Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-qxr9-f877-9842 | Drupal CivicTheme Design System allows Forceful Browsing | 2025-10-30T00:31:03Z | 2025-10-30T17:06:06Z |
| ghsa-qh38-484v-w52x | The ParseAddress function constructeds domain-literal address components through repeated string co… | 2025-10-30T00:31:03Z | 2025-11-05T00:31:32Z |
| ghsa-pr6m-qwrr-mrw9 | Drupal Plausible tracking is vulnerable to XSS | 2025-10-30T00:31:03Z | 2025-10-30T17:10:58Z |
| ghsa-m3f2-xjgc-2wp2 | Drupal JSON Field is vulnerable to XSS | 2025-10-30T00:31:03Z | 2025-10-30T17:11:06Z |
| ghsa-jxp8-4jw5-5xjc | Drupal Umami Analytics allows Cross-Site Scripting (XSS) | 2025-10-30T00:31:03Z | 2025-10-30T17:05:32Z |
| ghsa-hjx7-fpxx-mj48 | The processing time for parsing some invalid inputs scales non-linearly with respect to the size of… | 2025-10-30T00:31:03Z | 2025-11-05T00:31:31Z |
| ghsa-frhw-mqj2-wxw2 | Due to the design of the name constraint checking algorithm, the processing time of some inputs sca… | 2025-10-30T00:31:03Z | 2025-11-05T00:31:31Z |
| ghsa-fg8x-q69g-4qp3 | Drupal Reverse Proxy Header allows Manipulating User-Controlled Variables | 2025-10-30T00:31:03Z | 2025-10-30T17:05:15Z |
| ghsa-cxq7-xw9v-rcv3 | When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled informatio… | 2025-10-30T00:31:03Z | 2025-11-05T00:31:31Z |
| ghsa-7wwx-xj66-r44x | Validating certificate chains which contain DSA public keys can cause programs to panic, due to a i… | 2025-10-30T00:31:03Z | 2025-11-05T00:31:31Z |
| ghsa-27mc-9399-r9mx | Drupal Access code allows Brute Force Attempts | 2025-10-30T00:31:03Z | 2025-10-30T17:05:06Z |
| ghsa-27fv-rpgj-4c6m | Drupal Currency allows Cross Site Request Forgery | 2025-10-30T00:31:03Z | 2025-10-30T17:05:23Z |
| ghsa-xhhh-442h-j6wm | Cryptographic validation of upgrade images could be circumventing by dropping a specifically crafte… | 2025-10-30T00:31:02Z | 2025-10-30T00:31:02Z |
| ghsa-xcg5-r6rf-c8w7 | Prior to September 19, 2025, the Hospital Manager Backend Services exposed the ASP.NET tracing endp… | 2025-10-30T00:31:02Z | 2025-10-30T00:31:02Z |
| ghsa-p3p5-3cvp-c639 | On affected platforms, restricted users could use SSH port forwarding to access host-internal services | 2025-10-30T00:31:02Z | 2025-10-30T00:31:02Z |
| ghsa-mj5g-pwmc-9x7r | On affected platforms, a restricted user could break out of the CLI sandbox to the system shell and… | 2025-10-30T00:31:02Z | 2025-10-30T00:31:02Z |
| ghsa-jxcg-4mx2-7ggm | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 2025-10-30T00:31:02Z | 2025-10-30T00:31:02Z |
| ghsa-jwmf-chvc-rf92 | Parsing a maliciously crafted DER payload could allocate large amounts of memory, causing memory ex… | 2025-10-30T00:31:02Z | 2025-11-05T00:31:31Z |
| ghsa-c4hj-8xp2-799f | On affected platforms, if SSH session multiplexing was configured on the client side, SSH sessions … | 2025-10-30T00:31:02Z | 2025-10-30T00:31:02Z |
| ghsa-9gcr-gp5f-jw27 | tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.… | 2025-10-30T00:31:02Z | 2025-11-05T00:31:31Z |
| ghsa-549x-5p4h-q5jp | Prior to September 19, 2025, the Hospital Manager Backend Services returned verbose ASP.NET error p… | 2025-10-30T00:31:02Z | 2025-10-30T00:31:02Z |
| ghsa-47pv-wxrm-xq5g | On affected platforms, restricted users could view sensitive portions of the config database via a … | 2025-10-30T00:31:02Z | 2025-10-30T00:31:02Z |
| ghsa-447v-2qg4-h8hc | The Parse function permits values other than IPv6 addresses to be included in square brackets withi… | 2025-10-30T00:31:02Z | 2025-11-05T00:31:31Z |
| ghsa-7p73-8jqx-23r8 | LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore | 2025-10-29T22:21:43Z | 2025-10-29T22:21:43Z |
