Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-r9fw-cwjr-j3hp | An unquoted service path in Kingosoft Technology Ltd Kingo ROOT v1.5.8.3353 allows attackers to esc… | 2025-10-29T18:30:35Z | 2025-10-29T21:30:32Z |
| ghsa-h2c5-5pm8-g4x6 | An issue discovered in Dyson App v6.1.23041-23595 allows unauthenticated attackers to control other… | 2025-10-29T18:30:34Z | 2025-10-29T21:30:33Z |
| ghsa-g7mp-3c2c-6235 | Incorrect access control on Dataphone A920 v2025.07.161103 exposes a service on port 8888 by defaul… | 2025-10-29T18:30:34Z | 2025-10-30T21:30:45Z |
| ghsa-55f4-6pv4-vw79 | SPH Engineering UgCS 5.13.0 is vulnerable to Arbitary code execution. | 2025-10-29T18:30:34Z | 2025-10-30T21:30:45Z |
| ghsa-wf96-6xvx-6wrw | Resource Lacking AuthN.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . | 2025-10-29T18:30:33Z | 2025-11-07T15:31:26Z |
| ghsa-vcv8-7fr8-7xqg | Non-Compliant TLS Configuration.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . | 2025-10-29T18:30:33Z | 2025-11-07T15:31:27Z |
| ghsa-rfc4-43m5-c2h6 | Server Version Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . | 2025-10-29T18:30:33Z | 2025-11-07T15:31:26Z |
| ghsa-q2pj-6v73-8rgj | TypeORM vulnerable to SQL injection via crafted request to repository.save or repository.update | 2025-10-29T18:30:33Z | 2025-10-31T17:38:00Z |
| ghsa-p8x8-q3xw-3gv4 | A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client on Windows … | 2025-10-29T18:30:33Z | 2025-10-29T18:30:33Z |
| ghsa-hq95-v36h-xqg3 | Systemic Lack of Cross-Site Request Forgery (CSRF) Token Implementation.This issue affects BLU-IC2:… | 2025-10-29T18:30:33Z | 2025-11-07T15:31:27Z |
| ghsa-c5jc-gcgx-fp5c | An unauthenticated server-side request forgery (SSRF) vulnerability in the Thumbnail via-uri endpoi… | 2025-10-29T18:30:33Z | 2025-10-29T18:30:33Z |
| ghsa-p868-4f8c-8pq7 | In Search Guard versions 3.1.1 and earlier, Field Masking (FM) rules are improperly enforced on fie… | 2025-10-29T18:30:32Z | 2025-10-29T18:30:32Z |
| ghsa-5pcq-rjhv-m338 | In Search Guard FLX versions 3.1.1 and earlier, Field-Level Security (FLS) rules are improperly enf… | 2025-10-29T18:30:32Z | 2025-10-29T18:30:32Z |
| ghsa-2frg-67w9-883j | Potential privilege escalation issue in Revenera InstallShield version 2023 R1 running a renamed Se… | 2025-10-29T18:30:32Z | 2025-10-29T18:30:32Z |
| ghsa-rj5c-58rq-j5g5 | FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name | 2025-10-29T15:39:03Z | 2025-10-29T15:39:03Z |
| ghsa-mxxr-jv3v-6pgc | FastMCP vulnerable to reflected XSS in client's callback page | 2025-10-29T15:38:29Z | 2025-10-29T15:39:21Z |
| ghsa-c2jp-c369-7pvx | FastMCP Auth Integration Allows for Confused Deputy Account Takeover | 2025-10-29T15:38:07Z | 2025-10-29T15:38:07Z |
| ghsa-2r4h-8jxv-w2j8 | CKAN vulnerable to stored XSS in resource description | 2025-10-29T15:34:22Z | 2025-10-29T19:51:18Z |
| ghsa-wpr5-rc2j-99p2 | Jenkins Publish to Bitbucket Plugin is missing a permissions check | 2025-10-29T15:31:57Z | 2025-11-05T20:54:44Z |
| ghsa-v549-7pm5-f8qr | Jenkins Publish to Bitbucket Plugin is missing a permissions check | 2025-10-29T15:31:57Z | 2025-11-05T20:54:36Z |
| ghsa-m244-6mff-p355 | Jenkins Publish to Bitbucket Plugin vulnerable to CSRF and missing permissions check | 2025-10-29T15:31:57Z | 2025-11-05T20:54:26Z |
