Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-mwmh-7px9-4c23 | ZITADEL Vulnerable to Account Takeover via Malicious Forwarded Header Injection | 2025-10-29T22:20:50Z | 2025-11-05T22:13:14Z |
| ghsa-grjp-54v3-c442 | OpenUSD File Parsing Use-After-Free Remote Code Execution Vulnerability | 2025-10-29T22:13:03Z | 2025-10-29T22:13:03Z |
| ghsa-pqhf-p39g-3x64 | uv allows ZIP payload obfuscation through parsing differentials | 2025-10-29T22:12:57Z | 2025-10-29T22:12:57Z |
| ghsa-2hvh-cw5c-8q8q | CKAN vulnerable to fixed session IDs | 2025-10-29T21:49:14Z | 2025-10-29T21:49:15Z |
| ghsa-3m8r-w7xg-jqvw | DNN Insufficient Access Control - Image Upload allows for Site Content Overwrite | 2025-10-29T21:48:52Z | 2025-10-29T21:48:52Z |
| ghsa-hmvq-8p83-cq52 | DNN vulnerable to stored cross-site-scripting (XSS) via SVG upload | 2025-10-29T21:47:49Z | 2025-10-29T21:47:49Z |
| ghsa-2374-6cvw-qmx6 | DNN CKEditor Provider allows unauthenticated upload out-of-the-box | 2025-10-29T21:44:28Z | 2025-10-29T21:44:28Z |
| ghsa-x73c-96p4-3xvv | Razer Synapse 3 RazerPhilipsHueUninstall Link Following Local Privilege Escalation Vulnerability. T… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-wv7v-cchq-8fjh | GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerab… | 2025-10-29T21:30:33Z | 2025-11-04T03:30:26Z |
| ghsa-w4vf-cc4x-mpjq | LiteLLM Information health API_KEY Information Disclosure Vulnerability. This vulnerability allows … | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-r6ww-7hxw-68c6 | memoQ 10.1.13.ef1b2b52aae and earlier contains an unquoted service path vulnerability in the memoQ … | 2025-10-29T21:30:33Z | 2025-10-30T15:32:34Z |
| ghsa-qg28-3m9m-fp3g | GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allow… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-q3g4-86cm-rj2h | Allegra DatabaseBackupBL Directory Traversal Information Disclosure Vulnerability. This vulnerabili… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-pcf6-9gh3-h6jw | Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulne… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-p2c7-54v2-7989 | win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability. This v… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-j494-wrfm-4v9c | Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability. This vulnerab… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-9p8c-493c-qp6m | GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerab… | 2025-10-29T21:30:33Z | 2025-11-03T18:31:51Z |
| ghsa-9cpj-q6fm-2g3q | Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability. This vul… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-6xj8-rrqx-r4cv | MLflow Weak Password Requirements Authentication Bypass Vulnerability | 2025-10-29T21:30:33Z | 2025-11-05T16:09:13Z |
| ghsa-6v3v-9p87-2gg6 | Insecure Direct Object Reference (IDOR) in /tenants/{id} API endpoint in Inforcer Platform version … | 2025-10-29T21:30:33Z | 2025-10-30T15:32:34Z |
| ghsa-6pqm-mccv-6977 | GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerab… | 2025-10-29T21:30:33Z | 2025-11-03T18:31:51Z |
| ghsa-69mp-wcfm-5322 | GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulner… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-68v9-mpj8-43v9 | Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability. This vulner… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-5cvj-7rg6-jggj | MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability | 2025-10-29T21:30:33Z | 2025-11-05T16:12:40Z |
