Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-xrw9-r35x-x878 | Zitadel allows brute-forcing authentication factors | 2025-10-29T22:21:05Z | 2025-11-05T22:13:38Z |
| ghsa-mwmh-7px9-4c23 | ZITADEL Vulnerable to Account Takeover via Malicious Forwarded Header Injection | 2025-10-29T22:20:50Z | 2025-11-05T22:13:14Z |
| ghsa-grjp-54v3-c442 | OpenUSD File Parsing Use-After-Free Remote Code Execution Vulnerability | 2025-10-29T22:13:03Z | 2025-10-29T22:13:03Z |
| ghsa-pqhf-p39g-3x64 | uv allows ZIP payload obfuscation through parsing differentials | 2025-10-29T22:12:57Z | 2025-10-29T22:12:57Z |
| ghsa-2hvh-cw5c-8q8q | CKAN vulnerable to fixed session IDs | 2025-10-29T21:49:14Z | 2025-10-29T21:49:15Z |
| ghsa-3m8r-w7xg-jqvw | DNN Insufficient Access Control - Image Upload allows for Site Content Overwrite | 2025-10-29T21:48:52Z | 2025-10-29T21:48:52Z |
| ghsa-hmvq-8p83-cq52 | DNN vulnerable to stored cross-site-scripting (XSS) via SVG upload | 2025-10-29T21:47:49Z | 2025-10-29T21:47:49Z |
| ghsa-2374-6cvw-qmx6 | DNN CKEditor Provider allows unauthenticated upload out-of-the-box | 2025-10-29T21:44:28Z | 2025-10-29T21:44:28Z |
| ghsa-x73c-96p4-3xvv | Razer Synapse 3 RazerPhilipsHueUninstall Link Following Local Privilege Escalation Vulnerability. T… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-wv7v-cchq-8fjh | GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerab… | 2025-10-29T21:30:33Z | 2025-11-04T03:30:26Z |
| ghsa-w4vf-cc4x-mpjq | LiteLLM Information health API_KEY Information Disclosure Vulnerability. This vulnerability allows … | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-r6ww-7hxw-68c6 | memoQ 10.1.13.ef1b2b52aae and earlier contains an unquoted service path vulnerability in the memoQ … | 2025-10-29T21:30:33Z | 2025-10-30T15:32:34Z |
| ghsa-qg28-3m9m-fp3g | GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allow… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-q3g4-86cm-rj2h | Allegra DatabaseBackupBL Directory Traversal Information Disclosure Vulnerability. This vulnerabili… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-pcf6-9gh3-h6jw | Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulne… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-p2c7-54v2-7989 | win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability. This v… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-j494-wrfm-4v9c | Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability. This vulnerab… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-9p8c-493c-qp6m | GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerab… | 2025-10-29T21:30:33Z | 2025-11-03T18:31:51Z |
| ghsa-9cpj-q6fm-2g3q | Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability. This vul… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-6xj8-rrqx-r4cv | MLflow Weak Password Requirements Authentication Bypass Vulnerability | 2025-10-29T21:30:33Z | 2025-11-05T16:09:13Z |
| ghsa-6v3v-9p87-2gg6 | Insecure Direct Object Reference (IDOR) in /tenants/{id} API endpoint in Inforcer Platform version … | 2025-10-29T21:30:33Z | 2025-10-30T15:32:34Z |
| ghsa-6pqm-mccv-6977 | GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerab… | 2025-10-29T21:30:33Z | 2025-11-03T18:31:51Z |
| ghsa-69mp-wcfm-5322 | GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulner… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-68v9-mpj8-43v9 | Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability. This vulner… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-5cvj-7rg6-jggj | MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability | 2025-10-29T21:30:33Z | 2025-11-05T16:12:40Z |
