15:32:36Z | 2025-10-30T15:32:36Z |
| ghsa-3f7x-5hc9-j6v5 | URVE Smart Office is vulnerable to Stored XSS in report problem functionality. An attacker with a l… | 2025-10-30T15:32:36Z | 2025-10-30T15:32:36Z |
| ghsa-2326-jr9x-m329 | A SQL injection vulnerability exists in CSZ-CMS <=1.3.0 in the Form Builder view functionality. The… | 2025-10-30T15:32:36Z | 2025-10-30T15:32:36Z |
| ghsa-v3c9-j6h9-66v4 | Apache Airflow has a command injection vulnerability in "example_dag_decorator" | 2025-10-30T12:31:11Z | 2025-11-05T20:55:04Z |
| ghsa-p9pj-xp4g-3h2q | A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote atta… | 2025-10-30T12:31:11Z | 2025-10-30T12:31:11Z |
| ghsa-m8fq-fxf8-wxx3 | Cross-Site Scripting (XSS) vulnerability in Checkmk's distributed monitoring allows a compromised r… | 2025-10-30T12:31:11Z | 2025-11-07T18:30:26Z |
| ghsa-h2fm-479p-v37r | A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability allow… | 2025-10-30T12:31:11Z | 2025-10-30T12:31:11Z |
| ghsa-gp5f-cx7h-8q6f | Apache Airflow's create action can upsert existing Pools/Connections/Variables | 2025-10-30T12:31:11Z | 2025-10-30T17:09:32Z |
| ghsa-9wgm-cmcc-8467 | In the Linux kernel, the following vulnerability has been resolved: vfs: Don't leak disconnected d… | 2025-10-30T12:31:11Z | 2025-10-30T12:31:11Z |
| ghsa-6v27-vrfr-9j74 | Quick.Cart is vulnerable to Cross-Site Request Forgery in product creation functionality. Malicious… | 2025-10-30T12:31:11Z | 2025-10-30T12:31:11Z |
| ghsa-273c-4g26-4jpm | Apache Airflow `/api/v2/dagReports` executes DAG Python in API | 2025-10-30T12:31:11Z | 2025-10-30T17:08:56Z |
| ghsa-xpm8-g6rj-74pw | In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix potential doubl… | 2025-10-30T12:31:10Z | 2025-10-30T12:31:10Z |
| ghsa-rg54-mxfq-r39j | In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix refcount leak… | 2025-10-30T12:31:10Z | 2025-10-30T12:31:11Z |
| ghsa-qqwh-7pmj-9xx8 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory leaks when r… | 2025-10-30T12:31:10Z | 2025-10-30T12:31:10Z |
| ghsa-gjqw-7pjf-8pfr | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l41: Fix NULL p… | 2025-10-30T12:31:10Z | 2025-10-30T12:31:10Z |
| ghsa-g2r9-36vv-r5vp | In the Linux kernel, the following vulnerability has been resolved: btrfs: do not assert we found … | 2025-10-30T12:31:10Z | 2025-10-30T12:31:10Z |
| ghsa-9cqx-9fcv-mjx8 | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix missing pointer… | 2025-10-30T12:31:10Z | 2025-10-30T12:31:10Z |
| ghsa-82mj-rf9f-84h3 | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to … | 2025-10-30T12:31:10Z | 2025-10-30T12:31:10Z |
| ghsa-6m5m-pcmh-qg5r | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_rndis: Refactor… | 2025-10-30T12:31:10Z | 2025-10-30T12:31:10Z |
| ghsa-58x9-22gw-84q7 | In the Linux kernel, the following vulnerability has been resolved: cifs: parse_dfs_referrals: pre… | 2025-10-30T12:31:10Z | 2025-10-30T12:31:10Z |
| ghsa-326q-28hh-wvjc | In the Linux kernel, the following vulnerability has been resolved: ixgbevf: fix mailbox API compa… | 2025-10-30T12:31:10Z | 2025-10-30T12:31:10Z |
| ghsa-qr6v-84mv-g36r | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_acm: Refactor b… | 2025-10-30T12:31:09Z | 2025-10-30T12:31:10Z |
| ghsa-m33j-r627-qphr | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix recursive locking i… | 2025-10-30T12:31:09Z | 2025-10-30T12:31:09Z |
| ghsa-gq9j-j338-8fvx | In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix too early devlink_f… | 2025-10-30T12:31:09Z | 2025-10-30T12:31:09Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-3355 | 7.5 (v3.1) | IBM Tivoli Monitoring is vulnerable to unauthenticated… |