| ghsa-cfjq-28r2-4jv5 | Zitadel May Bypass Second Authentication Factor | 2025-10-29T22:21:27Z | 2025-11-05T22:14:13Z |
| ghsa-xrw9-r35x-x878 | Zitadel allows brute-forcing authentication factors | 2025-10-29T22:21:05Z | 2025-11-05T22:13:38Z |
| ghsa-mwmh-7px9-4c23 | ZITADEL Vulnerable to Account Takeover via Malicious Forwarded Header Injection | 2025-10-29T22:20:50Z | 2025-11-05T22:13:14Z |
| ghsa-grjp-54v3-c442 | OpenUSD File Parsing Use-After-Free Remote Code Execution Vulnerability | 2025-10-29T22:13:03Z | 2025-10-29T22:13:03Z |
| ghsa-pqhf-p39g-3x64 | uv allows ZIP payload obfuscation through parsing differentials | 2025-10-29T22:12:57Z | 2025-10-29T22:12:57Z |
| ghsa-2hvh-cw5c-8q8q | CKAN vulnerable to fixed session IDs | 2025-10-29T21:49:14Z | 2025-10-29T21:49:15Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-40099 | N/A | cifs: parse_dfs_referrals: prevent oob on malformed input |
Linux |
Linux |
2025-10-30T09:48:05.859Z | 2025-10-30T09:48:05.859Z |
| cve-2025-40098 | N/A | ALSA: hda: cs35l41: Fix NULL pointer dereference in cs… |
Linux |
Linux |
2025-10-30T09:48:05.200Z | 2025-10-30T09:48:05.200Z |
| cve-2025-40097 | N/A | ALSA: hda: Fix missing pointer check in hda_component_… |
Linux |
Linux |
2025-10-30T09:48:04.567Z | 2025-10-30T09:48:04.567Z |
| cve-2025-40096 | N/A | drm/sched: Fix potential double free in drm_sched_job_… |
Linux |
Linux |
2025-10-30T09:48:03.954Z | 2025-10-30T09:48:03.954Z |
| cve-2025-40095 | N/A | usb: gadget: f_rndis: Refactor bind path to use __free() |
Linux |
Linux |
2025-10-30T09:48:03.276Z | 2025-10-30T09:48:03.276Z |
| cve-2025-40094 | N/A | usb: gadget: f_acm: Refactor bind path to use __free() |
Linux |
Linux |
2025-10-30T09:48:02.446Z | 2025-10-30T09:48:02.446Z |
| cve-2025-40093 | N/A | usb: gadget: f_ecm: Refactor bind path to use __free() |
Linux |
Linux |
2025-10-30T09:48:00.807Z | 2025-10-30T09:48:00.807Z |
| cve-2025-40092 | N/A | usb: gadget: f_ncm: Refactor bind path to use __free() |
Linux |
Linux |
2025-10-30T09:47:59.910Z | 2025-10-30T09:47:59.910Z |
| cve-2025-40091 | N/A | ixgbe: fix too early devlink_free() in ixgbe_remove() |
Linux |
Linux |
2025-10-30T09:47:59.253Z | 2025-10-30T09:47:59.253Z |
| cve-2025-40090 | N/A | ksmbd: fix recursive locking in RPC handle list access |
Linux |
Linux |
2025-10-30T09:47:58.611Z | 2025-10-30T09:47:58.611Z |
| cve-2025-40089 | N/A | cxl/features: Add check for no entries in cxl_feature_info |
Linux |
Linux |
2025-10-30T09:47:57.990Z | 2025-10-30T09:47:57.990Z |
| cve-2025-40088 | N/A | hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() |
Linux |
Linux |
2025-10-30T09:47:57.333Z | 2025-10-30T09:47:57.333Z |
| cve-2025-40087 | N/A | NFSD: Define a proc_layoutcommit for the FlexFiles lay… |
Linux |
Linux |
2025-10-30T09:47:56.675Z | 2025-10-30T09:47:56.675Z |
| cve-2025-40086 | N/A | drm/xe: Don't allow evicting of BOs in same VM in arra… |
Linux |
Linux |
2025-10-30T09:47:56.005Z | 2025-10-30T09:47:56.005Z |
| cve-2025-54471 | 6.5 (v3.1) | NeuVector is shipping cryptographic material into its binary |
SUSE |
neuvector |
2025-10-30T09:45:56.931Z | 2025-10-30T13:59:54.426Z |
| cve-2025-54941 | Apache Airflow: Command injection in "example_dag_decorator" |
Apache Software Foundation |
Apache Airflow |
2025-10-30T09:45:26.712Z | 2025-11-04T21:12:56.896Z | |
| cve-2025-54469 | 9.9 (v3.1) | NeuVector Enforcer is vulnerable to Command Injection … |
SUSE |
neuvector |
2025-10-30T09:41:57.086Z | 2025-10-31T03:55:27.162Z |
| cve-2025-54470 | 8.6 (v3.1) | NeuVector telemetry sender is vulnerable to MITM and DoS |
SUSE |
neuvector |
2025-10-30T09:38:58.261Z | 2025-10-30T14:01:08.513Z |
| cve-2025-62402 | Apache Airflow: Airflow 3 API: /api/v2/dagReports exec… |
