Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-g482-6rxp-qvg7 | The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerabl… | 2025-11-07T06:30:28Z | 2025-11-07T06:30:28Z |
| ghsa-8ff8-c7j7-c996 | The Gravity Forms plugin for WordPress is vulnerable to arbitrary file uploads due to missing file … | 2025-11-07T06:30:28Z | 2025-11-07T06:30:28Z |
| ghsa-822f-xqj8-8w45 | The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerabl… | 2025-11-07T06:30:28Z | 2025-11-07T06:30:28Z |
| ghsa-w5cv-jqj9-8f97 | The LC Wizard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capabilit… | 2025-11-07T06:30:27Z | 2025-11-07T06:30:27Z |
| ghsa-xmq3-q5pm-rp26 | Nuxt DevTools vulnerable to cross-site scripting (XSS) | 2025-11-07T03:30:25Z | 2025-11-07T17:41:22Z |
| ghsa-rwvc-j5jr-mgvh | Vercel’s AI SDK's filetype whitelists can be bypassed when uploading files | 2025-11-07T03:30:25Z | 2025-11-07T17:39:02Z |
| ghsa-hxh9-cj4v-cqch | Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ve… | 2025-11-07T03:30:25Z | 2025-11-07T03:30:25Z |
| ghsa-phcq-jxj6-jpjq | A flaw was found in Red Hat Single Sign-On. This issue is an Open Redirect vulnerability that occur… | 2025-11-07T00:30:32Z | 2025-11-07T00:30:32Z |
| ghsa-jq2j-98mw-mwjp | Insufficient input sanitization in the dashboard label or path can allow an attacker to trigger a … | 2025-11-07T00:30:32Z | 2025-11-07T00:30:32Z |
| ghsa-j478-73x8-84h7 | Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to… | 2025-11-07T00:30:32Z | 2025-11-07T00:30:32Z |
| ghsa-xr3x-3m9h-jg3r | Use after free in Storage in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to exec… | 2025-11-07T00:30:31Z | 2025-11-07T00:30:31Z |
| ghsa-vfq4-w7v4-7pf6 | The Ubia camera ecosystem fails to adequately secure API credentials, potentially enabling an atta… | 2025-11-07T00:30:31Z | 2025-11-07T00:30:31Z |
| ghsa-v3m8-vp9c-jf57 | Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacke… | 2025-11-07T00:30:31Z | 2025-11-07T15:31:30Z |
| ghsa-r4vh-xfff-58mw | Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to… | 2025-11-07T00:30:31Z | 2025-11-07T00:30:31Z |
| ghsa-fxpm-h77m-v8vc | Heap buffer overflow in Sync in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to p… | 2025-11-07T00:30:31Z | 2025-11-07T15:31:29Z |
| ghsa-fmxg-92j4-7rhr | Use after free in Safe Browsing in Google Chrome prior to 141.0.7390.107 allowed a remote attacker … | 2025-11-07T00:30:31Z | 2025-11-07T15:31:30Z |
| ghsa-22f5-36q8-782w | Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to… | 2025-11-07T00:30:31Z | 2025-11-07T00:30:31Z |
| ghsa-xvxm-x86g-723r | Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed … | 2025-11-07T00:30:30Z | 2025-11-07T00:30:30Z |
| ghsa-vqr5-h29q-9xvm | Side-channel information leakage in Tab in Google Chrome prior to 141.0.7390.54 allowed a remote at… | 2025-11-07T00:30:30Z | 2025-11-07T15:31:29Z |
| ghsa-rrwf-2jcv-26f5 | Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed … | 2025-11-07T00:30:30Z | 2025-11-07T15:31:29Z |
| ghsa-rg69-q942-29mw | Inappropriate implementation in Media in Google Chrome on Windows prior to 141.0.7390.54 allowed a … | 2025-11-07T00:30:30Z | 2025-11-07T15:31:29Z |
| ghsa-p97f-m8c4-2pvc | Out of bounds read in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to po… | 2025-11-07T00:30:30Z | 2025-11-07T00:30:30Z |
| ghsa-823w-23rp-2jjx | Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a re… | 2025-11-07T00:30:30Z | 2025-11-07T15:31:29Z |
| ghsa-6rvp-82jr-vcfr | Inappropriate implementation in Media in Google Chrome prior to 141.0.7390.54 allowed a remote atta… | 2025-11-07T00:30:30Z | 2025-11-07T15:31:29Z |
| ghsa-5cxf-mxj6-wwf7 | Off by one error in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform… | 2025-11-07T00:30:30Z | 2025-11-07T15:31:29Z |
| ghsa-3x9v-3chp-c9cc | Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potential… | 2025-11-07T00:30:30Z | 2025-11-07T15:31:29Z |
| ghsa-vrf4-5hv4-fc3q | Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a remot… | 2025-11-07T00:30:29Z | 2025-11-07T00:30:29Z |