IBM |
Tivoli Monitoring |
2025-10-30T19:21:42.496Z | 2025-10-30T19:51:08.264Z |
| cve-2025-36137 | 7.2 (v3.1) | IBM Sterling Connect:Direct for UNIX command execution |
IBM |
Sterling Connect:Direct for Unix |
2025-10-30T18:53:32.576Z | 2025-11-01T03:55:53.155Z |
| cve-2025-62265 | 4.8 (v4.0) | Cross-site scripting (XSS) vulnerability in the B… |
Liferay |
Portal |
2025-10-30T18:30:35.960Z | 2025-10-30T19:04:48.068Z |
| cve-2025-64118 | node-tar vulnerable to race condition leading to unini… |
isaacs |
node-tar |
2025-10-30T17:50:20.421Z | 2025-10-30T18:42:19.663Z | |
| cve-2025-64112 | Statmatic vulnerable to Stored Cross-Site Scripting |
statamic |
cms |
2025-10-30T17:47:01.280Z | 2025-10-30T17:58:06.993Z | |
| cve-2025-64115 | Movary unvalidated Referer header allows open redirect… |
leepeuker |
movary |
2025-10-30T17:39:19.330Z | 2025-10-30T19:06:23.834Z | |
| cve-2025-62266 | 5.1 (v4.0) | By default, Liferay Portal 7.4.0 through 7.4.3.11… |
Liferay |
Portal |
2025-10-30T17:37:21.375Z | 2025-10-30T19:06:43.671Z |
| cve-2025-64116 | Movary vulnerable to an open redirect |
leepeuker |
movary |
2025-10-30T17:32:41.434Z | 2025-10-31T16:50:03.914Z | |
| cve-2025-12060 | 8.9 (v4.0) | Keras keras.utils.get_file Utility Path Traversal Vuln… |
Keras |
Keras |
2025-10-30T17:10:43.868Z | 2025-11-01T03:55:52.355Z |
| cve-2025-64096 | CryptoLib vulnerable to Stack Buffer Overflow in Crypt… |
nasa |
CryptoLib |
2025-10-30T17:09:24.240Z | 2025-10-30T18:16:02.552Z | |
| cve-2025-62795 | JumpServer Unauthorized LDAP Configuration Access via … |
jumpserver |
jumpserver |
2025-10-30T16:56:09.321Z | 2025-10-31T18:37:42.071Z | |
| cve-2025-62726 | n8n Vulnerable to Remote Code Execution via Git Node P… |
n8n-io |
n8n |
2025-10-30T16:24:11.484Z | 2025-10-31T18:19:31.619Z | |
| cve-2025-62712 | JumpServer Connection Token Leak Vulnerability |
jumpserver |
jumpserver |
2025-10-30T16:08:32.669Z | 2025-10-31T17:42:40.815Z | |
| cve-2025-11998 | 6.8 (v4.0) | HP Card Readers (B Models) – Potential Information Dis… |
HP Inc. |
Card Readers B Model |
2025-10-30T16:00:33.564Z | 2025-10-30T21:55:21.406Z |
| cve-2025-12517 | 2.1 (v4.0) | Credits Page not Matching Versions in Use in the Firmware |
Azure Access Technology |
BLU-IC2 |
2025-10-30T15:47:04.209Z | 2025-10-30T16:24:57.181Z |
| cve-2025-12516 | 10 (v4.0) | Lack of Graceful Error Handling - HTTP 5xx Error |
Azure Access Technology |
BLU-IC2 |
2025-10-30T15:42:21.656Z | 2025-10-30T17:24:46.054Z |
| cve-2025-12515 | 10 (v4.0) | Systemic Internal Server Errors - HTTP 500 Response |
Azure Access Technology |
BLU-IC2 |
2025-10-30T15:38:45.150Z | 2025-10-30T17:27:30.155Z |
| cve-2025-36592 | 5.4 (v3.1) | Dell Secure Connect Gateway (SCG) Policy Manager,… |
Dell |
Secure Connect Gateway SCG Policy Manager |
2025-10-30T15:26:59.326Z | 2025-10-30T17:37:02.064Z |
| cve-2025-46363 | 4.3 (v3.1) | Dell Secure Connect Gateway (SCG) 5.0 Application… |
Dell |
Secure Connect Gateway SCG 5.0 Application and Appliance |
2025-10-30T15:22:43.106Z | 2025-10-30T16:00:58.601Z |
| cve-2025-5347 | 6.3 (v3.1) | Stored XSS |
Zohocorp |
ManageEngine Exchange Reporter Plus |
2025-10-30T14:31:51.240Z | 2025-10-30T14:46:50.399Z |
| cve-2025-5343 | 6.3 (v3.1) | Stored XSS |
Zohocorp |
ManageEngine Exchange Reporter Plus |
2025-10-30T14:28:20.681Z | 2025-10-30T14:46:41.725Z |
| cve-2025-43942 | 7.8 (v3.1) | Dell Unity, version(s) 5.5 and prior, contain(s) … |
Dell |
Unity |
2025-10-30T14:23:26.312Z | 2025-10-31T03:55:22.772Z |