Apache Software Foundation |
Apache Airflow |
2025-10-30T09:14:27.456Z | 2025-10-31T03:55:27.925Z | |
| cve-2025-62503 | Apache Airflow: Privilege boundary bypass in bulk APIs… |
Apache Software Foundation |
Apache Airflow |
2025-10-30T09:11:16.813Z | 2025-10-30T14:25:43.960Z | |
| cve-2025-11906 | 6.7 (v3.1) | Privilege escalation via writable configuration files … |
Progress Software |
Flowmon |
2025-10-30T07:39:38.530Z | 2025-10-31T03:55:28.727Z |
| cve-2025-11881 | AppPresser – Mobile App Framework <= 4.5.0 - Missing A… |
scottopolis |
AppPresser – Mobile App Framework |
2025-10-30T06:45:40.381Z | 2025-10-30T14:11:55.365Z | |
| cve-2025-10636 | N/A | NS Maintenance Mode for WP <= 1.3.1 - Admin+ Stored XSS |
Unknown |
NS Maintenance Mode for WP |
2025-10-30T06:00:07.969Z | 2025-10-30T14:09:05.103Z |
| cve-2025-62229 | 7.3 (v3.1) | Xorg: xmayland: use-after-free in xpresentnotify struc… |
Red Hat |
Red Hat Enterprise Linux 10 |
2025-10-30T05:28:48.131Z | 2025-11-11T20:33:54.695Z |
| cve-2025-10008 | Translate WordPress and go Multilingual – Weglot <= 5.… |
remyb92 |
Translate WordPress and go Multilingual – Weglot |
2025-10-30T05:28:27.857Z | 2025-10-30T14:01:45.215Z | |
| cve-2025-11627 | Site Checkup AI Troubleshooting with Wizard and Tips f… |
sminozzi |
Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue |
2025-10-30T05:28:27.216Z | 2025-10-30T13:53:07.955Z | |
| cve-2025-62230 | 7.3 (v3.1) | Xorg: xwayland: use-after-free in xkb client resource … |
Red Hat |
Red Hat Enterprise Linux 10 |
2025-10-30T05:19:40.445Z | 2025-11-11T20:35:54.038Z |
| cve-2025-62231 | 7.3 (v3.1) | Xorg: xmayland: value overflow in xkbsetcompatmap() |
Red Hat |
Red Hat Enterprise Linux 10 |
2025-10-30T05:08:32.155Z | 2025-11-11T20:36:03.829Z |
| cve-2025-12475 | Blocksy Companion <= 2.1.14 - Authenticated (Contribut… |
creativethemeshq |
Blocksy Companion |
2025-10-30T04:26:01.452Z | 2025-10-30T13:54:22.488Z | |
| cve-2025-63885 | N/A | A stored cross-site scripting (XSS) vulnerability… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T18:27:03.667Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-62266 | 5.1 (v4.0) | By default, Liferay Portal 7.4.0 through 7.4.3.11… |
Liferay |
Portal |
2025-10-30T17:37:21.375Z | 2025-10-30T19:06:43.671Z |
| cve-2025-56313 | N/A | A Reflected Cross-Site Scripting (XSS) vulnerabil… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T18:22:04.335Z |
| cve-2025-64096 | CryptoLib vulnerable to Stack Buffer Overflow in Crypt… |
nasa |
CryptoLib |
2025-10-30T17:09:24.240Z | 2025-10-30T18:16:02.552Z | |
| cve-2025-63885 | N/A | A stored cross-site scripting (XSS) vulnerability… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T18:27:03.667Z |
| cve-2025-62795 | JumpServer Unauthorized LDAP Configuration Access via … |
jumpserver |
jumpserver |
2025-10-30T16:56:09.321Z | 2025-10-31T18:37:42.071Z | |
| cve-2025-62726 | n8n Vulnerable to Remote Code Execution via Git Node P… |
n8n-io |
n8n |
2025-10-30T16:24:11.484Z | 2025-10-31T18:19:31.619Z | |
| cve-2025-61196 | N/A | An issue in BusinessNext CRMnext v.10.8.3.0 allow… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-31T14:42:04.943Z |
| cve-2025-61121 | N/A | Mobile Scanner Android App version 2.12.38 (packa… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:53:59.183Z |
| cve-2025-61120 | N/A | AG Life Logger Android App version v1.0.2.72 and … |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:52:38.303Z |
| cve-2025-61119 | N/A | Kanova Android App version 1.0.27 (package name c… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:49:42.126Z |