| ghsa-4hq6-c566-v4h6 | GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability all… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-3r6w-f62x-hc2h | D-Link DNS-343 ShareCenter devices running firmware versions up to and including 1.05 contain a com… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-2x5h-7fq5-8m9f | GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability … | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-2r4p-cp55-g7gf | Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-wcxf-jmjh-x27q | To trigger the issue, three configuration parameters must have specific settings: "hostname-char-se… | 2025-10-29T18:30:35Z | 2025-11-05T00:31:31Z |
| ghsa-r9fw-cwjr-j3hp | An unquoted service path in Kingosoft Technology Ltd Kingo ROOT v1.5.8.3353 allows attackers to esc… | 2025-10-29T18:30:35Z | 2025-10-29T21:30:32Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-63422 | N/A | Incorrect access control in the Web management in… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:58:32.148Z |
| cve-2025-63298 | N/A | A path traversal vulnerability was identified in … |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:57:36.156Z |
| cve-2025-61498 | N/A | A buffer overflow in the UPnP service of Tenda AC… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T21:01:04.959Z |
| cve-2025-61196 | N/A | An issue in BusinessNext CRMnext v.10.8.3.0 allow… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-31T14:42:04.943Z |
| cve-2025-61141 | N/A | sqls-server/sqls 0.2.28 is vulnerable to command … |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T21:02:01.794Z |
| cve-2025-61121 | N/A | Mobile Scanner Android App version 2.12.38 (packa… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:53:59.183Z |
| cve-2025-61120 | N/A | AG Life Logger Android App version v1.0.2.72 and … |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:52:38.303Z |
| cve-2025-61119 | N/A | Kanova Android App version 1.0.27 (package name c… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:49:42.126Z |
| cve-2025-61118 | N/A | mCarFix Motorists App version 2.3 (package name c… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:45:29.185Z |
| cve-2025-61117 | N/A | Senza: Keto & Fasting Android App version 2.10.15… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:44:23.402Z |
| cve-2025-61116 | N/A | AdForest - Classified Android App version 4.0.12 … |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:41:17.147Z |
| cve-2025-61115 | N/A | ABC Fine Wine & Spirits Android App version v.11.… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:42:34.709Z |
| cve-2025-61114 | N/A | 2nd Line Android App version v1.2.92 and before (… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:46:47.109Z |
| cve-2025-61113 | N/A | TalkTalk 3.3.6 Android App contains improper acce… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:40:07.750Z |
| cve-2025-60950 | N/A | An arbitrary file upload vulnerability in the Dat… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:55:24.054Z |
| cve-2025-60319 | N/A | PerfreeBlog v4.0.11 is vulnerable to Server-Side … |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:51:08.362Z |
| cve-2025-57109 | N/A | Kitware VTK (Visualization Toolkit) 9.5.0 is vuln… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:56:40.033Z |
| cve-2025-56313 | N/A | A Reflected Cross-Site Scripting (XSS) vulnerabil… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T18:22:04.335Z |
| cve-2025-52180 | N/A | Cross-site scripting (XSS) vulnerability in Zucch… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-31T19:32:37.108Z |
| cve-2025-52179 | N/A | Cross-site scripting (XSS) vulnerability in Zucch… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-11-03T20:36:53.894Z |
| cve-2025-50739 | N/A | iib0011 omni-tools v0.4.0 is vulnerable to remote… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-11-04T15:45:10.590Z |