| ghsa-jcfc-r24f-p75w | Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module).This issue… | 2025-10-29T15:31:57Z | 2025-10-29T15:31:57Z |
| ghsa-hv42-crpx-q355 | Jenkins Curseforge Publisher Plugin does not mask API Keys displayed on the job configuration form | 2025-10-29T15:31:57Z | 2025-11-05T20:54:18Z |
| ghsa-cxfc-jjg2-5xp4 | An issue in NCR Atleos Terminal Manager (ConfigApp) v3.4.0 allows attackers to escalate privileges … | 2025-10-29T15:31:57Z | 2025-10-29T18:30:32Z |
| ghsa-cmcq-c826-8h54 | A vulnerability was found in code-projects Online Complaint Site 1.0. This issue affects some unkno… | 2025-10-29T15:31:57Z | 2025-10-30T15:32:32Z |
| ghsa-4cf4-jjh2-3m84 | Incorrect access control in the kernel driver of ThreatFire System Monitor v4.7.0.53 allows attacke… | 2025-10-29T15:31:57Z | 2025-10-30T15:32:32Z |
| ghsa-x2pv-fph3-phfx | Jenkins Nexus Task Runner Plugin vulnerable to cross-site request forgery | 2025-10-29T15:31:56Z | 2025-11-05T20:53:16Z |
| ghsa-wf68-85vc-c49w | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix null-d… | 2025-10-29T15:31:56Z | 2025-11-02T15:30:12Z |
| ghsa-w5r3-gr8w-7fj5 | Jenkins Eggplant Runner Plugin protection mechanism disabled | 2025-10-29T15:31:56Z | 2025-11-05T20:52:36Z |
| ghsa-vmm2-53rc-43v3 | Jenkins ByteGuard Build Actions Plugin does not mask API tokens displayed on the job configuration form | 2025-10-29T15:31:56Z | 2025-11-05T20:54:03Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-10931 | N/A | Umami Analytics - Moderately critical - Cross Site Scr… |
Drupal |
Umami Analytics |
2025-10-29T23:13:40.417Z | 2025-10-30T14:15:53.377Z |
| cve-2025-10928 | N/A | Access code - Moderately critical - Access bypass - SA… |
Drupal |
Access code |
2025-10-29T23:13:25.064Z | 2025-10-30T13:07:25.555Z |
| cve-2025-10927 | N/A | Plausible tracking - Moderately critical - Cross Site … |
Drupal |
Plausible tracking |
2025-10-29T23:13:12.338Z | 2025-10-30T14:42:43.207Z |
| cve-2025-10926 | N/A | JSON Field - Critical - Cross Site Scripting - SA-CONT… |
Drupal |
JSON Field |
2025-10-29T23:12:56.914Z | 2025-10-30T14:43:55.094Z |
| cve-2025-9954 | N/A | Acquia DAM - Moderately critical - Access bypass, Info… |
Drupal |
Acquia DAM |
2025-10-29T23:12:41.751Z | 2025-10-30T14:45:16.263Z |
| cve-2025-54549 | 5.9 (v3.1) | Cryptographic validation of upgrade images could be ci… |
Arista Networks |
DANZ Monitoring Fabric |
2025-10-29T22:55:54.433Z | 2025-10-30T14:12:59.838Z |
| cve-2025-54548 | 4.3 (v3.1) | On affected platforms, restricted users could view sen… |
Arista Networks |
DANZ Monitoring Fabric |
2025-10-29T22:52:54.039Z | 2025-10-30T14:15:49.212Z |
| cve-2025-54547 | 5.3 (v3.1) | On affected platforms, if SSH session multiplexing was… |
Arista Networks |
DANZ Monitoring Fabric |
2025-10-29T22:45:53.499Z | 2025-10-30T14:15:29.632Z |
| cve-2025-54546 | 7.5 (v3.1) | On affected platforms, restricted users could use SSH … |
Arista Networks |
DANZ Monitoring Fabric |
2025-10-29T22:40:57.833Z | 2025-10-30T14:15:10.106Z |
| cve-2025-54545 | 7.8 (v3.1) | On affected platforms, a restricted user could break o… |
Arista Networks |
DANZ Monitoring Fabric |
2025-10-29T22:36:24.379Z | 2025-10-30T14:14:49.068Z |
| cve-2025-61724 | N/A | Excessive CPU consumption in Reader.ReadResponse in ne… |
Go standard library |
net/textproto |
2025-10-29T22:10:14.609Z | 2025-11-04T21:14:03.930Z |