| ghsa-j64g-h2wj-jx5r | Heap buffer overflow in WebGPU in Google Chrome prior to 141.0.7390.54 allowed a remote attacker wh… | 2025-11-07T00:30:29Z | 2025-11-07T15:31:29Z |
| ghsa-7fc5-p6pg-8vrj | A flaw was found in the 3scale developer portal. This issue can allow account creation or updates p… | 2025-11-07T00:30:29Z | 2025-11-07T00:30:29Z |
| ghsa-62xm-7pjx-wfv7 | Heap buffer overflow in Video in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to … | 2025-11-07T00:30:29Z | 2025-11-07T15:31:29Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-4522 | IDonate 2.0.0 - 2.1.9 - Insecure Direct Object Referen… |
themeatelier |
IDonate – Blood Donation, Request And Donor Management System |
2025-11-07T04:28:54.987Z | 2025-11-07T14:55:14.133Z | |
| cve-2025-4519 | IDonate 2.1.5 - 2.1.9 - Missing Authorization to Authe… |
themeatelier |
IDonate – Blood Donation, Request And Donor Management System |
2025-11-07T04:28:54.561Z | 2025-11-07T14:55:39.666Z | |
| cve-2025-12352 | Gravity Forms <= 2.9.20 - Unauthenticated Arbitrary Fi… |
Gravity Forms |
Gravity Forms |
2025-11-07T04:28:53.882Z | 2025-11-07T17:41:19.665Z | |
| cve-2025-64329 | containerd CRI server: Host memory exhaustion through … |
containerd |
containerd |
2025-11-07T04:15:09.381Z | 2025-11-07T17:42:07.929Z | |
| cve-2025-64328 | FreePBX Administration GUI is Vulnerable to Authentica… |
FreePBX |
security-reporting |
2025-11-07T03:32:20.670Z | 2025-11-07T17:45:23.284Z | |
| cve-2025-5483 | LC Wizard 1.2.10 - 1.3.0 - Missing Authorization to Un… |
niaj |
Connector Wizard (formerly LC Wizard) |
2025-11-07T03:27:50.945Z | 2025-11-07T17:47:15.444Z | |
| cve-2025-64323 | kgateway is missing xDS authorization |
kgateway-dev |
kgateway |
2025-11-07T03:18:48.993Z | 2025-11-07T17:50:53.540Z | |
| cve-2025-64187 | OctoPrint is vulnerable to XSS through Action Command … |
OctoPrint |
OctoPrint |
2025-11-07T03:11:34.227Z | 2025-11-07T17:59:07.039Z | |
| cve-2025-64184 | Dosage vulnerable to Directory Traversal through craft… |
webcomics |
dosage |
2025-11-07T03:02:41.838Z | 2025-11-07T18:02:26.896Z | |
| cve-2025-64180 | Manager-io/Manager: Complete Bypass of SSRF Protection… |
Manager-io |
Manager |
2025-11-07T02:58:44.575Z | 2025-11-07T02:58:44.575Z | |
| cve-2025-11546 | 9.3 (v4.0) | CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 an… |
NEC Corporation |
CLUSTERPRO X for Linux (EXPRESSCLUSTER X for Linux) |
2025-11-07T01:09:08.662Z | 2025-11-07T18:29:57.236Z |
| cve-2025-48985 | A vulnerability in Vercel’s AI SDK has been fixed… |
Vercel |
AI SDK |
2025-11-07T00:43:28.027Z | 2025-11-07T18:35:24.238Z | |
| cve-2025-52662 | A vulnerability in Nuxt DevTools has been fixed i… |
Vercel |
Nuxt Devtools |
2025-11-07T00:43:27.913Z | 2025-11-07T18:39:49.230Z | |
| cve-2025-63785 | N/A | A DOM-based Cross-Site Scripting (XSS) vulnerabil… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T16:33:57.050Z |
| cve-2025-63784 | N/A | An Open Redirect vulnerability exists in the OAut… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T16:13:38.874Z |
| cve-2025-63783 | N/A | A Broken Object Level Authorization (BOLA) vulner… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T16:00:11.579Z |
| cve-2025-63718 | N/A | A SQL injection vulnerability exists in the Sourc… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T17:55:22.678Z |
| cve-2025-63717 | N/A | The change password functionality at /pet_groomin… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T18:07:27.624Z |
| cve-2025-63716 | N/A | The SourceCodester Leads Manager Tool v1.0 is vul… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T17:59:53.884Z |
| cve-2025-63714 | N/A | Cross-Site Scripting (XSS) vulnerability in Sourc… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T17:49:53.651Z |
| cve-2025-63713 | N/A | Cross-Site Scripting (XSS) vulnerability in Sourc… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T17:54:00.607Z |
| cve-2025-63691 | N/A | In pig-mesh In Pig version 3.8.2 and below, withi… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T18:49:24.568Z |