| ghsa-4hq6-c566-v4h6 | GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability all… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-3r6w-f62x-hc2h | D-Link DNS-343 ShareCenter devices running firmware versions up to and including 1.05 contain a com… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-2x5h-7fq5-8m9f | GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability … | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-2r4p-cp55-g7gf | Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability… | 2025-10-29T21:30:33Z | 2025-10-29T21:30:33Z |
| ghsa-wcxf-jmjh-x27q | To trigger the issue, three configuration parameters must have specific settings: "hostname-char-se… | 2025-10-29T18:30:35Z | 2025-11-05T00:31:31Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-61118 | N/A | mCarFix Motorists App version 2.3 (package name c… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:45:29.185Z |
| cve-2025-61117 | N/A | Senza: Keto & Fasting Android App version 2.10.15… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:44:23.402Z |
| cve-2025-61116 | N/A | AdForest - Classified Android App version 4.0.12 … |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:41:17.147Z |
| cve-2025-61115 | N/A | ABC Fine Wine & Spirits Android App version v.11.… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:42:34.709Z |
| cve-2025-61114 | N/A | 2nd Line Android App version v1.2.92 and before (… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:46:47.109Z |
| cve-2025-61113 | N/A | TalkTalk 3.3.6 Android App contains improper acce… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:40:07.750Z |
| cve-2025-60950 | N/A | An arbitrary file upload vulnerability in the Dat… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:55:24.054Z |
| cve-2025-60319 | N/A | PerfreeBlog v4.0.11 is vulnerable to Server-Side … |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:51:08.362Z |
| cve-2025-57109 | N/A | Kitware VTK (Visualization Toolkit) 9.5.0 is vuln… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T20:56:40.033Z |
| cve-2025-56313 | N/A | A Reflected Cross-Site Scripting (XSS) vulnerabil… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-30T18:22:04.335Z |
| cve-2025-52180 | N/A | Cross-site scripting (XSS) vulnerability in Zucch… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-10-31T19:32:37.108Z |
| cve-2025-52179 | N/A | Cross-site scripting (XSS) vulnerability in Zucch… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-11-03T20:36:53.894Z |
| cve-2025-50739 | N/A | iib0011 omni-tools v0.4.0 is vulnerable to remote… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-11-04T15:45:10.590Z |
| cve-2025-50736 | N/A | An open redirect vulnerability exists in Byaidu P… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-11-04T15:46:51.400Z |
| cve-2025-50574 | N/A | Cross-site scripting (XSS) vulnerability in blog-… |
n/a |
n/a |
2025-10-30T00:00:00.000Z | 2025-11-04T15:42:06.733Z |
| cve-2025-62257 | 6.3 (v4.0) | Password enumeration vulnerability in Liferay Por… |
Liferay |
Portal |
2025-10-29T23:24:42.740Z | 2025-10-30T17:41:13.870Z |
| cve-2025-12466 | N/A | Simple OAuth (OAuth2) & OpenID Connect - Critical - Ac… |
Drupal |
Simple OAuth (OAuth2) & OpenID Connect |
2025-10-29T23:14:51.343Z | 2025-10-30T14:38:59.887Z |
| cve-2025-12083 | N/A | CivicTheme Design System - Moderately critical - Cross… |
Drupal |
CivicTheme Design System |
2025-10-29T23:14:33.900Z | 2025-10-30T14:40:11.746Z |