| cve-2025-58183 | N/A | Unbounded allocation when parsing GNU sparse map in ar… |
Go standard library |
archive/tar |
2025-10-29T22:10:14.376Z | 2025-11-04T21:13:32.834Z |
| cve-2025-58188 | N/A | Panic when validating certificates with DSA public key… |
Go standard library |
crypto/x509 |
2025-10-29T22:10:14.143Z | 2025-11-04T21:13:38.109Z |
| cve-2025-58186 | N/A | Lack of limit when parsing cookies can cause memory ex… |
Go standard library |
net/http |
2025-10-29T22:10:13.912Z | 2025-11-04T21:13:35.468Z |
| cve-2025-58185 | N/A | Parsing DER payload can cause memory exhaustion in enc… |
Go standard library |
encoding/asn1 |
2025-10-29T22:10:13.682Z | 2025-11-04T21:13:34.163Z |
| cve-2025-47912 | N/A | Insufficient validation of bracketed IPv6 hostnames in… |
Go standard library |
net/url |
2025-10-29T22:10:13.435Z | 2025-11-04T21:10:57.384Z |
| cve-2025-61723 | N/A | Quadratic complexity when parsing some invalid inputs … |
Go standard library |
encoding/pem |
2025-10-29T22:10:13.220Z | 2025-11-04T21:14:02.531Z |
| cve-2025-58189 | N/A | ALPN negotiation error contains attacker controlled in… |
Go standard library |
crypto/tls |
2025-10-29T22:10:12.947Z | 2025-11-04T21:13:39.428Z |
| cve-2025-58187 | N/A | Quadratic complexity when checking name constraints in… |
Go standard library |
crypto/x509 |
2025-10-29T22:10:12.624Z | 2025-11-04T21:13:36.780Z |
| cve-2025-61725 | N/A | Excessive CPU consumption in ParseAddress in net/mail |
Go standard library |
net/mail |
2025-10-29T22:10:12.255Z | 2025-11-04T21:14:05.236Z |
| cve-2025-61959 | 6.9 (v4.0) 5.3 (v3.1) | Vertikal Systems Hospital Manager Backend Services Gen… |
Vertikal Systems |
Hospital Manager Backend Services |
2025-10-29T21:54:51.533Z | 2025-10-30T20:32:15.522Z |
| cve-2025-54459 | 8.7 (v4.0) 7.5 (v3.1) | Vertikal Systems Hospital Manager Backend Services Exp… |
Vertikal Systems |
Hospital Manager Backend Services |
2025-10-29T21:51:34.082Z | 2025-10-30T20:31:36.976Z |
| cve-2025-10934 | 7.8 (v3.0) | GIMP XWD File Parsing Heap-based Buffer Overflow Remot… |
GIMP |
GIMP |
2025-10-29T19:58:55.670Z | 2025-11-04T00:12:05.168Z |
| cve-2025-11465 | 7.8 (v3.0) | Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Re… |
Ashlar-Vellum |
Cobalt |
2025-10-29T19:44:00.443Z | 2025-10-30T14:11:26.417Z |
| cve-2025-11464 | 7.8 (v3.0) | Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer… |
Ashlar-Vellum |
Cobalt |
2025-10-29T19:43:41.524Z | 2025-10-30T14:21:54.611Z |
| cve-2025-11463 | 7.8 (v3.0) | Ashlar-Vellum Cobalt XE File Parsing Integer Overflow … |
Ashlar-Vellum |
Cobalt |
2025-10-29T19:43:29.758Z | 2025-10-30T14:33:11.565Z |
| cve-2025-11466 | 4.9 (v3.0) | Allegra DatabaseBackupBL Directory Traversal Informati… |
Allegra |
Allegra |
2025-10-29T19:42:58.285Z | 2025-10-30T14:33:47.575Z |
| cve-2025-11200 | 8.1 (v3.0) | MLflow Weak Password Requirements Authentication Bypas… |
MLflow |
MLflow |
2025-10-29T19:42:03.734Z | 2025-10-31T03:55:31.971Z |
| cve-2025-11201 | 8.1 (v3.0) | MLflow Tracking Server Model Creation Directory Traver… |
MLflow |
MLflow |
2025-10-29T19:37:10.690Z | 2025-10-31T03:55:31.166Z |
| cve-2025-11202 | 9.8 (v3.0) | win-cli-mcp-server resolveCommandPath Command Injectio… |
win-cli-mcp-server |
win-cli-mcp-server |