| cve-2025-61114 | N/A | 2nd Line Android App version v1.2.92 and before (… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:46:47.109Z |
| cve-2025-60950 | N/A | An arbitrary file upload vulnerability in the Dat… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:55:24.054Z |
| cve-2025-60319 | N/A | PerfreeBlog v4.0.11 is vulnerable to Server-Side … |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:51:08.362Z |
| cve-2025-12060 | 8.9 (v4.0) | Keras keras.utils.get_file Utility Path Traversal Vuln… |
Keras |
Keras |
2025-10-30T17:10:43.868Z | 2025-11-01T03:55:52.355Z |
| cve-2025-62712 | JumpServer Connection Token Leak Vulnerability |
jumpserver |
jumpserver |
2025-10-30T16:08:32.669Z | 2025-10-31T17:42:40.815Z | |
| cve-2025-61118 | N/A | mCarFix Motorists App version 2.3 (package name c… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:45:29.185Z |
| cve-2025-61117 | N/A | Senza: Keto & Fasting Android App version 2.10.15… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:44:23.402Z |
| cve-2025-61116 | N/A | AdForest - Classified Android App version 4.0.12 … |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:41:17.147Z |
| cve-2025-61115 | N/A | ABC Fine Wine & Spirits Android App version v.11.… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:42:34.709Z |
| cve-2025-61113 | N/A | TalkTalk 3.3.6 Android App contains improper acce… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:40:07.750Z |
| cve-2025-46363 | 4.3 (v3.1) | Dell Secure Connect Gateway (SCG) 5.0 Application… |
Dell |
Secure Connect Gateway SCG 5.0 Application and Appliance |
2025-10-30T15:22:43.106Z | 2025-10-30T16:00:58.601Z |
| cve-2025-36592 | 5.4 (v3.1) | Dell Secure Connect Gateway (SCG) Policy Manager,… |
Dell |
Secure Connect Gateway SCG Policy Manager |
2025-10-30T15:26:59.326Z | 2025-10-30T17:37:02.064Z |
| cve-2025-12517 | 2.1 (v4.0) | Credits Page not Matching Versions in Use in the Firmware |
Azure Access Technology |
BLU-IC2 |
2025-10-30T15:47:04.209Z | 2025-10-30T16:24:57.181Z |
| cve-2025-12516 | 10 (v4.0) | Lack of Graceful Error Handling - HTTP 5xx Error |
Azure Access Technology |
BLU-IC2 |
2025-10-30T15:42:21.656Z | 2025-10-30T17:24:46.054Z |
| cve-2025-12515 | 10 (v4.0) | Systemic Internal Server Errors - HTTP 500 Response |
Azure Access Technology |
BLU-IC2 |
2025-10-30T15:38:45.150Z | 2025-10-30T17:27:30.155Z |
| cve-2025-11998 | 6.8 (v4.0) | HP Card Readers (B Models) – Potential Information Dis… |
HP Inc. |
Card Readers B Model |
2025-10-30T16:00:33.564Z | 2025-10-30T21:55:21.406Z |
| cve-2025-5347 | 6.3 (v3.1) | Stored XSS |
Zohocorp |
ManageEngine Exchange Reporter Plus |
2025-10-30T14:31:51.240Z | 2025-10-30T14:46:50.399Z |
| cve-2025-5343 | 6.3 (v3.1) | Stored XSS |
Zohocorp |
ManageEngine Exchange Reporter Plus |
2025-10-30T14:28:20.681Z | 2025-10-30T14:46:41.725Z |
| cve-2025-5342 | 4.3 (v3.1) | Denial of Service (DoS) |
Zohocorp |
ManageEngine Exchange Reporter Plus |
2025-10-30T14:20:53.989Z | 2025-10-30T14:46:13.685Z |
| cve-2025-50574 | N/A | Cross-site scripting (XSS) vulnerability in blog-… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-11-04T15:42:06.733Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-188521 | Malicious code in paleoecology-tardigrade-express-rocket (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188520 | Malicious code in paleoecology-stop-javascript-google (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188519 | Malicious code in paleoecology-cygnus-jovian-telesto (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188518 | Malicious code in paleoecology-backend-hydrogeology-postcss-loader (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188517 | Malicious code in