| cve-2025-12082 | N/A | CivicTheme Design System - Moderately critical - Infor… |
Drupal |
CivicTheme Design System |
2025-10-29T23:14:19.017Z | 2025-10-30T14:41:28.623Z |
| cve-2025-10929 | N/A | Reverse Proxy Header - Less critical - Access bypass -… |
Drupal |
Reverse Proxy Header |
2025-10-29T23:14:07.047Z | 2025-10-30T13:31:48.665Z |
| cve-2025-10930 | N/A | Currency - Moderately critical - Cross Site Request Fo… |
Drupal |
Currency |
2025-10-29T23:13:54.547Z | 2025-10-30T13:27:10.721Z |
| cve-2025-10931 | N/A | Umami Analytics - Moderately critical - Cross Site Scr… |
Drupal |
Umami Analytics |
2025-10-29T23:13:40.417Z | 2025-10-30T14:15:53.377Z |
| cve-2025-10928 | N/A | Access code - Moderately critical - Access bypass - SA… |
Drupal |
Access code |
2025-10-29T23:13:25.064Z | 2025-10-30T13:07:25.555Z |
| cve-2025-10927 | N/A | Plausible tracking - Moderately critical - Cross Site … |
Drupal |
Plausible tracking |
2025-10-29T23:13:12.338Z | 2025-10-30T14:42:43.207Z |
| cve-2025-10926 | N/A | JSON Field - Critical - Cross Site Scripting - SA-CONT… |
Drupal |
JSON Field |
2025-10-29T23:12:56.914Z | 2025-10-30T14:43:55.094Z |
| cve-2025-9954 | N/A | Acquia DAM - Moderately critical - Access bypass, Info… |
Drupal |
Acquia DAM |
2025-10-29T23:12:41.751Z | 2025-10-30T14:45:16.263Z |
| cve-2025-54549 | 5.9 (v3.1) | Cryptographic validation of upgrade images could be ci… |
Arista Networks |
DANZ Monitoring Fabric |
2025-10-29T22:55:54.433Z | 2025-10-30T14:12:59.838Z |
| cve-2025-54548 | 4.3 (v3.1) | On affected platforms, restricted users could view sen… |
Arista Networks |
DANZ Monitoring Fabric |
2025-10-29T22:52:54.039Z | 2025-10-30T14:15:49.212Z |
| cve-2025-54547 | 5.3 (v3.1) | On affected platforms, if SSH session multiplexing was… |
Arista Networks |
DANZ Monitoring Fabric |
2025-10-29T22:45:53.499Z | 2025-10-30T14:15:29.632Z |
| cve-2025-54546 | 7.5 (v3.1) | On affected platforms, restricted users could use SSH … |
Arista Networks |
DANZ Monitoring Fabric |
2025-10-29T22:40:57.833Z | 2025-10-30T14:15:10.106Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-54469 | 9.9 (v3.1) | NeuVector Enforcer is vulnerable to Command Injection … |
SUSE |
neuvector |
2025-10-30T09:41:57.086Z | 2025-10-31T03:55:27.162Z |
| cve-2025-40105 | N/A | vfs: Don't leak disconnected dentries on umount |
Linux |
Linux |
2025-10-30T09:48:09.674Z | 2025-10-30T09:48:09.674Z |
| cve-2025-40104 | N/A | ixgbevf: fix mailbox API compatibility by negotiating … |
Linux |
Linux |
2025-10-30T09:48:09.051Z | 2025-10-30T09:48:09.051Z |
| cve-2025-40103 | N/A | smb: client: Fix refcount leak for cifs_sb_tlink |
Linux |
Linux |
2025-10-30T09:48:08.421Z | 2025-10-30T09:48:08.421Z |
| cve-2025-40102 | N/A | KVM: arm64: Prevent access to vCPU events before init |
Linux |
Linux |
2025-10-30T09:48:07.790Z | 2025-10-30T09:48:07.790Z |
| cve-2025-40101 | N/A | btrfs: fix memory leaks when rejecting a non SINGLE da… |
Linux |
Linux |
2025-10-30T09:48:07.155Z | 2025-10-30T09:48:07.155Z |
| cve-2025-40100 | N/A | btrfs: do not assert we found block group item when cr… |
Linux |
Linux |
2025-10-30T09:48:06.521Z | 2025-10-30T09:48:06.521Z |
| cve-2025-40099 | N/A | cifs: parse_dfs_referrals: prevent oob on malformed input |
Linux |
Linux |
2025-10-30T09:48:05.859Z | 2025-10-30T09:48:05.859Z |
| cve-2025-40098 | N/A | ALSA: hda: cs35l41: Fix NULL pointer dereference in cs… |
Linux |
Linux |
2025-10-30T09:48:05.200Z | 2025-10-30T09:48:05.200Z |
| cve-2025-40097 | N/A | ALSA: hda: Fix missing pointer check in hda_component_… |
Linux |
Linux |
2025-10-30T09:48:04.567Z | 2025-10-30T09:48:04.567Z |