2025-10-29T19:36:39.563Z | 2025-10-30T14:35:53.727Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-40089 | N/A | cxl/features: Add check for no entries in cxl_feature_info |
Linux |
Linux |
2025-10-30T09:47:57.990Z | 2025-10-30T09:47:57.990Z |
| cve-2025-40088 | N/A | hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() |
Linux |
Linux |
2025-10-30T09:47:57.333Z | 2025-10-30T09:47:57.333Z |
| cve-2025-40087 | N/A | NFSD: Define a proc_layoutcommit for the FlexFiles lay… |
Linux |
Linux |
2025-10-30T09:47:56.675Z | 2025-10-30T09:47:56.675Z |
| cve-2025-40086 | N/A | drm/xe: Don't allow evicting of BOs in same VM in arra… |
Linux |
Linux |
2025-10-30T09:47:56.005Z | 2025-10-30T09:47:56.005Z |
| cve-2025-11906 | 6.7 (v3.1) | Privilege escalation via writable configuration files … |
Progress Software |
Flowmon |
2025-10-30T07:39:38.530Z | 2025-10-31T03:55:28.727Z |
| cve-2025-11881 | AppPresser – Mobile App Framework <= 4.5.0 - Missing A… |
scottopolis |
AppPresser – Mobile App Framework |
2025-10-30T06:45:40.381Z | 2025-10-30T14:11:55.365Z | |
| cve-2025-62230 | 7.3 (v3.1) | Xorg: xwayland: use-after-free in xkb client resource … |
Red Hat |
Red Hat Enterprise Linux 10 |
2025-10-30T05:19:40.445Z | 2025-11-11T20:35:54.038Z |
| cve-2025-62229 | 7.3 (v3.1) | Xorg: xmayland: use-after-free in xpresentnotify struc… |
Red Hat |
Red Hat Enterprise Linux 10 |
2025-10-30T05:28:48.131Z | 2025-11-11T20:33:54.695Z |
| cve-2025-11627 | Site Checkup AI Troubleshooting with Wizard and Tips f… |
sminozzi |
Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue |
2025-10-30T05:28:27.216Z | 2025-10-30T13:53:07.955Z | |
| cve-2025-10636 | N/A | NS Maintenance Mode for WP <= 1.3.1 - Admin+ Stored XSS |
Unknown |
NS Maintenance Mode for WP |
2025-10-30T06:00:07.969Z | 2025-10-30T14:09:05.103Z |
| cve-2025-10008 | Translate WordPress and go Multilingual – Weglot <= 5.… |
remyb92 |
Translate WordPress and go Multilingual – Weglot |
2025-10-30T05:28:27.857Z | 2025-10-30T14:01:45.215Z | |
| cve-2025-62231 | 7.3 (v3.1) | Xorg: xmayland: value overflow in xkbsetcompatmap() |
Red Hat |
Red Hat Enterprise Linux 10 |
2025-10-30T05:08:32.155Z | 2025-11-11T20:36:03.829Z |
| cve-2025-12475 | Blocksy Companion <= 2.1.14 - Authenticated (Contribut… |
creativethemeshq |
Blocksy Companion |
2025-10-30T04:26:01.452Z | 2025-10-30T13:54:22.488Z | |
| cve-2025-9954 | N/A | Acquia DAM - Moderately critical - Access bypass, Info… |
Drupal |
Acquia DAM |
2025-10-29T23:12:41.751Z | 2025-10-30T14:45:16.263Z |
| cve-2025-62257 | 6.3 (v4.0) | Password enumeration vulnerability in Liferay Por… |
Liferay |
Portal |
2025-10-29T23:24:42.740Z | 2025-10-30T17:41:13.870Z |
| cve-2025-12466 | N/A | Simple OAuth (OAuth2) & OpenID Connect - Critical - Ac… |
Drupal |
Simple OAuth (OAuth2) & OpenID Connect |
2025-10-29T23:14:51.343Z | 2025-10-30T14:38:59.887Z |
| cve-2025-12083 | N/A | CivicTheme Design System - Moderately critical - Cross… |
Drupal |
CivicTheme Design System |
2025-10-29T23:14:33.900Z | 2025-10-30T14:40:11.746Z |
| cve-2025-12082 | N/A | CivicTheme Design System - Moderately critical - Infor… |
Drupal |
CivicTheme Design System |
2025-10-29T23:14:19.017Z | 2025-10-30T14:41:28.623Z |
| cve-2025-10931 | N/A | Umami Analytics - Moderately critical - Cross Site Scr… |
Drupal |
Umami Analytics |
2025-10-29T23:13:40.417Z | 2025-10-30T14:15:53.377Z |
| cve-2025-10930 | N/A | Currency - Moderately critical - Cross Site Request Fo… |