| cve-2025-5342 | 4.3 (v3.1) | Denial of Service (DoS) |
Zohocorp |
ManageEngine Exchange Reporter Plus |
2025-10-30T14:20:53.989Z | 2025-10-30T14:46:13.685Z |
| cve-2025-46422 | 7.8 (v3.1) | Dell Unity, version(s) 5.5 and prior, contain(s) … |
Dell |
Unity |
2025-10-30T14:19:34.880Z | 2025-10-31T03:55:23.625Z |
| cve-2025-46423 | 7.8 (v3.1) | Dell Unity, version(s) 5.5 and prior, contain(s) … |
Dell |
Unity |
2025-10-30T14:14:47.745Z | 2025-10-31T03:55:24.553Z |
| cve-2025-43027 | 9.8 (v3.1) | A critical severity vulnerability has been identi… |
Genetec Inc. |
Genetec Security Center |
2025-10-30T14:12:27.918Z | 2025-10-31T03:55:30.389Z |
| cve-2025-43939 | 7.8 (v3.1) | Dell Unity, version(s) 5.4 and prior, contain(s) … |
Dell |
Unity |
2025-10-30T14:10:14.508Z | 2025-10-31T03:55:21.085Z |
| cve-2025-43940 | 7.8 (v3.1) | Dell Unity, version(s) 5.5 and Prior, contain(s) … |
Dell |
Unity |
2025-10-30T14:05:17.818Z | 2025-10-31T03:55:21.915Z |
| cve-2025-43941 | 7.2 (v3.1) | Dell Unity, version(s) 5.5 and Prior, contain(s) … |
Dell |
Unity |
2025-10-30T13:57:25.065Z | 2025-10-31T03:55:29.572Z |
| cve-2025-10348 | 5.1 (v4.0) | Stored Cross-Site Scripting in URVE Smart Office |
Eveo |
URVE Smart Office |
2025-10-30T13:00:43.106Z | 2025-10-30T14:26:38.615Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2020-36856 | 9.4 (v4.0) | Nagios XI < 5.6.14 Authenticated RCE command_test.php … |
Nagios |
XI |
2025-10-30T21:30:59.762Z | 2025-10-31T15:03:27.598Z |
| cve-2018-25123 | 8.5 (v4.0) | Nagios XI < 5.5.7 Privilege Escalation via MRTG Graphi… |
Nagios |
XI |
2025-10-30T21:40:26.892Z | 2025-10-31T13:24:53.962Z |
| cve-2018-25122 | 8.7 (v4.0) | Nagios XI < 5.4.13 Component Download Page RCE |
Nagios |
XI |
2025-10-30T21:37:48.530Z | 2025-10-31T13:25:25.406Z |
| cve-2018-25121 | 5.1 (v4.0) | Nagios XI < 5.4.13 XSS via Views Page |
Nagios |
XI |
2025-10-30T21:56:43.433Z | 2025-10-31T12:30:29.928Z |
| cve-2018-25119 | 5.1 (v4.0) | Nagios Fusion < 4.1.5 XSS via fusionwindow Parameter |
Nagios |
Fusion |
2025-10-30T21:21:46.769Z | 2025-10-31T15:23:03.483Z |
| cve-2017-20209 | 5.1 (v4.0) | Nagios Fusion < 4.0.1 XSS via Users/Servers Page |
Nagios |
Fusion |
2025-10-30T21:22:07.861Z | 2025-10-31T15:16:16.255Z |
| cve-2016-15053 | 5.1 (v4.0) | Nagios XI < 5.2.4 XSS via “My Reports” Listing |
Nagios |
XI |
2025-10-30T21:54:25.746Z | 2025-10-31T13:54:13.555Z |
| cve-2016-15052 | 5.1 (v4.0) | Nagios XI < 5.2.4 XSS via Menu System |
Nagios |
XI |
2025-10-30T21:54:04.092Z | 2025-10-31T13:54:19.252Z |
| cve-2016-15051 | 5.1 (v4.0) | Nagios XI < 5.2.4 XSS via Report startdate/enddate Fields |
Nagios |
XI |
2025-10-30T21:55:32.598Z | 2025-10-31T12:28:52.622Z |
| cve-2016-15050 | 8.7 (v4.0) | Nagios XI < 5.2.4 SQL Injection in Notification Search |
Nagios |
XI |
2025-10-30T21:44:49.116Z | 2025-10-31T13:23:37.003Z |
| cve-2016-15049 | 5.1 (v4.0) | Nagios Log Server < 1.4.2 Dashboards Logs Table XSS |
Nagios |
Log Server |
2025-10-30T21:23:13.241Z | 2025-10-31T15:13:55.413Z |
| cve-2013-10074 | 5.1 (v4.0) | Nagios XI < 2012R2.6 XSS via Tools Menu |
Nagios |
XI |
2025-10-30T21:56:22.290Z | 2025-10-31T12:29:54.947Z |
| cve-2013-10073 | 8.7 (v4.0) | Nagios XI < 2012R1.6 Auto-Discovery Shell Command Injection |
Nagios |
XI |
2025-10-30T21:32:22.811Z | 2025-10-31T15:02:39.752Z |
| cve-2013-10072 | 7.2 (v4.0) | Nagios XI < 2012R1.6 Auto-Discovery Missing Authorization |
Nagios |
XI |
2025-10-30T21:32:02.900Z | 2025-10-31T17:44:33.772Z |
| cve-2013-10071 | 5.1 (v4.0) | Nagios XI < 2012R1.6 Reflected XSS via Dashlet AJAX Lo… |
Nagios |
XI |