| cve-2025-40096 | N/A | drm/sched: Fix potential double free in drm_sched_job_… |
Linux |
Linux |
2025-10-30T09:48:03.954Z | 2025-10-30T09:48:03.954Z |
| cve-2025-40095 | N/A | usb: gadget: f_rndis: Refactor bind path to use __free() |
Linux |
Linux |
2025-10-30T09:48:03.276Z | 2025-10-30T09:48:03.276Z |
| cve-2025-40094 | N/A | usb: gadget: f_acm: Refactor bind path to use __free() |
Linux |
Linux |
2025-10-30T09:48:02.446Z | 2025-10-30T09:48:02.446Z |
| cve-2025-40093 | N/A | usb: gadget: f_ecm: Refactor bind path to use __free() |
Linux |
Linux |
2025-10-30T09:48:00.807Z | 2025-10-30T09:48:00.807Z |
| cve-2025-40092 | N/A | usb: gadget: f_ncm: Refactor bind path to use __free() |
Linux |
Linux |
2025-10-30T09:47:59.910Z | 2025-10-30T09:47:59.910Z |
| cve-2025-40091 | N/A | ixgbe: fix too early devlink_free() in ixgbe_remove() |
Linux |
Linux |
2025-10-30T09:47:59.253Z | 2025-10-30T09:47:59.253Z |
| cve-2025-40090 | N/A | ksmbd: fix recursive locking in RPC handle list access |
Linux |
Linux |
2025-10-30T09:47:58.611Z | 2025-10-30T09:47:58.611Z |
| cve-2025-40089 | N/A | cxl/features: Add check for no entries in cxl_feature_info |
Linux |
Linux |
2025-10-30T09:47:57.990Z | 2025-10-30T09:47:57.990Z |
| cve-2025-40088 | N/A | hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() |
Linux |
Linux |
2025-10-30T09:47:57.333Z | 2025-10-30T09:47:57.333Z |
| cve-2025-40087 | N/A | NFSD: Define a proc_layoutcommit for the FlexFiles lay… |
Linux |
Linux |
2025-10-30T09:47:56.675Z | 2025-10-30T09:47:56.675Z |
| cve-2025-40086 | N/A | drm/xe: Don't allow evicting of BOs in same VM in arra… |
Linux |
Linux |
2025-10-30T09:47:56.005Z | 2025-10-30T09:47:56.005Z |
| cve-2025-11906 | 6.7 (v3.1) | Privilege escalation via writable configuration files … |
Progress Software |
Flowmon |
2025-10-30T07:39:38.530Z | 2025-10-31T03:55:28.727Z |
| cve-2025-11881 | AppPresser – Mobile App Framework <= 4.5.0 - Missing A… |
scottopolis |
AppPresser – Mobile App Framework |
2025-10-30T06:45:40.381Z | 2025-10-30T14:11:55.365Z | |
| cve-2025-62230 | 7.3 (v3.1) | Xorg: xwayland: use-after-free in xkb client resource … |
Red Hat |
Red Hat Enterprise Linux 10 |
2025-10-30T05:19:40.445Z | 2025-11-11T20:35:54.038Z |
| cve-2025-62229 | 7.3 (v3.1) | Xorg: xmayland: use-after-free in xpresentnotify struc… |
Red Hat |
Red Hat Enterprise Linux 10 |
2025-10-30T05:28:48.131Z | 2025-11-11T20:33:54.695Z |
| cve-2025-11627 | Site Checkup AI Troubleshooting with Wizard and Tips f… |
sminozzi |
Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue |
2025-10-30T05:28:27.216Z | 2025-10-30T13:53:07.955Z | |
| cve-2025-10636 | N/A | NS Maintenance Mode for WP <= 1.3.1 - Admin+ Stored XSS |
Unknown |
NS Maintenance Mode for WP |
2025-10-30T06:00:07.969Z | 2025-10-30T14:09:05.103Z |
| cve-2025-10008 | Translate WordPress and go Multilingual – Weglot <= 5.… |
remyb92 |
Translate WordPress and go Multilingual – Weglot |
2025-10-30T05:28:27.857Z | 2025-10-30T14:01:45.215Z | |
| cve-2025-62231 | 7.3 (v3.1) | Xorg: xmayland: value overflow in xkbsetcompatmap() |
Red Hat |
Red Hat Enterprise Linux 10 |
2025-10-30T05:08:32.155Z | 2025-11-11T20:36:03.829Z |
| cve-2025-12475 | Blocksy Companion <= 2.1.14 - Authenticated (Contribut… |
creativethemeshq |
Blocksy Companion |