Drupal |
Currency |
2025-10-29T23:13:54.547Z | 2025-10-30T13:27:10.721Z |
| cve-2025-10929 | N/A | Reverse Proxy Header - Less critical - Access bypass -… |
Drupal |
Reverse Proxy Header |
2025-10-29T23:14:07.047Z | 2025-10-30T13:31:48.665Z |
| cve-2025-10928 | N/A | Access code - Moderately critical - Access bypass - SA… |
Drupal |
Access code |
2025-10-29T23:13:25.064Z | 2025-10-30T13:07:25.555Z |
| cve-2025-10927 | N/A | Plausible tracking - Moderately critical - Cross Site … |
Drupal |
Plausible tracking |
2025-10-29T23:13:12.338Z | 2025-10-30T14:42:43.207Z |
| cve-2025-10926 | N/A | JSON Field - Critical - Cross Site Scripting - SA-CONT… |
Drupal |
JSON Field |
2025-10-29T23:12:56.914Z | 2025-10-30T14:43:55.094Z |
| cve-2025-61725 | N/A | Excessive CPU consumption in ParseAddress in net/mail |
Go standard library |
net/mail |
2025-10-29T22:10:12.255Z | 2025-11-04T21:14:05.236Z |
| cve-2025-61724 | N/A | Excessive CPU consumption in Reader.ReadResponse in ne… |
Go standard library |
net/textproto |
2025-10-29T22:10:14.609Z | 2025-11-04T21:14:03.930Z |
| cve-2025-61723 | N/A | Quadratic complexity when parsing some invalid inputs … |
Go standard library |
encoding/pem |
2025-10-29T22:10:13.220Z | 2025-11-04T21:14:02.531Z |
| cve-2025-58189 | N/A | ALPN negotiation error contains attacker controlled in… |
Go standard library |
crypto/tls |
2025-10-29T22:10:12.947Z | 2025-11-04T21:13:39.428Z |
| cve-2025-58188 | N/A | Panic when validating certificates with DSA public key… |
Go standard library |
crypto/x509 |
2025-10-29T22:10:14.143Z | 2025-11-04T21:13:38.109Z |
| cve-2025-58187 | N/A | Quadratic complexity when checking name constraints in… |
Go standard library |
crypto/x509 |
2025-10-29T22:10:12.624Z | 2025-11-04T21:13:36.780Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-188401 | Malicious code in odin-nightwatch-singularity-gravity (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188400 | Malicious code in odin-mensa-magnetar-react-bootstrap (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188399 | Malicious code in odin-lepton-superagent-uninstall (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188398 | Malicious code in odin-holography-wavefunction-webpack (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188397 | Malicious code in odin-fetch-arcturus-cressida (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188396 | Malicious code in odin-baryon-primatology-equinox (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188395 | Malicious code in odin-babel-ignite-abiogenesis (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188394 | Malicious code in octans-yakutsk-dotenv-leda (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188393 | Malicious code in octans-sedna-entanglement-xerxes (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188392 | Malicious code in octans-prompts-hyperion-google (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188391 | Malicious code in octans-parallax-webdriverio-innercore (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188390 | Malicious code in octans-non-blocking-repository-cosmiconfig (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188389 | Malicious code in octans-eigenstate-antares-vuetify (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188388 | Malicious code in octans-cybernetics-carpo-norma (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188387 | Malicious code in octans-command-io-command (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188386 | Malicious code in octans-buffer-commitlint-config-angular-puppeteer (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188385 | Malicious code in object-rain-fast-process-unix (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188384 | Malicious code in object-chi-yaml-authorize-zero (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188383 | Malicious code in object-authorize-array-cluster-encrypt (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188382 | Malicious code in oberon-semantic-ui-cors-dione (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188381 | Malicious code in oberon-mdx-hydrogeology-bunyan (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188380 | Malicious code in oberon-geochronology-yakutsk-neuromorphic (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188379 | Malicious code in oauth-zenobia-mechatronics-sirius (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188378 | Malicious code in oauth-neptunology-lint-server (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188377 | Malicious code in nuxtjs-test-fornax-postgres (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188376 | Malicious code in nuxtjs-steganography-dynamo-rocket (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188375 | Malicious code in nuxtjs-quasarjet-cross-env-taurus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188374 | Malicious code in nuxtjs-ionosphere-parsec-cosmology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188373 | Malicious code in nuxtjs-hugo-karma-antares (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188372 | Malicious code in nuxtjs-heka-google-quasar (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:4241 | Red Hat Security Advisory: glibc security update | 2025-04-28T10:26:23+00:00 | 2025-10-29T18:41:48+00:00 |
| rhsa-2025:4240 | Red Hat Security Advisory: Updated 6.1 container image is now available in the Red Hat Ecosystem Catalog. | 2025-04-28T05:29:21+00:00 | 2025-11-14T20:57:41+00:00 |
| rhsa-2025:4227 | Red Hat Security Advisory: mod_auth_openidc:2.3 security update | 2025-04-28T01:31:12+00:00 | 2025-11-11T09:51:01+00:00 |
| rhsa-2025:4228 | Red Hat Security Advisory: mod_auth_openidc:2.3 security update | 2025-04-28T01:19:37+00:00 | 2025-11-11T09:51:01+00:00 |
| rhsa-2025:4224 | Red Hat Security Advisory: mod_auth_openidc security update | 2025-04-28T00:22:52+00:00 | 2025-11-11T09:51:00+00:00 |
| rhsa-2025:4225 | Red Hat Security Advisory: mod_auth_openidc security update | 2025-04-28T00:22:37+00:00 | 2025-11-11T09:51:05+00:00 |
| rhsa-2025:4226 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.10 on RHEL 7 security update | 2025-04-28T00:20:32+00:00 | 2025-11-11T16:10:54+00:00 |
| rhsa-2025:4192 | Red Hat Security Advisory: mod_auth_openidc:2.3 security update | 2025-04-24T16:08:21+00:00 | 2025-11-11T09:51:05+00:00 |
| rhsa-2025:4187 | Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-django) security update | 2025-04-24T13:23:07+00:00 | 2025-11-06T22:45:19+00:00 |
| rhsa-2025:4188 | Red Hat Security Advisory: Red Hat OpenShift Builds 1.2 | 2025-04-24T13:21:19+00:00 | 2025-11-14T17:12:29+00:00 |