| cve-2025-50736 | N/A | An open redirect vulnerability exists in Byaidu P… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-11-04T15:46:51.400Z |
| cve-2025-50574 | N/A | Cross-site scripting (XSS) vulnerability in blog-… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-11-04T15:42:06.733Z |
| cve-2025-62257 | 6.3 (v4.0) | Password enumeration vulnerability in Liferay Por… |
Liferay |
Portal |
2025-10-29T23:24:42.740Z | 2025-10-30T17:41:13.870Z |
| cve-2025-12466 | N/A | Simple OAuth (OAuth2) & OpenID Connect - Critical - Ac… |
Drupal |
Simple OAuth (OAuth2) & OpenID Connect |
2025-10-29T23:14:51.343Z | 2025-10-30T14:38:59.887Z |
| cve-2025-12083 | N/A | CivicTheme Design System - Moderately critical - Cross… |
Drupal |
CivicTheme Design System |
2025-10-29T23:14:33.900Z | 2025-10-30T14:40:11.746Z |
| cve-2025-12082 | N/A | CivicTheme Design System - Moderately critical - Infor… |
Drupal |
CivicTheme Design System |
2025-10-29T23:14:19.017Z | 2025-10-30T14:41:28.623Z |
| cve-2025-10929 | N/A | Reverse Proxy Header - Less critical - Access bypass -… |
Drupal |
Reverse Proxy Header |
2025-10-29T23:14:07.047Z | 2025-10-30T13:31:48.665Z |
| cve-2025-10930 | N/A | Currency - Moderately critical - Cross Site Request Fo… |
Drupal |
Currency |
2025-10-29T23:13:54.547Z | 2025-10-30T13:27:10.721Z |
| cve-2025-10931 | N/A | Umami Analytics - Moderately critical - Cross Site Scr… |
Drupal |
Umami Analytics |
2025-10-29T23:13:40.417Z | 2025-10-30T14:15:53.377Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-43027 | 9.8 (v3.1) | A critical severity vulnerability has been identi… |
Genetec Inc. |
Genetec Security Center |
2025-10-30T14:12:27.918Z | 2025-10-31T03:55:30.389Z |
| cve-2025-50739 | N/A | iib0011 omni-tools v0.4.0 is vulnerable to remote… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-11-04T15:45:10.590Z |
| cve-2025-50736 | N/A | An open redirect vulnerability exists in Byaidu P… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-11-04T15:46:51.400Z |
| cve-2025-43941 | 7.2 (v3.1) | Dell Unity, version(s) 5.5 and Prior, contain(s) … |
Dell |
Unity |
2025-10-30T13:57:25.065Z | 2025-10-31T03:55:29.572Z |
| cve-2025-43940 | 7.8 (v3.1) | Dell Unity, version(s) 5.5 and Prior, contain(s) … |
Dell |
Unity |
2025-10-30T14:05:17.818Z | 2025-10-31T03:55:21.915Z |
| cve-2025-43939 | 7.8 (v3.1) | Dell Unity, version(s) 5.4 and prior, contain(s) … |
Dell |
Unity |
2025-10-30T14:10:14.508Z | 2025-10-31T03:55:21.085Z |
| cve-2025-63608 | N/A | A SQL injection vulnerability exists in CSZ-CMS <… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T14:28:47.918Z |
| cve-2025-10348 | 5.1 (v4.0) | Stored Cross-Site Scripting in URVE Smart Office |
Eveo |
URVE Smart Office |
2025-10-30T13:00:43.106Z | 2025-10-30T14:26:38.615Z |
| cve-2025-10317 | 5.1 (v4.0) | Multiple Cross-Site Request Forgery in Quick.Cart |
OpenSolution |
Quick.Cart |
2025-10-30T11:48:43.747Z | 2025-10-30T13:14:48.997Z |
| cve-2025-53883 | 9.3 (v4.0) | spacewalk-java has various XSS issues on search page |
SUSE |
Container suse manager 5.0 |
2025-10-30T10:50:07.580Z | 2025-10-31T03:55:20.245Z |
| cve-2025-53880 | 8.7 (v4.0) | susemanager-tftpsync-recv allows arbitrary file creati… |
SUSE |
Container suse/manager/4.3/proxy-httpd:latest |
2025-10-30T10:31:15.866Z | 2025-10-31T03:55:25.371Z |
| cve-2025-39663 | Cross Site Scripting through compromised remote site |
Checkmk GmbH |
Checkmk |
2025-10-30T10:43:08.500Z | 2025-11-07T16:04:27.994Z | |
| cve-2025-62503 | Apache Airflow: Privilege boundary bypass in bulk APIs… |
Apache Software Foundation |
Apache Airflow |
2025-10-30T09:11:16.813Z | 2025-10-30T14:25:43.960Z | |