| cve-2025-63690 | N/A | In pig-mesh Pig versions 3.8.2 and below, when se… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T18:41:28.538Z |
| cve-2025-63689 | N/A | Multiple SQL injection vulnerabilitites in ycf199… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T15:59:41.661Z |
| cve-2025-63687 | N/A | An issue was discovered in rymcu forest thru comm… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T15:43:28.239Z |
| cve-2025-63686 | N/A | There is an arbitrary file download vulnerability… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T15:49:04.881Z |
| cve-2025-63640 | N/A | Sourcecodester Medicine Reminder App v1.0 is vuln… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T20:04:03.155Z |
| cve-2025-63639 | N/A | The chat feature in the application Sourcecodeste… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T20:05:36.270Z |
| cve-2025-63638 | N/A | Sourcecodester AI-Powered To-Do List App v1.0 is … |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T19:51:24.031Z |
| cve-2025-63544 | N/A | TechStore 1.0 is vulnerable to Cross Site Scripti… |
n/a |
n/a |
2025-11-07T00:00:00.000Z | 2025-11-07T20:28:22.998Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-53409 | 4.9 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:14:44.914Z | 2025-11-07T15:56:12.638Z |
| cve-2025-53408 | 1.3 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:15:11.361Z | 2025-11-07T15:43:49.566Z |
| cve-2025-52865 | 1.3 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:15:20.701Z | 2025-11-07T15:55:41.114Z |
| cve-2025-52425 | 9.5 (v4.0) | QuMagie |
QNAP Systems Inc. |
QuMagie |
2025-11-07T15:15:57.937Z | 2025-11-07T15:55:26.440Z |
| cve-2025-47207 | 5.3 (v4.0) | File Station 5 |
QNAP Systems Inc. |
File Station 5 |
2025-11-07T15:16:08.604Z | 2025-11-07T15:56:40.737Z |
| cve-2025-12861 | DedeBIZ spec_add.php sql injection |
n/a |
DedeBIZ |
2025-11-07T16:02:05.050Z | 2025-11-07T19:25:27.663Z | |
| cve-2025-12860 | DedeBIZ freelist_main.php sql injection |
n/a |
DedeBIZ |
2025-11-07T15:02:08.895Z | 2025-11-07T20:42:56.659Z | |
| cve-2025-12859 | DedeBIZ templets_one_edit.php sql injection |
n/a |
DedeBIZ |
2025-11-07T15:02:06.353Z | 2025-11-07T20:42:21.782Z | |
| cve-2025-34299 | 9.3 (v4.0) | Monsta FTP <= 2.11 Unauthenticated Arbitrary File Upload |
Monsta Limited of New Zealand |
Monsta FTP |
2025-11-07T13:51:33.738Z | 2025-11-07T19:20:52.087Z |
| cve-2025-12857 | code-projects Responsive Hotel Site roombook.php sql i… |
code-projects |
Responsive Hotel Site |
2025-11-07T14:02:06.372Z | 2025-11-07T14:45:22.090Z | |
| cve-2025-12856 | code-projects Responsive Hotel Site reservation.php sq… |
code-projects |
Responsive Hotel Site |
2025-11-07T13:32:08.786Z | 2025-11-07T17:19:51.164Z | |
| cve-2025-12855 | code-projects Responsive Hotel Site newsletterdel.php … |
code-projects |
Responsive Hotel Site |
2025-11-07T13:32:06.643Z | 2025-11-07T15:57:29.740Z | |
| cve-2025-12854 | newbee-mall-plus seckillExecution executeSeckill autho… |
n/a |
newbee-mall-plus |
2025-11-07T12:32:09.758Z | 2025-11-07T13:04:37.110Z | |
| cve-2025-12853 | SourceCodester Best House Rental Management System adm… |
SourceCodester |
Best House Rental Management System |
2025-11-07T12:32:07.272Z | 2025-11-07T13:07:26.074Z | |
| cve-2025-10968 | 8.8 (v3.1) | SQLi in GG Soft's PaperWork |
GG Soft Software Services Inc. |
PaperWork |
2025-11-07T13:08:41.209Z | 2025-11-07T13:22:39.031Z |
| cve-2025-10870 | 9.3 (v4.0) | SQL injection in DIAL's CentrosNet |
DIAL |
CentrosNet |
2025-11-07T09:26:39.503Z | 2025-11-07T12:09:38.397Z |
| cve-2025-46413 | 4.3 (v3.0) 5.3 (v4.0) | Use of password hash with insufficient computatio… |
BUFFALO INC. |
WSR-1800AX4 |
2025-11-07T08:51:52.847Z | 2025-11-07T13:15:18.610Z |
| cve-2025-10966 | N/A | missing SFTP host verification with wolfSSH |
curl |
curl |
2025-11-07T07:26:30.351Z | 2025-11-07T08:05:50.150Z |
| cve-2025-64346 | archives: Improper Limitation of a Pathname to a Restr… |
jaredallard |
archives |