2025-10-30T04:26:01.452Z | 2025-10-30T13:54:22.488Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-188431 | Malicious code in oortcloud-css-minimizer-webpack-plugin-config-cryovolcano (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188430 | Malicious code in oortcloud-chariklo-geoarchaeology-cli (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188429 | Malicious code in on-xanthus-panspermia-kastra (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188428 | Malicious code in on-quantumfoam-nebula-cosmicweb (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188427 | Malicious code in on-planckscale-sequelize-comet (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188426 | Malicious code in on-graviton-async-antares (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188425 | Malicious code in on-eigenstate-eslint-plugin-axios (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188424 | Malicious code in on-cladistics-exosphere-stream (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188423 | Malicious code in omicron-thread-report-query-book (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188422 | Malicious code in omicron-short-water-easy-beta (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188421 | Malicious code in omicron-route-beta-virtualize-void (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188420 | Malicious code in omicron-query-air-cold-kappa (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188419 | Malicious code in omicron-module-export-java-bundle (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188418 | Malicious code in omicron-final-fire-export-star (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188417 | Malicious code in omicron-enum-link-permission-double (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188416 | Malicious code in omicron-bundle-file-final-warn (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188415 | Malicious code in omega-xml-proxy-runtime-analyze (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188414 | Malicious code in omega-test-benchmark-validate-resolve (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188413 | Malicious code in omega-string-view-double-warn (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188412 | Malicious code in omega-fast-xi-node-analyze (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188411 | Malicious code in omega-big-zero-export-java (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188410 | Malicious code in old-stub-xml-deploy-wind (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188409 | Malicious code in old-string-protected-omega-decode (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188408 | Malicious code in old-reject-mu-char-decrypt (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188407 | Malicious code in old-import-decode-table-process (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188406 | Malicious code in old-grid-permission-gamma-web (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188405 | Malicious code in old-export-class-cron-deploy (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188404 | Malicious code in old-decompress-scale-throw-user (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188403 | Malicious code in odin-toml-element-ui-flare (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188402 | Malicious code in odin-start-sagitta-got (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:4469 | Red Hat Security Advisory: kernel security update | 2025-05-05T18:01:12+00:00 | 2025-11-11T11:27:29+00:00 |
| rhsa-2025:4462 | Red Hat Security Advisory: osbuild-composer security update | 2025-05-05T14:35:59+00:00 | 2025-11-14T17:12:28+00:00 |
| rhsa-2025:4460 | Red Hat Security Advisory: thunderbird security update | 2025-05-05T11:22:55+00:00 | 2025-11-06T23:15:24+00:00 |