| cve-2025-62402 | Apache Airflow: Airflow 3 API: /api/v2/dagReports exec… |
Apache Software Foundation |
Apache Airflow |
2025-10-30T09:14:27.456Z | 2025-10-31T03:55:27.925Z | |
| cve-2025-54941 | Apache Airflow: Command injection in "example_dag_decorator" |
Apache Software Foundation |
Apache Airflow |
2025-10-30T09:45:26.712Z | 2025-11-04T21:12:56.896Z | |
| cve-2025-54471 | 6.5 (v3.1) | NeuVector is shipping cryptographic material into its binary |
SUSE |
neuvector |
2025-10-30T09:45:56.931Z | 2025-10-30T13:59:54.426Z |
| cve-2025-54470 | 8.6 (v3.1) | NeuVector telemetry sender is vulnerable to MITM and DoS |
SUSE |
neuvector |
2025-10-30T09:38:58.261Z | 2025-10-30T14:01:08.513Z |
| cve-2025-54469 | 9.9 (v3.1) | NeuVector Enforcer is vulnerable to Command Injection … |
SUSE |
neuvector |
2025-10-30T09:41:57.086Z | 2025-10-31T03:55:27.162Z |
| cve-2025-40105 | N/A | vfs: Don't leak disconnected dentries on umount |
Linux |
Linux |
2025-10-30T09:48:09.674Z | 2025-10-30T09:48:09.674Z |
| cve-2025-40104 | N/A | ixgbevf: fix mailbox API compatibility by negotiating … |
Linux |
Linux |
2025-10-30T09:48:09.051Z | 2025-10-30T09:48:09.051Z |
| cve-2025-40103 | N/A | smb: client: Fix refcount leak for cifs_sb_tlink |
Linux |
Linux |
2025-10-30T09:48:08.421Z | 2025-10-30T09:48:08.421Z |
| cve-2025-40102 | N/A | KVM: arm64: Prevent access to vCPU events before init |
Linux |
Linux |
2025-10-30T09:48:07.790Z | 2025-10-30T09:48:07.790Z |
| cve-2025-40101 | N/A | btrfs: fix memory leaks when rejecting a non SINGLE da… |
Linux |
Linux |
2025-10-30T09:48:07.155Z | 2025-10-30T09:48:07.155Z |
| cve-2025-40100 | N/A | btrfs: do not assert we found block group item when cr… |
Linux |
Linux |
2025-10-30T09:48:06.521Z | 2025-10-30T09:48:06.521Z |
| cve-2025-40099 | N/A | cifs: parse_dfs_referrals: prevent oob on malformed input |
Linux |
Linux |
2025-10-30T09:48:05.859Z | 2025-10-30T09:48:05.859Z |
| cve-2025-40098 | N/A | ALSA: hda: cs35l41: Fix NULL pointer dereference in cs… |
Linux |
Linux |
2025-10-30T09:48:05.200Z | 2025-10-30T09:48:05.200Z |
| cve-2025-40097 | N/A | ALSA: hda: Fix missing pointer check in hda_component_… |
Linux |
Linux |
2025-10-30T09:48:04.567Z | 2025-10-30T09:48:04.567Z |
| cve-2025-40096 | N/A | drm/sched: Fix potential double free in drm_sched_job_… |
Linux |
Linux |
2025-10-30T09:48:03.954Z | 2025-10-30T09:48:03.954Z |
| cve-2025-40095 | N/A | usb: gadget: f_rndis: Refactor bind path to use __free() |
Linux |
Linux |
2025-10-30T09:48:03.276Z | 2025-10-30T09:48:03.276Z |
| cve-2025-40094 | N/A | usb: gadget: f_acm: Refactor bind path to use __free() |
Linux |
Linux |
2025-10-30T09:48:02.446Z | 2025-10-30T09:48:02.446Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-188461 | Malicious code in ora-process-config-public (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188460 | Malicious code in ora-polaris-uranology-planckscale (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188459 | Malicious code in optimize-uglify-cluster-string-refactor (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188458 | Malicious code in optimize-theta-process-cluster-dog (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188457 | Malicious code in optimize-report-pi-module-hash (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188456 | Malicious code in optimize-proxy-alpha-cache-decompress (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188455 | Malicious code in optimize-pipe-signal-dog-index (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188454 | Malicious code in optimize-double-nu-cluster-function (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188453 | Malicious code