2025-11-07T05:32:09.605Z | 2025-11-07T13:19:52.595Z | |
| cve-2025-64343 | (conda) Constructor: Excessive permissions during and … |
conda |
constructor |
2025-11-07T05:20:38.659Z | 2025-11-07T17:24:38.228Z | |
| cve-2025-64339 | ClipBucket v5: Stored XSS Vulnerability in Manage Playlists |
MacWarrior |
clipbucket-v5 |
2025-11-07T05:12:37.704Z | 2025-11-07T17:33:46.877Z | |
| cve-2025-12527 | Page & Post Notes <= 1.3.4 - Missing Authorization to … |
yydevelopment |
Page & Post Notes |
2025-11-07T05:29:58.432Z | 2025-11-07T13:22:13.626Z | |
| cve-2025-12520 | WP Airbnb Review Slider <= 4.2 - Authenticated (Admin+… |
jgwhite33 |
WP Airbnb Review Slider |
2025-11-07T05:29:57.900Z | 2025-11-07T13:25:00.440Z | |
| cve-2025-64338 | N/A | {'providerMetadata': {'orgId': 'a0819718-46f1-4df5-94e2-005712e83aaa', 'shortName': 'GitHub_M', 'dateUpdated': '2025-11-07T04:47:32.424Z'}, 'rejectedReasons': [{'lang': 'en', 'value': 'This CVE is a duplicate of another CVE.'}], 'replacedBy': ['CVE-2025-64336']} | N/A | N/A | 2025-11-07T04:47:32.424Z | |
| cve-2025-64336 | ClipBucket v5's Manage Photo Feature is Vulnerable to … |
MacWarrior |
clipbucket-v5 |
2025-11-07T04:32:10.401Z | 2025-11-07T17:38:36.524Z | |
| cve-2025-64329 | containerd CRI server: Host memory exhaustion through … |
containerd |
containerd |
2025-11-07T04:15:09.381Z | 2025-11-07T17:42:07.929Z | |
| cve-2025-4522 | IDonate 2.0.0 - 2.1.9 - Insecure Direct Object Referen… |
themeatelier |
IDonate – Blood Donation, Request And Donor Management System |
2025-11-07T04:28:54.987Z | 2025-11-07T14:55:14.133Z | |
| cve-2025-4519 | IDonate 2.1.5 - 2.1.9 - Missing Authorization to Authe… |
themeatelier |
IDonate – Blood Donation, Request And Donor Management System |
2025-11-07T04:28:54.561Z | 2025-11-07T14:55:39.666Z | |
| cve-2025-12352 | Gravity Forms <= 2.9.20 - Unauthenticated Arbitrary Fi… |
Gravity Forms |
Gravity Forms |
2025-11-07T04:28:53.882Z | 2025-11-07T17:41:19.665Z | |
| cve-2025-64328 | FreePBX Administration GUI is Vulnerable to Authentica… |
FreePBX |
security-reporting |
2025-11-07T03:32:20.670Z | 2025-11-07T17:45:23.284Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-54990 | Malicious code in surya-miemee23-sukiwir (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54989 | Malicious code in surya-mieayam84-riris (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54988 | Malicious code in surya-mie79-miaww (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54987 | Malicious code in surya-mendoan66-riris (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54986 | Malicious code in surya-lupis73-sluey (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54985 | Malicious code in surya-lupis42-riris (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54984 | Malicious code in surya-lepet98-riris (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54983 | Malicious code in surya-lepet40-riris (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54982 | Malicious code in surya-lapis63-ruro (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54981 | Malicious code in surya-lapis51-riris (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54980 | Malicious code in surya-kue94-miaww (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54979 | Malicious code in surya-kue1-ruro (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54978 | Malicious code in surya-ketan89-breki (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54977 | Malicious code in surya-ketan68-breki (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54976 | Malicious code in surya-keraktelor91-ruro (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54975 | Malicious code in surya-kembang75-miaww (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54974 | Malicious code in surya-kacang87-breki (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54973 | Malicious code in surya-kacang59-sukiwir (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54972 | Malicious code in surya-jus52-sluey (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54971 | Malicious code in surya-jamblang16-sluey (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54970 | Malicious code in surya-gulai62-sukiwir (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54969 | Malicious code in surya-gorengan96-sluey (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54968 | Malicious code in surya-getuk52-sluey (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54967 | Malicious code in surya-gembus49-miaww (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54966 | Malicious code in surya-enting65-sluey (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54965 | Malicious code in surya-enting21-miaww (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54964 | Malicious code in surya-donat46-miaww (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54963 | Malicious code in surya-dodol93-sukiwir (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54962 | Malicious code in surya-dodol85-sukiwir (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54961 | Malicious code in surya-buburayam84-miaww (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2023-2119 | Python: Mehrere Schwachstellen | 2023-08-22T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2023-1882 | Linux Kernel: Mehrere Schwachstellen | 2023-07-25T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2023-1666 | Linux Kernel: Mehrere Schwachstellen | 2023-07-05T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2023-1542 | Red Hat OpenShift: Mehrere Schwachstellen | 2023-06-22T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2023-0780 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2023-03-27T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2023-0637 | Linux Kernel: Schwachstelle ermöglicht Offenlegung von Informationen | 2023-03-13T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2023-0611 | Red Hat JBoss Enterprise Application Platform: Schwachstelle ermöglicht Denial of Service | 2023-03-09T23:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2023-0433 | Apache Commons und Apache Tomcat: Schwachstelle ermöglicht Denial of Service | 2023-02-20T23:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2023-0328 | Red Hat OpenShift: Mehrere Schwachstellen | 2023-02-09T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2022-1964 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2022-11-06T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2022-1792 | Linux Kernel: Mehrere Schwachstellen | 2022-10-18T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2022-1374 | Linux Kernel: Mehrere Schwachstellen | 2022-09-11T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2022-1186 | Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation | 2022-08-24T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2022-0782 | Apple iOS: Mehrere Schwachstellen | 2022-07-20T22:00:00.000+00:00 | 2025-10-20T22:00:00.000+00:00 |
| wid-sec-w-2022-0778 | Apple macOS: Mehrere Schwachstellen | 2022-07-20T22:00:00.000+00:00 | 2025-10-20T22:00:00.000+00:00 |
| wid-sec-w-2022-1197 | git: Schwachstelle ermöglicht Codeausführung | 2021-05-13T22:00:00.000+00:00 | 2025-11-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2440 | Red Hat JBoss Enterprise Application Platform: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes | 2015-11-22T23:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:18815 | Red Hat Security Advisory: java-1.8.0-openjdk security update | 2025-10-23T20:02:03+00:00 | 2025-11-06T23:42:39+00:00 |
| rhsa-2025:19012 | Red Hat Security Advisory: libssh security update | 2025-10-23T20:00:32+00:00 | 2025-11-06T23:42:39+00:00 |
| rhsa-2025:19088 | Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage | 2025-10-23T19:26:05+00:00 | 2025-11-06T23:15:11+00:00 |
| rhsa-2025:19077 | Red Hat Security Advisory: Streams for Apache Kafka 2.9.3 release and security update | 2025-10-23T17:50:39+00:00 | 2025-11-06T23:42:39+00:00 |
| rhsa-2025:18240 | Red Hat Security Advisory: OpenShift Container Platform 4.13.61 bug fix and security update | 2025-10-23T17:46:13+00:00 | 2025-11-07T18:35:57+00:00 |