paleoclimatology-sagitta-hydra-geochronology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188516 | Malicious code in paleoclimatology-paleoanthropology-supercluster-proxima (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188515 | Malicious code in paleoclimatology-outercore-neptune-nightmare (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188514 | Malicious code in paleoclimatology-nova-rollup-vortex (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188513 | Malicious code in paleoclimatology-node-sass-asteroid-pulsar (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188512 | Malicious code in paleoclimatology-jsonp-troposphere-nodejs (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188511 | Malicious code in paleoclimatology-izar-coronalmassejection-webdriver-mocha (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188510 | Malicious code in paleoclimatology-hydra-schema-genomics (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188509 | Malicious code in paleoclimatology-framework-mensa-spectron (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188508 | Malicious code in paleoclimatology-eventhoriz-areology-higgs (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188507 | Malicious code in paleoclimatology-draco-backend-triton (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188506 | Malicious code in paleoclimatology-cosmogenic-crust-kardashevscale (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188505 | Malicious code in paleoceanography-shelljs-umbriel-galaxy (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188504 | Malicious code in paleoceanography-sedna-axios-apollo (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188503 | Malicious code in paleobotany-warp-less-uranology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188502 | Malicious code in paleobotany-perseus-draco-mensa (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188501 | Malicious code in paleobotany-nightwatch-epimetheus-spectroscopy (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188500 | Malicious code in paleobotany-janus-writable-cosmicweb (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188499 | Malicious code in paleobotany-commitlint-config-angular-ultra-nebula (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188498 | Malicious code in paleobotany-callback-magnetosphere-bellatrix (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188497 | Malicious code in paleoanthropology-helios-auth-panspermia (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188496 | Malicious code in package-zenobia-elektra-geodynamo (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188495 | Malicious code in package-uninstall-scorpius-react-bootstrap (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188494 | Malicious code in package-pyxis-cressida-kastra (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188493 | Malicious code in package-process-helios-markdown-pdf (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188492 | Malicious code in package-nconf-antares-quasar (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:7410 | Red Hat Security Advisory: libxslt security update | 2025-05-13T13:56:17+00:00 | 2025-11-06T22:36:00+00:00 |
| rhsa-2025:7407 | Red Hat Security Advisory: opentelemetry-collector security update | 2025-05-13T13:53:53+00:00 | 2025-11-14T16:48:08+00:00 |
| rhsa-2025:7397 | Red Hat Security Advisory: skopeo security update | 2025-05-13T13:31:37+00:00 | 2025-11-14T04:51:30+00:00 |
| rhsa-2025:7391 | Red Hat Security Advisory: podman security update | 2025-05-13T13:31:19+00:00 | 2025-11-14T04:51:30+00:00 |
| rhsa-2025:7389 | Red Hat Security Advisory: buildah security update | 2025-05-13T13:28:19+00:00 | 2025-11-14T04:51:29+00:00 |