in optimize-daemon-scale-char-test (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188452 | Malicious code in optimize-css-assets-webpack-plugin-terser-rollup-plugin-registry (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188451 | Malicious code in optimize-css-assets-webpack-plugin-style-loader-bellatrix-prettier-stylelint (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188450 | Malicious code in optimize-css-assets-webpack-plugin-polaris-docusaurus-andromeda (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188449 | Malicious code in optimize-css-assets-webpack-plugin-pm2-lyra-miranda (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188448 | Malicious code in optimize-cache-static-orchestrate-import (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188447 | Malicious code in ophiuchus-yonder-magellan-remark (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188446 | Malicious code in ophiuchus-whitedwarf-sirius-altair (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188445 | Malicious code in ophiuchus-vuetify-schema-ursa (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188444 | Malicious code in ophiuchus-spectron-webdriver-sedna-halley (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188443 | Malicious code in ophiuchus-sirius-biomimicry-loop (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188442 | Malicious code in ophiuchus-polaris-mineralogy-proteomics (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188441 | Malicious code in ophiuchus-europa-charon-blitz (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188440 | Malicious code in ophiuchus-eleventy-fornax-proxima (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188439 | Malicious code in ophiuchus-dactyl-elara-proxima (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188438 | Malicious code in ophiuchus-corvus-stream-deimos (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188437 | Malicious code in ophiuchus-callisto-semantic-ui-lynx (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188436 | Malicious code in ophiuchus-bunyan-exobiology-biotechnology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188435 | Malicious code in ophiuchus-bootstrap-perseus-airbnb (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188434 | Malicious code in ophiuchus-blueshift-virtualreality-acamar (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188433 | Malicious code in oortcloud-zephyr-kinetic-acamar (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188432 | Malicious code in oortcloud-lint-weywot-luna (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:4607 | Red Hat Security Advisory: redis:6 security update | 2025-05-07T02:40:26+00:00 | 2025-11-14T00:56:16+00:00 |
| rhsa-2025:4576 | Red Hat Security Advisory: Satellite 6.17.0 release | 2025-05-06T20:31:21+00:00 | 2025-11-14T11:18:44+00:00 |
| rhsa-2025:4597 | Red Hat Security Advisory: mod_auth_openidc:2.3 security update | 2025-05-06T20:23:53+00:00 | 2025-11-11T12:11:38+00:00 |
| rhsa-2025:4577 | Red Hat Security Advisory: redis security update | 2025-05-06T17:25:18+00:00 | 2025-11-14T00:56:16+00:00 |
| rhsa-2025:4568 | Red Hat Security Advisory: libsoup security update | 2025-05-06T16:48:22+00:00 | 2025-11-06T23:15:26+00:00 |
| rhsa-2025:4569 | Red Hat Security Advisory: osbuild-composer security update | 2025-05-06T16:43:52+00:00 | 2025-11-14T17:12:32+00:00 |
| rhsa-2025:4508 | Red Hat Security Advisory: libsoup security update | 2025-05-06T16:03:20+00:00 | 2025-11-06T23:15:24+00:00 |
| rhsa-2025:4471 | Red Hat Security Advisory: kernel-rt security update | 2025-05-06T15:55:55+00:00 | 2025-11-11T11:27:28+00:00 |