| rhsa-2025:18996 | Red Hat Security Advisory: redis security update | 2025-10-23T09:28:31+00:00 | 2025-11-06T23:42:38+00:00 |
| rhsa-2025:18997 | Red Hat Security Advisory: redis security update | 2025-10-23T08:32:16+00:00 | 2025-11-06T23:42:39+00:00 |
| rhsa-2025:18241 | Red Hat Security Advisory: OpenShift Container Platform 4.13.61 bug fix and security update | 2025-10-23T03:23:41+00:00 | 2025-11-07T16:34:41+00:00 |
| rhsa-2025:18242 | Red Hat Security Advisory: OpenShift Container Platform 4.13.61 security and extras update | 2025-10-23T02:52:48+00:00 | 2025-11-10T01:32:53+00:00 |
| rhsa-2025:18814 | Red Hat Security Advisory: java-1.8.0-openjdk security update | 2025-10-22T22:15:50+00:00 | 2025-11-06T23:42:34+00:00 |
| rhsa-2025:18824 | Red Hat Security Advisory: java-21-openjdk security update | 2025-10-22T20:28:30+00:00 | 2025-11-06T23:42:40+00:00 |
| rhsa-2025:18821 | Red Hat Security Advisory: java-17-openjdk security update | 2025-10-22T20:08:41+00:00 | 2025-11-06T23:42:35+00:00 |
| rhsa-2025:18983 | Red Hat Security Advisory: thunderbird security update | 2025-10-22T19:56:34+00:00 | 2025-11-10T02:21:04+00:00 |
| rhsa-2025:18823 | Red Hat Security Advisory: OpenJDK 17.0.17 Security Update for Windows Builds | 2025-10-22T19:49:16+00:00 | 2025-11-06T23:42:36+00:00 |
| rhsa-2025:18822 | Red Hat Security Advisory: OpenJDK 17.0.17 Security Update for Portable Linux Builds | 2025-10-22T19:48:16+00:00 | 2025-11-06T23:42:36+00:00 |
| rhsa-2025:18825 | Red Hat Security Advisory: OpenJDK 21.0.9 Security Update for Portable Linux Builds | 2025-10-22T19:48:10+00:00 | 2025-11-06T23:42:36+00:00 |
| rhsa-2025:18826 | Red Hat Security Advisory: OpenJDK 21.0.9 Security Update for Windows Builds | 2025-10-22T19:46:43+00:00 | 2025-11-06T23:42:36+00:00 |
| rhsa-2025:18816 | Red Hat Security Advisory: OpenJDK 8u472 Security Update for Portable Linux Builds | 2025-10-22T19:45:52+00:00 | 2025-11-06T23:42:34+00:00 |
| rhsa-2025:18817 | Red Hat Security Advisory: OpenJDK 8u472 Windows Security Update | 2025-10-22T19:45:40+00:00 | 2025-11-06T23:42:37+00:00 |
| rhsa-2025:18984 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Container Release Update | 2025-10-22T16:41:24+00:00 | 2025-11-06T23:42:37+00:00 |
| rhsa-2025:18989 | Red Hat Security Advisory: RHOAI 2.25.0 - Red Hat OpenShift AI | 2025-10-22T16:01:19+00:00 | 2025-11-07T20:55:56+00:00 |
| rhsa-2025:18979 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update | 2025-10-22T13:21:59+00:00 | 2025-11-06T23:42:37+00:00 |
| rhsa-2025:18217 | Red Hat Security Advisory: OpenShift Container Platform 4.19.17 bug fix and security update | 2025-10-22T06:20:41+00:00 | 2025-11-07T18:35:56+00:00 |
| rhsa-2025:18218 | Red Hat Security Advisory: OpenShift Container Platform 4.17.42 bug fix and security update | 2025-10-22T05:09:35+00:00 | 2025-11-07T18:35:56+00:00 |
| rhsa-2025:18932 | Red Hat Security Advisory: kernel security update | 2025-10-22T00:27:35+00:00 | 2025-11-08T07:17:30+00:00 |
| rhsa-2025:18931 | Red Hat Security Advisory: redis:7 security update | 2025-10-21T23:58:45+00:00 | 2025-11-06T23:42:37+00:00 |
| rhsa-2025:18890 | Red Hat Security Advisory: Red Hat build of Keycloak 26.2.10 Security Update | 2025-10-21T17:13:31+00:00 | 2025-11-07T18:35:57+00:00 |
| rhsa-2025:18889 | Red Hat Security Advisory: Red Hat build of Keycloak 26.2.10 Images Security Update | 2025-10-21T17:09:36+00:00 | 2025-11-07T18:35:57+00:00 |
| rhsa-2025:15397 | Red Hat Security Advisory: OpenShift Container Platform 4.20.0 bug fix and security update | 2025-10-21T14:50:28+00:00 | 2025-11-07T18:37:06+00:00 |
| rhsa-2025:18233 | Red Hat Security Advisory: OpenShift Container Platform 4.19.17 bug fix and security update | 2025-10-21T13:18:19+00:00 | 2025-11-06T22:56:38+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-39955 | tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). | 2025-10-02T00:00:00.000Z | 2025-10-10T01:02:17.000Z |