| rhsa-2025:7387 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-05-13T13:26:55+00:00 | 2025-11-06T22:36:00+00:00 |
| rhba-2025:5309 | Red Hat Bug Fix Advisory: mod_proxy_cluster bug fix and enhancement update | 2025-05-13T11:58:11+00:00 | 2025-11-08T07:12:53+00:00 |
| rhba-2025:4872 | Red Hat Bug Fix Advisory: rpm-ostree bug fix and enhancement update | 2025-05-13T11:53:36+00:00 | 2025-11-06T22:42:34+00:00 |
| rhsa-2025:7049 | Red Hat Security Advisory: python-requests security update | 2025-05-13T09:07:31+00:00 | 2025-11-06T23:59:31+00:00 |
| rhsa-2025:7050 | Red Hat Security Advisory: rsync security update | 2025-05-13T09:04:13+00:00 | 2025-11-06T22:02:33+00:00 |
| rhsa-2025:7331 | Red Hat Security Advisory: nginx security update | 2025-05-13T08:50:26+00:00 | 2025-11-14T11:19:15+00:00 |
| rhsa-2025:7256 | Red Hat Security Advisory: git-lfs security update | 2025-05-13T08:49:39+00:00 | 2025-11-13T17:42:12+00:00 |
| rhsa-2025:7043 | Red Hat Security Advisory: microcode_ctl security update | 2025-05-13T08:49:17+00:00 | 2025-11-06T22:45:21+00:00 |
| rhsa-2025:7326 | Red Hat Security Advisory: rhc security update | 2025-05-13T08:44:22+00:00 | 2025-11-13T16:46:27+00:00 |
| rhsa-2025:7309 | Red Hat Security Advisory: openjpeg2 security update | 2025-05-13T08:43:29+00:00 | 2025-11-06T22:35:59+00:00 |
| rhsa-2025:7350 | Red Hat Security Advisory: perl-Module-ScanDeps security update | 2025-05-13T08:42:56+00:00 | 2025-11-06T22:02:35+00:00 |
| rhsa-2025:7315 | Red Hat Security Advisory: php security update | 2025-05-13T08:42:27+00:00 | 2025-11-06T22:02:34+00:00 |
| rhsa-2025:7118 | Red Hat Security Advisory: osbuild and osbuild-composer security update | 2025-05-13T08:41:23+00:00 | 2025-11-14T11:17:44+00:00 |
| rhsa-2025:6993 | Red Hat Security Advisory: openssh security update | 2025-05-13T08:40:48+00:00 | 2025-11-06T23:35:04+00:00 |
| rhsa-2025:7201 | Red Hat Security Advisory: corosync security update | 2025-05-13T08:39:06+00:00 | 2025-11-06T23:15:27+00:00 |
| rhsa-2025:7242 | Red Hat Security Advisory: gstreamer1-plugins-good security update | 2025-05-13T08:36:31+00:00 | 2025-11-06T22:56:48+00:00 |
| rhsa-2025:7243 | Red Hat Security Advisory: gstreamer1-plugins-base security update | 2025-05-13T08:36:30+00:00 | 2025-11-06T22:56:49+00:00 |
| rhsa-2025:6990 | Red Hat Security Advisory: grub2 security update | 2025-05-13T08:36:02+00:00 | 2025-11-06T23:24:25+00:00 |
| rhsa-2025:7107 | Red Hat Security Advisory: python3.12 security update | 2025-05-13T08:34:04+00:00 | 2025-11-06T23:24:25+00:00 |
| rhsa-2025:7178 | Red Hat Security Advisory: gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server security update | 2025-05-13T08:31:44+00:00 | 2025-10-21T08:02:06+00:00 |
| rhsa-2025:6977 | Red Hat Security Advisory: python3.9 security update | 2025-05-13T08:29:11+00:00 | 2025-11-06T23:24:25+00:00 |
| rhsa-2025:7165 | Red Hat Security Advisory: xorg-x11-server-Xwayland security update | 2025-05-13T08:29:00+00:00 | 2025-11-06T23:35:04+00:00 |
| rhsa-2025:6966 | Red Hat Security Advisory: kernel security update | 2025-05-13T08:28:50+00:00 | 2025-11-14T11:18:14+00:00 |
| rhsa-2025:7163 | Red Hat Security Advisory: xorg-x11-server security update | 2025-05-13T08:28:20+00:00 | 2025-11-06T23:35:04+00:00 |
| rhsa-2025:7138 | Red Hat Security Advisory: protobuf security update | 2025-05-13T08:26:57+00:00 | 2025-11-11T08:36:59+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2024-57872 | scsi: ufs: pltfrm: Dellocate HBA during ufshcd_pltfrm_remove() | 2025-01-02T00:00:00.000Z | 2025-09-03T21:17:13.000Z |
| msrc_cve-2024-57857 | RDMA/siw: Remove direct link to net_device | 2025-01-02T00:00:00.000Z | 2025-09-04T03:42:28.000Z |