2025-10-30T21:43:34.559Z | 2025-10-31T13:23:53.753Z |
| cve-2012-10063 | 8.7 (v4.0) | Nagios XI < 2012R1.3 Authenticated SQL Injection in Le… |
Nagios |
XI |
2025-10-30T21:31:21.797Z | 2025-10-31T17:43:40.892Z |
| cve-2011-10040 | 5.1 (v4.0) | Nagios XI < 2011R1.9 XSS via Status/Report Page Link F… |
Nagios |
XI |
2025-10-30T21:55:55.168Z | 2025-10-31T12:29:32.349Z |
| cve-2011-10039 | 5.1 (v4.0) | Nagios XI < 2011R1.9 XSS via Alert Heatmap Report & “M… |
Nagios |
XI |
2025-10-30T21:48:44.152Z | 2025-10-31T13:55:30.243Z |
| cve-2011-10038 | 5.1 (v4.0) | Nagios XI < 2011R1.9 XSS via Recurring Downtime Script |
Nagios |
XI |
2025-10-30T21:55:10.682Z | 2025-10-31T12:28:12.837Z |
| cve-2011-10037 | 5.1 (v4.0) | Nagios XI < 2011R1.9 XSS via xiwindow Variables Affect… |
Nagios |
XI |
2025-10-30T21:57:27.150Z | 2025-11-06T16:23:47.767Z |
| cve-2011-10036 | 5.1 (v4.0) | Nagios XI < 2011R1.9 XSS via backend_url JavaScript Li… |
Nagios |
XI |
2025-10-30T21:49:05.959Z | 2025-10-31T13:55:24.570Z |
| cve-2011-10035 | 7.3 (v4.0) | Nagios XI < 2011R1.9 Race Conditions in Crontab Instal… |
Nagios |
XI |
2025-10-30T21:41:36.116Z | 2025-10-31T13:24:30.803Z |
| cve-2025-8850 | Insecure API Design in danny-avila/librechat |
danny-avila |
danny-avila/librechat |
2025-10-30T19:59:36.327Z | 2025-11-05T14:57:26.783Z | |
| cve-2025-63423 | N/A | Each Italy Wireless Mini Router WIRELESS-N 300M v… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:59:59.390Z |
| cve-2025-61498 | N/A | A buffer overflow in the UPnP service of Tenda AC… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T21:01:04.959Z |
| cve-2025-61141 | N/A | sqls-server/sqls 0.2.28 is vulnerable to command … |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T21:02:01.794Z |
| cve-2025-3356 | 8.6 (v3.1) | IBM Tivoli Monitoring is vulnerable to unauthenticated… |
IBM |
Tivoli Monitoring |
2025-10-30T19:22:37.371Z | 2025-10-30T19:41:12.149Z |
| cve-2025-3355 | 7.5 (v3.1) | IBM Tivoli Monitoring is vulnerable to unauthenticated… |
IBM |
Tivoli Monitoring |
2025-10-30T19:21:42.496Z | 2025-10-30T19:51:08.264Z |
| cve-2025-63422 | N/A | Incorrect access control in the Web management in… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:58:32.148Z |
| cve-2025-63298 | N/A | A path traversal vulnerability was identified in … |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:57:36.156Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-188581 | Malicious code in passport-selenium-terser-webpack-plugin-juno (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188580 | Malicious code in passport-scripts-blitz-antd (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188579 | Malicious code in passport-pino-library-schema (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188578 | Malicious code in passport-nightwatch-sedna-karma (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188577 | Malicious code in passport-magnetosphere-sociobiology-ichnology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188576 | Malicious code in passport-fornax-phenomic-helmet (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188575 | Malicious code in passport-deimos-isostasy-izar (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188574 | Malicious code in passport-coronalmassejection-vulcan-loop (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188573 | Malicious code in passport-auth0-levels-biomimicry (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188572 | Malicious code in parsec-wormhole-futurology-ablation (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188571 | Malicious code in parsec-pulsar-areology-airbnb (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188570 | Malicious code in parsec-oauth-jsonp-eslint-config (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188569 | Malicious code in parsec-kaus-optimize-css-assets-webpack-plugin-triton (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188568 | Malicious code in parsec-build-nconf-miranda (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188567 | Malicious code in parsec-barnard-indus-vuepress (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188566 | Malicious code in parse-rho-wind-compress-simple (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188565 | Malicious code in parse-key-lambda-new-socket (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188564 | Malicious code in parse-kappa-void-proxy-scale (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188563 | Malicious code in parse-array-slow-emulate-notify (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188562 | Malicious code in parse-abstract-beta-rain-benchmark (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188561 | Malicious code in parcel-planckscale-puppeteer-version (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188560 | Malicious code in parcel-panspermia-commitlint-config-angular-tectonophysics (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188559 | Malicious code in parcel-paleontology-configstore-sails (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188558 | Malicious code in parcel-non-blocking-bulma-chakra-ui (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188557 | Malicious code in parcel-google-webdriverio-sails (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188556 | Malicious code in parcel-farout-webdriver-manager-sails (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188555 | Malicious code in parallax-speleology-cosmicray-lint (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188554 | Malicious code in parallax-janus-deimos-warp (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188553 | Malicious code in parallax-chakra-ui-mantle-inquirer (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188552 | Malicious code in parallax-chakra-ui-cybernetics-unuk (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:7546 | Red Hat Security Advisory: nginx security update | 2025-05-14T02:04:28+00:00 | 2025-11-06T21:44:07+00:00 |
| rhsa-2025:7543 | Red Hat Security Advisory: firefox security update | 2025-05-14T01:56:03+00:00 | 2025-11-06T23:15:30+00:00 |
| rhsa-2025:7544 | Red Hat Security Advisory: firefox security update | 2025-05-14T01:55:48+00:00 | 2025-11-06T23:15:30+00:00 |
| rhsa-2025:7547 | Red Hat Security Advisory: firefox security update | 2025-05-14T01:53:28+00:00 | 2025-11-06T23:15:30+00:00 |
| rhsa-2025:7538 | Red Hat Security Advisory: redis:7 security update | 2025-05-14T01:46:10+00:00 | 2025-11-14T00:56:19+00:00 |
| rhsa-2025:7545 | Red Hat Security Advisory: firefox security update | 2025-05-14T01:43:42+00:00 | 2025-11-06T23:15:30+00:00 |
| rhsa-2025:7536 | Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-h11) security update | 2025-05-14T01:05:22+00:00 | 2025-11-14T00:56:19+00:00 |
| rhsa-2025:7535 | Red Hat Security Advisory: Red Hat OpenStack Platform 18.0 (python-h11) security update | 2025-05-14T01:05:08+00:00 | 2025-11-14T00:56:22+00:00 |
| rhsa-2025:7533 | Red Hat Security Advisory: kernel security update | 2025-05-14T00:51:52+00:00 | 2025-11-07T16:29:05+00:00 |