| msrc_cve-2025-39953 | cgroup: split cgroup_destroy_wq into 3 workqueues | 2025-10-02T00:00:00.000Z | 2025-10-05T01:03:03.000Z |
| msrc_cve-2025-39952 | wifi: wilc1000: avoid buffer overflow in WID string configuration | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:53.000Z |
| msrc_cve-2025-39951 | um: virtio_uml: Fix use-after-free after put_device in probe | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:32.000Z |
| msrc_cve-2025-39949 | qed: Don't collect too many protection override GRC elements | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:48.000Z |
| msrc_cve-2025-39947 | net/mlx5e: Harden uplink netdev access against device unbind | 2025-10-02T00:00:00.000Z | 2025-10-05T01:03:29.000Z |
| msrc_cve-2025-39946 | tls: make sure to abort the stream if headers are bogus | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:22.000Z |
| msrc_cve-2025-39945 | cnic: Fix use-after-free bugs in cnic_delete_task | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:58.000Z |
| msrc_cve-2025-39944 | octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() | 2025-10-02T00:00:00.000Z | 2025-10-05T01:03:24.000Z |
| msrc_cve-2025-39943 | ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:27.000Z |
| msrc_cve-2025-39942 | ksmbd: smbdirect: verify remaining_data_length respects max_fragmented_recv_size | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:17.000Z |
| msrc_cve-2025-39940 | dm-stripe: fix a possible integer overflow | 2025-10-02T00:00:00.000Z | 2025-10-05T01:03:14.000Z |
| msrc_cve-2025-39938 | ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:11.000Z |
| msrc_cve-2025-39937 | net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:37.000Z |
| msrc_cve-2025-39934 | drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:01.000Z |
| msrc_cve-2025-39933 | smb: client: let recv_done verify data_offset, data_length and remaining_data_length | 2025-10-02T00:00:00.000Z | 2025-10-05T01:03:08.000Z |
| msrc_cve-2025-39932 | smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work) | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:43.000Z |
| msrc_cve-2025-39931 | crypto: af_alg - Set merge to zero early in af_alg_sendmsg | 2025-10-02T00:00:00.000Z | 2025-10-05T01:03:19.000Z |
| msrc_cve-2025-39929 | smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:06.000Z |
| msrc_cve-2025-39927 | ceph: fix race condition validating r_parent before applying state | 2025-10-02T00:00:00.000Z | 2025-10-02T01:06:25.000Z |
| msrc_cve-2025-39925 | can: j1939: implement NETDEV_UNREGISTER notification handler | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:16.000Z |
| msrc_cve-2025-39923 | dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:11.000Z |
| msrc_cve-2025-39920 | pcmcia: Add error handling for add_interval() in do_validate_mem() | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:50.000Z |
| msrc_cve-2025-39916 | mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters() | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:03.000Z |
| msrc_cve-2025-39914 | tracing: Silence warning when chunk allocation fails in trace_pid_write | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:27.000Z |
| msrc_cve-2025-39913 | tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:55.000Z |
| msrc_cve-2025-39911 | i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:45.000Z |
| msrc_cve-2025-39910 | mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc() | 2025-10-02T00:00:00.000Z | 2025-10-02T01:06:52.000Z |
| msrc_cve-2025-39909 | mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() | 2025-10-02T00:00:00.000Z | 2025-10-02T01:06:47.000Z |
| msrc_cve-2025-39907 | mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer | 2025-10-02T00:00:00.000Z | 2025-10-02T01:08:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-001238 | Multiple out-of-bounds write vulnerabilities in Canon Office/Small Office Multifunction Printers and Laser Printers | 2025-01-29T13:41+09:00 | 2025-05-27T16:06+09:00 |
| jvndb-2025-000006 | WordPress Plugin "Simple Image Sizes" vulnerable to cross-site scripting | 2025-01-28T13:44+09:00 | 2025-01-28T13:44+09:00 |