| rhsa-2025:4560 | Red Hat Security Advisory: libsoup security update | 2025-05-06T15:43:33+00:00 | 2025-11-06T23:15:25+00:00 |
| rhsa-2025:4561 | Red Hat Security Advisory: redis:6 security update | 2025-05-06T15:35:47+00:00 | 2025-11-14T00:56:15+00:00 |
| rhsa-2025:4553 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update | 2025-05-06T14:59:30+00:00 | 2025-10-28T02:02:15+00:00 |
| rhsa-2025:4549 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.22 security update | 2025-05-06T14:32:48+00:00 | 2025-11-11T16:10:17+00:00 |
| rhsa-2025:4550 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.22 security update | 2025-05-06T14:32:08+00:00 | 2025-11-11T16:10:17+00:00 |
| rhsa-2025:4548 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.22 security update | 2025-05-06T14:31:57+00:00 | 2025-11-11T16:10:16+00:00 |
| rhsa-2025:4552 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.22 security update | 2025-05-06T14:28:01+00:00 | 2025-11-06T22:56:48+00:00 |
| rhsa-2025:4538 | Red Hat Security Advisory: libsoup security update | 2025-05-06T13:53:30+00:00 | 2025-11-06T23:15:25+00:00 |
| rhsa-2025:4532 | Red Hat Security Advisory: yelp security update | 2025-05-06T12:20:07+00:00 | 2025-11-11T12:11:38+00:00 |
| rhsa-2025:4509 | Red Hat Security Advisory: kernel security update | 2025-05-06T07:19:20+00:00 | 2025-11-14T10:03:36+00:00 |
| rhsa-2025:4511 | Red Hat Security Advisory: RHODF-4.18-RHEL-9 security update | 2025-05-06T07:14:59+00:00 | 2025-11-14T17:12:31+00:00 |
| rhsa-2025:4502 | Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.10.8 container updates | 2025-05-06T06:29:57+00:00 | 2025-11-14T17:12:30+00:00 |
| rhsa-2025:4505 | Red Hat Security Advisory: yelp security update | 2025-05-06T06:07:26+00:00 | 2025-11-11T12:11:38+00:00 |
| rhsa-2025:4493 | Red Hat Security Advisory: ruby:3.3 security update | 2025-05-06T02:33:16+00:00 | 2025-11-06T23:35:01+00:00 |
| rhsa-2025:4488 | Red Hat Security Advisory: ruby:3.1 security update | 2025-05-06T02:33:06+00:00 | 2025-11-14T10:17:17+00:00 |
| rhsa-2025:4492 | Red Hat Security Advisory: qemu-kvm security update | 2025-05-06T02:29:16+00:00 | 2025-11-08T06:51:46+00:00 |
| rhsa-2025:4487 | Red Hat Security Advisory: ruby security update | 2025-05-06T02:20:21+00:00 | 2025-11-06T23:35:01+00:00 |
| rhsa-2025:4499 | Red Hat Security Advisory: kpatch-patch-5_14_0-503_15_1 and kpatch-patch-5_14_0-503_26_1 security update | 2025-05-06T01:08:56+00:00 | 2025-11-11T11:27:30+00:00 |
| rhsa-2025:4497 | Red Hat Security Advisory: kpatch-patch-5_14_0-427_13_1, kpatch-patch-5_14_0-427_31_1, kpatch-patch-5_14_0-427_44_1, and kpatch-patch-5_14_0-427_55_1 security update | 2025-05-06T00:56:01+00:00 | 2025-11-11T11:27:28+00:00 |
| rhsa-2025:4496 | Red Hat Security Advisory: kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_52_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 security update | 2025-05-06T00:54:31+00:00 | 2025-11-11T11:27:28+00:00 |
| rhsa-2025:4498 | Red Hat Security Advisory: kpatch-patch-5_14_0-70_112_1, kpatch-patch-5_14_0-70_121_1, kpatch-patch-5_14_0-70_124_1, and kpatch-patch-5_14_0-70_85_1 security update | 2025-05-06T00:51:35+00:00 | 2025-11-11T11:27:28+00:00 |
| rhsa-2025:4473 | Red Hat Security Advisory: multicluster Engine for Kubernetes 2.5.9 container updates | 2025-05-05T23:34:14+00:00 | 2025-11-14T17:12:30+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2024-41935 | f2fs: fix to shrink read extent node in batches | 2025-01-02T00:00:00.000Z | 2025-09-25T01:02:23.000Z |
| msrc_cve-2024-41932 | sched: fix warning in sched_setaffinity | 2025-01-02T00:00:00.000Z | 2025-09-03T23:48:23.000Z |