| rhsa-2025:4459 | Red Hat Security Advisory: nodejs:22 security update | 2025-05-05T10:39:44+00:00 | 2025-11-06T23:15:24+00:00 |
| rhsa-2025:4458 | Red Hat Security Advisory: firefox security update | 2025-05-05T10:13:54+00:00 | 2025-11-06T23:15:24+00:00 |
| rhsa-2025:4456 | Red Hat Security Advisory: yelp security update | 2025-05-05T09:32:18+00:00 | 2025-11-11T12:11:36+00:00 |
| rhsa-2025:4455 | Red Hat Security Advisory: yelp security update | 2025-05-05T09:31:41+00:00 | 2025-11-11T12:11:36+00:00 |
| rhsa-2025:4457 | Red Hat Security Advisory: yelp security update | 2025-05-05T09:20:58+00:00 | 2025-11-11T12:11:36+00:00 |
| rhsa-2025:4450 | Red Hat Security Advisory: yelp security update | 2025-05-05T07:13:38+00:00 | 2025-11-11T12:11:35+00:00 |
| rhsa-2025:4451 | Red Hat Security Advisory: yelp security update | 2025-05-05T07:11:59+00:00 | 2025-11-11T12:11:35+00:00 |
| rhsa-2025:4449 | Red Hat Security Advisory: xmlrpc-c security update | 2025-05-05T01:57:18+00:00 | 2025-11-07T18:40:25+00:00 |
| rhsa-2025:4446 | Red Hat Security Advisory: xmlrpc-c security update | 2025-05-05T01:53:58+00:00 | 2025-11-07T18:40:27+00:00 |
| rhsa-2025:4448 | Red Hat Security Advisory: xmlrpc-c security update | 2025-05-05T01:49:29+00:00 | 2025-11-07T18:40:24+00:00 |
| rhsa-2025:4445 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-05-05T01:45:33+00:00 | 2025-11-06T22:35:57+00:00 |
| rhsa-2025:4441 | Red Hat Security Advisory: redis:6 security update | 2025-05-05T01:40:33+00:00 | 2025-11-14T00:56:15+00:00 |
| rhsa-2025:4443 | Red Hat Security Advisory: firefox security update | 2025-05-05T01:37:19+00:00 | 2025-11-06T23:15:23+00:00 |
| rhsa-2025:4447 | Red Hat Security Advisory: xmlrpc-c security update | 2025-05-05T01:27:28+00:00 | 2025-11-07T18:40:24+00:00 |
| rhsa-2025:4440 | Red Hat Security Advisory: libsoup security update | 2025-05-05T01:24:57+00:00 | 2025-11-06T23:15:23+00:00 |
| rhsa-2025:4439 | Red Hat Security Advisory: libsoup security update | 2025-05-05T01:17:42+00:00 | 2025-11-06T23:15:22+00:00 |
| rhsa-2025:4437 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.13 security update | 2025-05-05T00:13:08+00:00 | 2025-11-07T10:25:17+00:00 |
| rhsa-2025:4211 | Red Hat Security Advisory: OpenShift Container Platform 4.18.11 bug fix and security update | 2025-05-01T03:08:42+00:00 | 2025-11-14T17:12:26+00:00 |
| rhsa-2025:4362 | Red Hat Security Advisory: ghostscript security update | 2025-04-30T09:14:06+00:00 | 2025-11-14T11:18:36+00:00 |
| rhsa-2025:4340 | Red Hat Security Advisory: kernel-rt security update | 2025-04-30T07:12:26+00:00 | 2025-11-11T11:27:27+00:00 |
| rhsa-2025:4204 | Red Hat Security Advisory: OpenShift Container Platform 4.17.27 bug fix and security update | 2025-04-30T03:47:47+00:00 | 2025-11-14T17:12:25+00:00 |
| rhsa-2025:4203 | Red Hat Security Advisory: OpenShift Container Platform 4.17.27 security and extras update | 2025-04-30T01:25:50+00:00 | 2025-11-13T17:26:57+00:00 |
| rhsa-2025:4341 | Red Hat Security Advisory: kernel security update | 2025-04-30T01:14:00+00:00 | 2025-11-11T11:27:27+00:00 |
| rhsa-2025:4342 | Red Hat Security Advisory: kernel security update | 2025-04-30T01:09:50+00:00 | 2025-11-08T06:51:46+00:00 |
| rhsa-2025:4339 | Red Hat Security Advisory: kernel security update | 2025-04-30T00:47:26+00:00 | 2025-11-11T11:27:27+00:00 |
| rhsa-2025:4250 | Red Hat Security Advisory: RHSA: Submariner 0.19.4 - bug fix and enhancement update | 2025-04-28T16:10:25+00:00 | 2025-11-14T17:12:31+00:00 |