| rhsa-2025:7526 | Red Hat Security Advisory: kernel security update | 2025-05-14T00:44:09+00:00 | 2025-11-07T15:42:56+00:00 |
| rhsa-2025:7531 | Red Hat Security Advisory: kernel security update | 2025-05-14T00:40:17+00:00 | 2025-11-13T10:35:55+00:00 |
| rhsa-2025:7534 | Red Hat Security Advisory: kernel-rt security update | 2025-05-14T00:36:37+00:00 | 2025-11-07T16:29:07+00:00 |
| rhsa-2025:7532 | Red Hat Security Advisory: kernel-rt security update | 2025-05-14T00:28:12+00:00 | 2025-11-13T10:35:54+00:00 |
| rhsa-2025:7503 | Red Hat Security Advisory: osbuild-composer security update | 2025-05-13T17:31:03+00:00 | 2025-11-14T11:02:01+00:00 |
| rhsa-2025:7457 | Red Hat Security Advisory: exiv2 security update | 2025-05-13T17:19:56+00:00 | 2025-11-11T09:40:46+00:00 |
| rhsa-2025:7512 | Red Hat Security Advisory: expat security update | 2025-05-13T17:19:47+00:00 | 2025-11-07T18:40:26+00:00 |
| rhsa-2025:7459 | Red Hat Security Advisory: buildah security update | 2025-05-13T17:19:11+00:00 | 2025-11-14T04:51:32+00:00 |
| rhsa-2025:7467 | Red Hat Security Advisory: skopeo security update | 2025-05-13T17:18:51+00:00 | 2025-11-14T04:51:32+00:00 |
| rhsa-2025:7517 | Red Hat Security Advisory: sqlite security update | 2025-05-13T17:18:37+00:00 | 2025-11-06T23:15:30+00:00 |
| rhsa-2025:7509 | Red Hat Security Advisory: valkey security update | 2025-05-13T17:18:28+00:00 | 2025-11-14T00:56:18+00:00 |
| rhsa-2025:7479 | Red Hat Security Advisory: opentelemetry-collector security update | 2025-05-13T17:18:27+00:00 | 2025-11-14T11:02:00+00:00 |
| rhsa-2025:7489 | Red Hat Security Advisory: php security update | 2025-05-13T17:18:22+00:00 | 2025-11-06T23:24:27+00:00 |
| rhsa-2025:7478 | Red Hat Security Advisory: corosync security update | 2025-05-13T16:06:26+00:00 | 2025-11-06T23:15:28+00:00 |
| rhsa-2025:7493 | Red Hat Security Advisory: thunderbird security update | 2025-05-13T16:06:01+00:00 | 2025-11-06T23:15:28+00:00 |
| rhsa-2025:7507 | Red Hat Security Advisory: thunderbird security update | 2025-05-13T16:05:53+00:00 | 2025-11-06T23:15:32+00:00 |
| rhsa-2025:7462 | Red Hat Security Advisory: podman security update | 2025-05-13T16:04:06+00:00 | 2025-11-14T04:51:32+00:00 |
| rhsa-2025:7501 | Red Hat Security Advisory: kernel security update | 2025-05-13T16:04:02+00:00 | 2025-11-11T11:27:31+00:00 |
| rhsa-2025:7458 | Red Hat Security Advisory: xorg-x11-server-Xwayland security update | 2025-05-13T16:03:28+00:00 | 2025-11-06T23:35:06+00:00 |
| rhsa-2025:7490 | Red Hat Security Advisory: mod_auth_openidc security update | 2025-05-13T16:02:37+00:00 | 2025-11-11T09:51:05+00:00 |
| rhsa-2025:7497 | Red Hat Security Advisory: tomcat security update | 2025-05-13T16:02:30+00:00 | 2025-11-11T16:06:02+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-21669 | vsock/virtio: discard packets if the transport changes | 2025-01-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21667 | iomap: avoid avoid truncating 64-bit offset to 32 bits | 2025-01-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21666 | vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] | 2025-01-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21665 | filemap: avoid truncating 64-bit offset to 32 bits | 2025-01-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21658 | btrfs: avoid NULL pointer dereference if no valid extent tree | 2025-01-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21656 | hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur | 2025-01-02T00:00:00.000Z | 2025-09-28T01:02:13.000Z |