| msrc_cve-2024-36476 | RDMA/rtrs: Ensure 'ib_sge list' is accessible | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-13176 | Timing side-channel in ECDSA signature computation | 2025-01-02T00:00:00.000Z | 2025-04-18T00:00:00.000Z |
| msrc_cve-2024-12747 | Rsync: race condition in rsync handling symbolic links | 2025-01-02T00:00:00.000Z | 2025-01-23T00:00:00.000Z |
| msrc_cve-2024-12705 | DNS-over-HTTPS implementation suffers from multiple issues under heavy query load | 2025-01-02T00:00:00.000Z | 2025-02-20T00:00:00.000Z |
| msrc_cve-2024-12088 | Rsync: --safe-links option bypass leads to path traversal | 2025-01-02T00:00:00.000Z | 2025-06-18T00:00:00.000Z |
| msrc_cve-2024-12087 | Rsync: path traversal vulnerability in rsync | 2025-01-02T00:00:00.000Z | 2025-06-22T00:00:00.000Z |
| msrc_cve-2024-12086 | Rsync: rsync server leaks arbitrary client files | 2025-01-02T00:00:00.000Z | 2025-06-22T00:00:00.000Z |
| msrc_cve-2024-12085 | Rsync: info leak via uninitialized stack contents | 2025-01-02T00:00:00.000Z | 2025-01-19T00:00:00.000Z |
| msrc_cve-2024-12084 | Rsync: heap buffer overflow in rsync due to improper checksum length handling | 2025-01-02T00:00:00.000Z | 2025-01-25T00:00:00.000Z |
| msrc_cve-2024-11218 | Podman: buildah: container breakout by using --jobs=2 and a race condition when building a malicious containerfile | 2025-01-02T00:00:00.000Z | 2025-09-03T22:59:20.000Z |
| msrc_cve-2024-11187 | Many records in the additional section cause CPU exhaustion | 2025-01-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2024-10846 | Excessive Platform Resource Consumption within a Loop when unmarshalling Compose file having recursive loop | 2025-01-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2022-49043 | xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. | 2025-01-02T00:00:00.000Z | 2025-02-01T00:00:00.000Z |
| msrc_cve-2024-56756 | nvme-pci: fix freeing of the HMB descriptor table | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56755 | netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-56754 | crypto: caam - Fix the pointer passed to caam_qi_shutdown() | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56752 | drm/nouveau/gr/gf100: Fix missing unlock in gf100_gr_chan_new() | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-56751 | ipv6: release nexthop on device removal | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-56748 | scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56747 | scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56746 | fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56745 | PCI: Fix reset_method_store() memory leak | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56744 | f2fs: fix to avoid potential deadlock in f2fs_record_stop_reason() | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-56741 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56739 | rtc: check if __rtc_read_time was successful in rtc_timer_do_work() | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56738 | GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks. | 2024-12-02T00:00:00.000Z | 2025-09-03T22:01:43.000Z |
| msrc_cve-2024-56737 | GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem. | 2024-12-02T00:00:00.000Z | 2025-09-03T21:53:55.000Z |
| msrc_cve-2024-56732 | HarfBuzz heap-buffer-overflow on hb_cairo_glyphs_from_buffer | 2024-12-02T00:00:00.000Z | 2025-01-18T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2014-000075 | Cybozu Garoon vulnerable to cross-site scritping | 2014-07-15T14:45+09:00 | 2014-07-23T11:01+09:00 |
| jvndb-2014-000074 | Cybozu Garoon 3 API access restriction bypass vulnerability | 2014-07-15T14:45+09:00 | 2014-07-23T11:00+09:00 |