| msrc_cve-2024-57850 | jffs2: Prevent rtime decompress memory corruption | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-57843 | virtio-net: fix overflow inside virtnet_rq_alloc | 2025-01-02T00:00:00.000Z | 2025-09-27T01:02:44.000Z |
| msrc_cve-2024-57841 | net: fix memory leak in tcp_conn_request() | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-57809 | PCI: imx6: Fix suspend/resume support on i.MX6QDL | 2025-01-02T00:00:00.000Z | 2025-09-03T22:29:01.000Z |
| msrc_cve-2024-57807 | scsi: megaraid_sas: Fix for a potential deadlock | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-57804 | scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs | 2025-01-02T00:00:00.000Z | 2025-09-04T00:29:05.000Z |
| msrc_cve-2024-57802 | netrom: check buffer length before accessing it | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-57801 | net/mlx5e: Skip restore TC rules for vport rep without loaded flag | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-57798 | drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56787 | soc: imx8m: Probe the SoC driver as platform driver | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56786 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 2025-01-02T00:00:00.000Z | 2025-06-19T00:00:00.000Z |
| msrc_cve-2024-56785 | MIPS: Loongson64: DTS: Really fix PCIe port nodes for ls7a | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56784 | drm/amd/display: Adding array index check to prevent memory corruption | 2025-01-02T00:00:00.000Z | 2025-09-03T22:36:39.000Z |
| msrc_cve-2024-56783 | netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56782 | ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration() | 2025-01-02T00:00:00.000Z | 2025-09-03T22:32:19.000Z |
| msrc_cve-2024-56781 | powerpc/prom_init: Fixup missing powermac #size-cells | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56780 | quota: flush quota_release_work upon quota writeback | 2025-01-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56779 | nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur | 2025-01-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56778 | drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check | 2025-01-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56777 | drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check | 2025-01-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56776 | drm/sti: avoid potential dereference of error pointers | 2025-01-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56775 | drm/amd/display: Fix handling of plane refcount | 2025-01-02T00:00:00.000Z | 2025-09-03T21:57:30.000Z |
| msrc_cve-2024-56774 | btrfs: add a sanity check for btrfs root in btrfs_search_slot() | 2025-01-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56770 | net/sched: netem: account for backlog updates from child qdisc | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56769 | media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56767 | dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56766 | mtd: rawnand: fix double free in atmel_pmecc_create_user() | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56765 | powerpc/pseries/vas: Add close() callback in vas_vm_ops struct | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2014-000138 | OS command injection vulnerability in multiple FUJITSU Android devices | 2014-12-02T14:21+09:00 | 2014-12-09T15:33+09:00 |
| jvndb-2014-000137 | Multiple improper data validation vulnerabilities in Syslink driver for Texas Instruments OMAP mobile processors | 2014-12-02T13:56+09:00 | 2014-12-09T15:34+09:00 |