| rhsa-2025:4263 | Red Hat Security Advisory: php:8.1 security update | 2025-04-28T15:19:26+00:00 | 2025-11-06T22:02:34+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2024-56729 | smb: Initialize cfid->tcon before performing network ops | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-56728 | octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56727 | octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-56726 | octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56725 | octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-56724 | mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56723 | mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56722 | RDMA/hns: Fix cpu stuck caused by printings during reset | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-56720 | bpf, sockmap: Several fixes to bpf_msg_pop_data | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56719 | net: stmmac: fix TSO DMA API usage causing oops | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56718 | net/smc: protect link down work from execute after lgr freed | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56717 | net: mscc: ocelot: fix incorrect IFH SRC_PORT field in ocelot_ifh_set_basic() | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56716 | netdevsim: prevent bad user input in nsim_dev_health_break_write() | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56715 | ionic: Fix netdev notifier unregister on failure | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56712 | udmabuf: fix memory leak on last export_udmabuf() error path | 2024-12-02T00:00:00.000Z | 2025-09-03T23:10:12.000Z |
| msrc_cve-2024-56710 | ceph: fix memory leak in ceph_direct_read_write() | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56709 | io_uring: check if iowq is killed before queuing | 2024-12-02T00:00:00.000Z | 2025-10-17T01:01:42.000Z |
| msrc_cve-2024-56708 | EDAC/igen6: Avoid segmentation fault on module unload | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56707 | octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c | 2024-12-02T00:00:00.000Z | 2025-10-08T01:01:47.000Z |
| msrc_cve-2024-56704 | 9p/xen: fix release of IRQ | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56703 | ipv6: Fix soft lockups in fib6_select_path under high next hop churn | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56698 | usb: dwc3: gadget: Fix looping of queued SG entries | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56694 | bpf: fix recursive lock when verdict program return SK_PASS | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56692 | f2fs: fix to do sanity check on node blkaddr in truncate_node() | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-56689 | PCI: endpoint: epf-mhi: Avoid NULL dereference if DT lacks 'mmio' | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-56688 | sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56675 | bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56672 | blk-cgroup: Fix UAF in blkcg_unpin_online() | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56670 | usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56667 | drm/i915: Fix NULL pointer dereference in capture_engine | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2014-000043 | Cybozu Garoon API access restriction bypass vulnerability | 2014-04-30T15:08+09:00 | 2014-05-08T18:06+09:00 |
| jvndb-2014-000045 | Apache Struts vulnerable to ClassLoader manipulation | 2014-04-25T15:37+09:00 | 2015-05-08T18:01+09:00 |
| jvndb-2014-000038 | TOSHIBA TEC e-Studio series vulnerable to cross-site request forgery | 2014-04-18T14:30+09:00 | 2014-04-28T18:11+09:00 |