| msrc_cve-2025-21652 | ipvlan: Fix use-after-free in ipvlan_get_iflink(). | 2025-01-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21651 | net: hns3: don't auto enable misc vector | 2025-01-02T00:00:00.000Z | 2025-09-04T02:46:28.000Z |
| msrc_cve-2025-21650 | net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue | 2025-01-02T00:00:00.000Z | 2025-09-04T02:55:33.000Z |
| msrc_cve-2025-21645 | platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it | 2025-01-02T00:00:00.000Z | 2025-10-18T01:01:18.000Z |
| msrc_cve-2025-21642 | mptcp: sysctl: sched: avoid using current->nsproxy | 2025-01-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21640 | sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy | 2025-01-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21639 | sctp: sysctl: rto_min/max: avoid using current->nsproxy | 2025-01-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-21638 | sctp: sysctl: auth_enable: avoid using current->nsproxy | 2025-01-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21637 | sctp: sysctl: udp_port: avoid using current->nsproxy | 2025-01-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21636 | sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy | 2025-01-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21635 | rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy | 2025-01-02T00:00:00.000Z | 2025-09-04T06:59:21.000Z |
| msrc_cve-2025-21631 | block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() | 2025-01-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2025-21629 | net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets | 2025-01-02T00:00:00.000Z | 2025-10-18T01:01:13.000Z |
| msrc_cve-2025-21614 | go-git clients vulnerable to DoS via maliciously crafted Git server replies | 2025-01-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2025-21613 | go-git has an Argument Injection via the URL field | 2025-01-02T00:00:00.000Z | 2025-01-17T00:00:00.000Z |
| msrc_cve-2025-21521 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). | 2025-01-02T00:00:00.000Z | 2025-09-03T22:13:42.000Z |
| msrc_cve-2025-21490 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2025-01-02T00:00:00.000Z | 2025-06-23T00:00:00.000Z |
| msrc_cve-2025-0938 | URL parser allowed square brackets in domain names | 2025-01-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2025-0840 | GNU Binutils objdump.c disassemble_bytes stack-based overflow | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2025-0395 | When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size. | 2025-01-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2024-57946 | virtio-blk: don't keep queue frozen during system suspend | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-57945 | riscv: mm: Fix the out of bound issue of vmemmap address | 2025-01-02T00:00:00.000Z | 2025-09-28T01:02:08.000Z |
| msrc_cve-2024-57940 | exfat: fix the infinite loop in exfat_readdir() | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-57939 | riscv: Fix sleeping in invalid context in die() | 2025-01-02T00:00:00.000Z | 2025-05-05T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2015-000043 | Fumy Teacher's Schedule Board vulnerable to cross-site scripting | 2015-03-26T14:00+09:00 | 2015-04-07T17:25+09:00 |
| jvndb-2015-000042 | The Validator in TERASOLUNA Server Framework for Java(WEB) vulnerable to input validation bypass | 2015-03-24T14:10+09:00 | 2016-08-26T16:37+09:00 |
| jvndb-2015-000040 | LINE vulnerable to script injection | 2015-03-20T16:16+09:00 | 2024-05-09T18:15+09:00 |
| jvndb-2015-000041 | MP Form Mail CGI eCommerce edition vulnerable to code injection | 2015-03-20T12:30+09:00 | 2015-03-24T15:11+09:00 |