| jvndb-2025-000005 | EXIF Viewer Classic vulnerable to cross-site scripting | 2025-01-27T14:25+09:00 | 2025-01-27T14:25+09:00 |
| jvndb-2025-000004 | Multiple vulnerabilities in I-O DATA router UD-LT2 | 2025-01-22T13:55+09:00 | 2025-02-20T15:55+09:00 |
| jvndb-2025-000003 | FortiWeb vulnerable to SQL injection | 2025-01-21T15:59+09:00 | 2025-01-21T15:59+09:00 |
| jvndb-2025-001027 | Linux Ratfor vulnerable to stack-based buffer overflow | 2025-01-16T13:27+09:00 | 2025-01-16T13:27+09:00 |
| jvndb-2025-000001 | PLANEX COMMUNICATIONS MZK-DP300N vulnerable to cross-site scripting | 2025-01-08T17:08+09:00 | 2025-01-08T17:08+09:00 |
| jvndb-2024-015471 | Trend Micro Deep Security 20.0 Agent (for Windows) vulnerable to uncontrolled search path element | 2024-12-25T11:28+09:00 | 2024-12-25T11:28+09:00 |
| jvndb-2024-015393 | Multiple security updates for Trend Micro Apex One and Apex One as a Service (December 2024) | 2024-12-23T12:52+09:00 | 2024-12-23T12:52+09:00 |
| jvndb-2024-014918 | Authentication Bypass Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2024-12-17T15:23+09:00 | 2024-12-17T15:23+09:00 |
| jvndb-2024-000128 | Multiple vulnerabilities in SHARP routers | 2024-12-17T07:54+09:00 | 2024-12-17T07:54+09:00 |
| jvndb-2024-000127 | "Shonen Jump+" App for Android fails to restrict custom URL schemes properly | 2024-12-16T15:07+09:00 | 2024-12-16T15:07+09:00 |
| jvndb-2024-014825 | WordPress Plugin "My WP Customize Admin/Frontend" vulnerable to cross-site scripting | 2024-12-16T13:57+09:00 | 2024-12-16T13:57+09:00 |
| jvndb-2024-014793 | Multiple vulnerabilities in FXC AE1021 and AE1021PE | 2024-12-16T11:51+09:00 | 2024-12-16T11:51+09:00 |
| jvndb-2024-014079 | Trend Micro Deep Security Agent for Windows and Deep Security Notifier on DSVA vulnerable to OS command injection | 2024-12-06T12:11+09:00 | 2024-12-06T12:11+09:00 |
| jvndb-2024-000125 | Multiple vulnerabilities in I-O DATA routers UD-LT1 and UD-LT1/EX | 2024-12-04T15:22+09:00 | 2024-12-18T15:20+09:00 |
| jvndb-2024-000124 | Multiple vulnerabilities in UNIVERGE IX/IX-R/IX-V series routers | 2024-12-02T16:38+09:00 | 2024-12-02T16:38+09:00 |
| jvndb-2024-000123 | Multiple FCNT Android devices vulnerable to authentication bypass | 2024-11-29T15:30+09:00 | 2024-11-29T15:30+09:00 |
| jvndb-2024-013702 | Multiple vulnerabilities in FUJI ELECTRIC products | 2024-11-29T14:42+09:00 | 2024-11-29T14:42+09:00 |
| jvndb-2024-000122 | HAProxy vulnerable to HTTP request/response smuggling | 2024-11-27T14:36+09:00 | 2024-11-27T14:36+09:00 |
| jvndb-2024-000121 | WordPress Plugin "WP Admin UI Customize" vulnerable to cross-site scripting | 2024-11-26T13:57+09:00 | 2024-11-26T13:57+09:00 |
| jvndb-2024-013260 | Multiple vulnerabilities in Edgecross Basic Software for Windows | 2024-11-22T10:59+09:00 | 2025-11-04T16:41+09:00 |
| jvndb-2024-000120 | "Kura Sushi Official App Produced by EPARK" for Android uses a hard-coded cryptographic key | 2024-11-20T13:56+09:00 | 2024-11-20T13:56+09:00 |
| jvndb-2024-012941 | Multiple vulnerabilities in Rakuten Turbo 5G | 2024-11-19T10:41+09:00 | 2024-11-19T10:41+09:00 |
| jvndb-2024-000119 | Multiple vulnerabilities in FitNesse | 2024-11-15T13:37+09:00 | 2024-11-20T11:18+09:00 |
| jvndb-2024-012461 | Multiple vulnerabilities in SoftBank Mesh Wi-Fi router RP562B | 2024-11-13T14:26+09:00 | 2024-11-26T16:11+09:00 |
| jvndb-2024-000118 | WordPress Plugin "VK All in One Expansion Unit" vulnerable to cross-site scripting | 2024-11-13T13:50+09:00 | 2024-11-13T13:50+09:00 |
| jvndb-2024-012017 | Trend Micro Deep Security 20 Agent for Windows vulnerable to improper access control | 2024-11-06T11:00+09:00 | 2024-11-06T11:00+09:00 |
| jvndb-2024-011833 | Incorrect authorization vulnerability in OMRON Sysmac Studio | 2024-11-05T15:29+09:00 | 2024-11-05T15:29+09:00 |
| jvndb-2024-011747 | Command injection vulnerability in Trend Micro Cloud Edge | 2024-11-01T14:28+09:00 | 2024-11-01T14:28+09:00 |
| ID | Description | Updated |
|---|