| jvndb-2014-000039 | Cybozu Remote Service Manager vulnerable to denial-of-service (DoS) | 2014-04-18T13:40+09:00 | 2014-04-28T18:13+09:00 |
| jvndb-2014-000040 | Cybozu Remote Service Manager vulnerable to session fixation | 2014-04-18T13:35+09:00 | 2014-04-28T18:14+09:00 |
| jvndb-2014-000037 | AndExplorer vulnerable to directory traversal | 2014-04-18T12:39+09:00 | 2014-04-28T18:12+09:00 |
| jvndb-2014-000041 | Redmine vulnerable to open redirect | 2014-04-16T15:06+09:00 | 2014-04-16T15:06+09:00 |
| jvndb-2014-000036 | Content Provider in CamiApp for Android fails to restrict access permissions | 2014-04-14T13:45+09:00 | 2014-04-21T18:34+09:00 |
| jvndb-2014-000035 | SD Card Manager vulnerable to directory traversal | 2014-04-11T13:43+09:00 | 2014-04-16T18:22+09:00 |
| jvndb-2014-000033 | ES File Explorer vulnerable to directory traversal | 2014-03-20T14:05+09:00 | 2014-03-24T18:50+09:00 |
| jvndb-2014-000032 | Silex vulnerable to cross-site scripting | 2014-03-20T14:02+09:00 | 2014-03-24T18:27+09:00 |
| jvndb-2014-000029 | sp mode mail vulnerability where Java methods may be executed | 2014-03-18T14:09+09:00 | 2014-03-25T19:25+09:00 |
| jvndb-2014-000028 | sp mode mail issue where emails in the process of creation may be accessed | 2014-03-18T14:08+09:00 | 2014-03-25T19:24+09:00 |
| jvndb-2014-000027 | sp mode mail issue when accessing attachments in incoming mail | 2014-03-18T14:07+09:00 | 2014-03-24T19:04+09:00 |
| jvndb-2014-000031 | Unzipper vulnerable to directory traversal | 2014-03-17T13:45+09:00 | 2014-03-19T15:15+09:00 |
| jvndb-2014-000030 | Demaecan for Android. contains an issue where it fails to verify SSL server certificates | 2014-03-17T13:43+09:00 | 2014-03-19T15:14+09:00 |
| jvndb-2014-001594 | JP1/File Transmission Server / FTP vulnerable to access control violation | 2014-03-11T16:33+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-001593 | JP1/Integrated Management - Service Support vulnerable to cross-site scripting | 2014-03-11T15:54+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-000024 | Cybozu Garoon vulnerable to SQL injection | 2014-02-26T15:23+09:00 | 2014-03-03T18:42+09:00 |
| jvndb-2014-000023 | Cybozu Garoon vulnerable to directory traversal | 2014-02-26T15:22+09:00 | 2014-03-03T18:44+09:00 |
| jvndb-2014-000022 | Denny's App for Android. contains an issue where it fails to verify SSL server certificates | 2014-02-26T15:21+09:00 | 2014-03-03T18:49+09:00 |
| jvndb-2014-000021 | Cybozu Garoon vulnerable to session management | 2014-02-26T15:21+09:00 | 2014-03-03T18:45+09:00 |
| jvndb-2014-000026 | Norman Security Suite vulnerable to privilege escalation | 2014-02-26T15:20+09:00 | 2014-03-03T18:47+09:00 |
| jvndb-2014-000025 | XooNIps vulnerable to cross-site scripting | 2014-02-26T15:19+09:00 | 2014-03-03T18:50+09:00 |
| jvndb-2014-000020 | AutoCAD may insecurely load dynamic libraries | 2014-02-21T14:19+09:00 | 2014-02-25T16:38+09:00 |
| jvndb-2014-000019 | AutoCAD vulnerable to arbitrary VBScript execution | 2014-02-21T14:16+09:00 | 2014-02-25T16:39+09:00 |
| jvndb-2014-000012 | Blackboard Vista/CE vulnerable to cross-site scripting | 2014-02-21T14:12+09:00 | 2014-02-25T16:40+09:00 |
| jvndb-2014-000017 | Apache Commons FileUpload vulnerable to denial-of-service (DoS) | 2014-02-10T17:21+09:00 | 2016-12-27T11:49+09:00 |
| jvndb-2014-000016 | phpMyFAQ vulnerable to cross-site request forgery | 2014-02-07T12:26+09:00 | 2014-02-20T13:58+09:00 |
| jvndb-2014-000015 | phpMyFAQ vulnerable to cross-site scripting | 2014-02-07T12:25+09:00 | 2014-02-20T14:00+09:00 |
| ID | Description | Updated |
|---|