| jvndb-2014-000073 | Cybozu Garoon CGI vulnerable to remote command execution | 2014-07-15T14:44+09:00 | 2014-07-23T11:00+09:00 |
| jvndb-2014-000072 | Seasar S2Struts vulnerable to ClassLoader manipulation | 2014-07-15T14:44+09:00 | 2014-07-15T14:44+09:00 |
| jvndb-2014-000071 | Becky! Internet Mail vulnerable to buffer overflow | 2014-07-08T14:53+09:00 | 2014-07-10T17:05+09:00 |
| jvndb-2014-000066 | SX-2000WG vulnerable to denial-of-service (DoS) | 2014-07-02T15:20+09:00 | 2014-07-07T18:34+09:00 |
| jvndb-2014-000065 | SX-2000WG vulnerable to denial-of-service (DoS) | 2014-07-02T15:16+09:00 | 2014-07-07T18:28+09:00 |
| jvndb-2014-000069 | RockDisk vulnerable to cross-site scripting | 2014-07-02T14:40+09:00 | 2017-05-17T17:07+09:00 |
| jvndb-2014-000064 | Web Kyukincho vulnerable to cross-site request forgery | 2014-06-25T15:01+09:00 | 2014-07-01T16:07+09:00 |
| jvndb-2014-000063 | Web Kyukincho vulnerable to cross-site scripting | 2014-06-25T14:53+09:00 | 2014-07-01T16:08+09:00 |
| jvndb-2014-000062 | Login rebuilder vulnerable to cross-site request forgery | 2014-06-24T14:22+09:00 | 2014-06-24T14:22+09:00 |
| jvndb-2014-000061 | Sophos Disk Encryption vulnerable to authentication bypass | 2014-06-24T14:21+09:00 | 2014-06-26T17:46+09:00 |
| jvndb-2014-000060 | Webmin vulnerable to cross-site scripting | 2014-06-20T13:58+09:00 | 2014-07-23T11:00+09:00 |
| jvndb-2014-000059 | Webmin vulnerable to cross-site scripting | 2014-06-20T13:58+09:00 | 2014-07-23T10:59+09:00 |
| jvndb-2014-000058 | Usermin vulnerable to cross-site scripting | 2014-06-20T13:56+09:00 | 2014-07-23T10:59+09:00 |
| jvndb-2014-000057 | Usermin vulnerable to OS command injection | 2014-06-20T13:56+09:00 | 2014-06-24T13:44+09:00 |
| jvndb-2014-000050 | JR East Japan App for Android. contains an issue where it fails to verify SSL server certificates | 2014-06-18T14:57+09:00 | 2014-06-23T11:06+09:00 |
| jvndb-2014-000056 | TERASOLUNA Server Framework for Java(Web) vulnerable to ClassLoader manipulation | 2014-06-17T15:01+09:00 | 2015-01-22T15:50+09:00 |
| jvndb-2014-000049 | 050 plus for Android information management vulnerability | 2014-06-17T14:50+09:00 | 2014-06-23T11:03+09:00 |
| jvndb-2014-000055 | SEIL Series routers vulnerable to denial-of-service (DoS) | 2014-06-13T12:44+09:00 | 2014-06-17T16:11+09:00 |
| jvndb-2014-000054 | Spring Framework vulnerable to directory traversal | 2014-06-13T12:40+09:00 | 2016-06-23T13:45+09:00 |
| jvndb-2014-002802 | Xml eXternal Entity Vulnerability in XML link function of Hitachi COBOL2002 | 2014-06-12T11:43+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-002800 | Multiple Vulnerabilities in Hitachi Tuning Manager and JP1/Performance Management - Manager Web Option | 2014-06-12T11:43+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-000051 | C-BOARD Moyuku vulnerable to cross-site scripting | 2014-06-11T14:22+09:00 | 2014-06-17T16:22+09:00 |
| jvndb-2014-000053 | JustSystems Online Update Program bundled with JustSystems products vulnerable to arbitrary code execution | 2014-06-11T12:22+09:00 | 2014-06-17T16:25+09:00 |
| jvndb-2014-000048 | OpenSSL improper handling of Change Cipher Spec message | 2014-06-06T13:48+09:00 | 2016-12-27T11:49+09:00 |
| jvndb-2014-000046 | CN8000 vulnerable to denial-of-service (DoS) | 2014-06-04T14:37+09:00 | 2014-06-06T18:35+09:00 |
| jvndb-2014-000047 | SOY CMS vulnerable to cross-site scripting | 2014-06-04T14:32+09:00 | 2014-06-06T18:34+09:00 |
| jvndb-2014-000044 | intra-mart vulnerable to open redirect | 2014-05-08T12:46+09:00 | 2014-05-12T17:45+09:00 |
| jvndb-2014-000042 | Cybozu Garoon Phone Messages vulnerable to denial-of-service (DoS) | 2014-04-30T15:14+09:00 | 2014-05-14T10:50+09:00 |
| ID | Description | Updated |
|---|