| jvndb-2015-000039 | eXtplorer vulnerable to cross-site scripting | 2015-03-17T13:41+09:00 | 2015-03-20T14:30+09:00 |
| jvndb-2015-000038 | All In One WP Security & Firewall vulnerable to cross-site request forgery | 2015-03-06T13:46+09:00 | 2015-03-11T17:42+09:00 |
| jvndb-2015-000037 | All In One WP Security & Firewall vulnerable to SQL injection | 2015-03-06T13:45+09:00 | 2015-03-11T17:55+09:00 |
| jvndb-2015-000036 | Maroyaka Relay Novel vulnerable to cross-site scripting | 2015-03-04T14:49+09:00 | 2015-03-06T15:30+09:00 |
| jvndb-2015-000035 | Maroyaka Image Album vulnerable to cross-site scripting | 2015-03-04T14:49+09:00 | 2015-03-06T15:21+09:00 |
| jvndb-2015-000034 | Maroyaka Simple Board vulnerable to cross-site scripting | 2015-03-04T14:48+09:00 | 2015-03-06T15:07+09:00 |
| jvndb-2015-000030 | Google Captcha (reCAPTCHA) by BestWebSoft vulnerable to CAPTCHA authentication bypass | 2015-03-03T13:39+09:00 | 2015-03-04T15:23+09:00 |
| jvndb-2015-000029 | BestWebSoft Captcha plugin vulnerable to CAPTCHA authentication bypass | 2015-03-03T13:38+09:00 | 2015-03-04T15:22+09:00 |
| jvndb-2015-001558 | Cross-site Scripting Vulnerability in Hitachi IT Operations Analyzer | 2015-02-27T15:57+09:00 | 2015-02-27T15:57+09:00 |
| jvndb-2015-001557 | Cross-site Scripting Vulnerability in JP1/IT Desktop Management - Manager and Hitachi IT Operations Director | 2015-02-27T15:56+09:00 | 2015-02-27T15:56+09:00 |
| jvndb-2015-001556 | Multiple Cross-site Scripting Vulnerabilities in Hitachi Compute Systems Manager | 2015-02-27T15:55+09:00 | 2015-02-27T15:55+09:00 |
| jvndb-2015-000031 | SEIL Series routers vulnerable to denial-of-service (DoS) | 2015-02-27T15:39+09:00 | 2015-03-05T15:42+09:00 |
| jvndb-2015-000033 | Vulnerability in the jBCrypt key stretching process | 2015-02-27T14:03+09:00 | 2015-03-03T15:58+09:00 |
| jvndb-2015-000028 | KENT-WEB Clip Board vulnerability where arbitary files may be deleted | 2015-02-27T14:02+09:00 | 2015-03-03T15:59+09:00 |
| jvndb-2015-000024 | Joyful Note vulnerability in handling files | 2015-02-27T13:57+09:00 | 2015-03-03T15:59+09:00 |
| jvndb-2015-000032 | checkpw vulnerable to denial-of-service (DoS) | 2015-02-27T12:30+09:00 | 2015-03-03T15:57+09:00 |
| jvndb-2015-000027 | Zen Cart Japanese version vulnerable to cross-site scripting | 2015-02-25T15:09+09:00 | 2015-03-02T14:19+09:00 |
| jvndb-2015-000026 | SYNCK GRAPHICA Mailform Pro CGI vulnerable to remote code execution | 2015-02-25T15:00+09:00 | 2015-03-02T14:23+09:00 |
| jvndb-2015-000023 | Speed Software Root Explorer and Explorer vulnerable to directory traversal | 2015-02-24T14:35+09:00 | 2015-02-26T17:18+09:00 |
| jvndb-2015-000022 | AL-Mail32 vulnerable to buffer overflow | 2015-02-20T14:55+09:00 | 2015-02-24T16:36+09:00 |
| jvndb-2015-000019 | Squid input validation vulnerability | 2015-02-20T14:55+09:00 | 2015-03-06T14:57+09:00 |
| jvndb-2015-000021 | AL-Mail32 vulnerable to denial-of-service (DoS) | 2015-02-20T14:54+09:00 | 2015-02-24T16:37+09:00 |
| jvndb-2015-000020 | AL-Mail32 vulnerable to directory traversal | 2015-02-20T14:37+09:00 | 2015-02-24T16:38+09:00 |
| jvndb-2015-000018 | C-BOARD Moyuku vulnerable to arbitrary file creation | 2015-02-17T14:21+09:00 | 2015-04-07T17:57+09:00 |
| jvndb-2015-000017 | Saurus CMS Community Edition vulnerable to cross-site scripting | 2015-02-17T14:20+09:00 | 2015-04-08T15:20+09:00 |
| jvndb-2015-001269 | Cross-site Scripting Vulnerability in Hitachi Application Server Help | 2015-02-16T11:21+09:00 | 2015-03-03T16:59+09:00 |
| ID | Description | Updated |
|---|