| jvndb-2014-000136 | SEIL Series routers vulnerable to denial-of-service (DoS) | 2014-12-01T15:24+09:00 | 2014-12-09T15:31+09:00 |
| jvndb-2014-000135 | SEIL Series routers vulnerable to denial-of-service (DoS) | 2014-12-01T15:18+09:00 | 2014-12-09T15:32+09:00 |
| jvndb-2014-000141 | FAST/TOOLS vulnerable to improper restriction of XML external entity references | 2014-11-28T14:54+09:00 | 2014-12-10T10:16+09:00 |
| jvndb-2014-000134 | BSD Operating Systems vulnerable to denial-of-service (DoS) | 2014-11-21T14:10+09:00 | 2014-12-16T17:08+09:00 |
| jvndb-2014-000133 | iLogScanner vulnerable to cross-site scripting | 2014-11-14T14:38+09:00 | 2014-11-18T18:22+09:00 |
| jvndb-2014-000118 | Direct Web Remoting (DWR) vulnerable to cross-site scripting | 2014-11-14T14:37+09:00 | 2014-11-25T17:51+09:00 |
| jvndb-2014-000117 | Direct Web Remoting (DWR) vulnerable to XML external entity injection | 2014-11-14T14:33+09:00 | 2014-11-25T17:50+09:00 |
| jvndb-2014-000131 | Ichitaro series vulnerable to arbitrary code execution | 2014-11-13T16:52+09:00 | 2014-11-27T17:58+09:00 |
| jvndb-2014-004833 | Vulnerability in JP1/NETM/DM and Job Management Partner 1/Software Distribution data reproduction functionality | 2014-11-11T15:33+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-000130 | Multiple Cybozu products vulnerable to buffer overflow | 2014-11-11T13:36+09:00 | 2014-11-25T17:52+09:00 |
| jvndb-2014-000129 | OpenAM vulnerable to denial-of-service (DoS) | 2014-11-10T14:23+09:00 | 2014-11-20T10:09+09:00 |
| jvndb-2014-000126 | QNAP QTS vulnerable to OS command injection | 2014-10-28T14:39+09:00 | 2015-12-25T13:47+09:00 |
| jvndb-2014-000125 | SumaHo for Android fails to verify SSL/TLS server certificates | 2014-10-23T13:43+09:00 | 2018-03-07T14:24+09:00 |
| jvndb-2014-000123 | GIGAPOD vulnerable to denial-of-service (DoS) | 2014-10-16T13:51+09:00 | 2024-05-13T18:10+09:00 |
| jvndb-2014-000122 | Aflax vulnerable to cross-site scripting | 2014-10-16T13:35+09:00 | 2014-10-24T18:32+09:00 |
| jvndb-2014-000121 | BirdBlog vulnerable to cross-site scripting | 2014-10-16T13:26+09:00 | 2014-10-16T13:26+09:00 |
| jvndb-2014-000120 | Huawei E5332 vulnerable to denial-of-service (DoS) | 2014-10-10T14:03+09:00 | 2014-10-21T15:11+09:00 |
| jvndb-2014-000119 | Huawei E5332 vulnerable to denial-of-service (DoS) | 2014-10-10T14:02+09:00 | 2014-10-21T15:15+09:00 |
| jvndb-2014-004316 | Safari issue in handling application cache | 2014-09-25T14:54+09:00 | 2014-09-25T14:54+09:00 |
| jvndb-2014-000116 | Yahoo! Japan Box for Android issue where it fails to verify SSL server certificates | 2014-09-25T14:54+09:00 | 2014-09-25T14:54+09:00 |
| jvndb-2014-000112 | N-Media file uploader vulnerability in handling uploaded files | 2014-09-25T14:53+09:00 | 2014-09-29T11:39+09:00 |
| jvndb-2014-000108 | jigbrowser+ for iOS same origin policy bypass | 2014-09-25T14:52+09:00 | 2014-09-29T11:47+09:00 |
| jvndb-2014-000107 | SLFileManager for Android vulnerable to directory traversal | 2014-09-25T14:52+09:00 | 2015-07-31T16:30+09:00 |
| jvndb-2014-000111 | Yuko Yuko App for Android fails to verify SSL server certificates | 2014-09-22T13:50+09:00 | 2014-09-22T13:50+09:00 |
| jvndb-2014-000110 | Dotclear vulnerable to cross-site scripting | 2014-09-19T13:42+09:00 | 2014-09-25T17:52+09:00 |
| jvndb-2014-000109 | Bump for Android vulnerable in handling of implicit intents | 2014-09-19T13:41+09:00 | 2014-09-25T17:44+09:00 |
| jvndb-2014-000114 | FileMaker Pro fails to verify SSL server certificates | 2014-09-18T20:36+09:00 | 2014-09-24T18:47+09:00 |
| jvndb-2014-000113 | FileMaker Pro vulnerable to cross-site scripting | 2014-09-18T20:36+09:00 | 2015-05-22T11:37+09:00 |
| ID | Description | Updated |
|---|