| rhsa-2025:4171 | Red Hat Security Advisory: Red Hat OpenShift Builds 1.3 | 2025-04-24T11:52:49+00:00 | 2025-11-14T17:12:29+00:00 |
| rhsa-2025:4170 | Red Hat Security Advisory: thunderbird security update | 2025-04-24T11:34:54+00:00 | 2025-11-06T23:15:22+00:00 |
| rhsa-2025:4169 | Red Hat Security Advisory: thunderbird security update | 2025-04-24T11:29:08+00:00 | 2025-11-06T23:15:22+00:00 |
| rhsa-2025:4012 | Red Hat Security Advisory: OpenShift Container Platform 4.17.26 bug fix and security update | 2025-04-23T12:41:37+00:00 | 2025-11-14T17:12:23+00:00 |
| rhsa-2025:3997 | Red Hat Security Advisory: mod_auth_openidc:2.3 security update | 2025-04-23T11:58:55+00:00 | 2025-11-11T09:50:58+00:00 |
| rhsa-2025:4025 | Red Hat Security Advisory: libxslt security update | 2025-04-23T11:55:24+00:00 | 2025-11-06T22:35:55+00:00 |
| rhsa-2025:4048 | Red Hat Security Advisory: xmlrpc-c security update | 2025-04-23T11:47:20+00:00 | 2025-11-07T18:40:24+00:00 |
| rhsa-2025:4043 | Red Hat Security Advisory: bluez security update | 2025-04-23T10:40:54+00:00 | 2025-11-06T21:44:00+00:00 |
| rhsa-2025:4063 | Red Hat Security Advisory: ruby:3.1 security update | 2025-04-23T10:34:54+00:00 | 2025-11-14T10:17:20+00:00 |
| rhsa-2025:4098 | Red Hat Security Advisory: libxslt security update | 2025-04-23T10:23:14+00:00 | 2025-11-06T22:35:55+00:00 |
| rhsa-2025:4128 | Red Hat Security Advisory: mod_auth_openidc:2.3 security update | 2025-04-23T10:20:19+00:00 | 2025-11-11T09:50:58+00:00 |
| rhsa-2025:4029 | Red Hat Security Advisory: thunderbird security update | 2025-04-23T10:17:09+00:00 | 2025-11-06T23:15:21+00:00 |
| rhsa-2025:4026 | Red Hat Security Advisory: thunderbird security update | 2025-04-23T10:12:34+00:00 | 2025-11-06T23:15:20+00:00 |
| rhsa-2025:4030 | Red Hat Security Advisory: thunderbird security update | 2025-04-23T10:12:24+00:00 | 2025-11-06T23:15:21+00:00 |
| rhsa-2025:4027 | Red Hat Security Advisory: thunderbird security update | 2025-04-23T10:12:09+00:00 | 2025-11-06T23:15:20+00:00 |
| rhsa-2025:4031 | Red Hat Security Advisory: thunderbird security update | 2025-04-23T10:11:19+00:00 | 2025-11-06T23:15:22+00:00 |
| rhsa-2025:4028 | Red Hat Security Advisory: thunderbird security update | 2025-04-23T10:10:54+00:00 | 2025-11-06T23:15:21+00:00 |
| rhsa-2025:4032 | Red Hat Security Advisory: thunderbird security update | 2025-04-23T10:10:10+00:00 | 2025-11-06T23:15:23+00:00 |
| rhsa-2025:4007 | Red Hat Security Advisory: OpenShift Container Platform 4.16.39 security and extras update | 2025-04-23T01:59:09+00:00 | 2025-11-14T11:39:28+00:00 |
| rhsa-2025:4019 | Red Hat Security Advisory: OpenShift Container Platform 4.18.10 bug fix and security update | 2025-04-22T23:52:01+00:00 | 2025-11-14T17:12:24+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2024-56665 | bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56664 | bpf, sockmap: Fix race between element replace and close() | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56663 | wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56662 | acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl | 2024-12-02T00:00:00.000Z | 2025-05-21T00:00:00.000Z |
| msrc_cve-2024-56660 | net/mlx5: DR, prevent potential error pointer dereference | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56659 | net: lapb: increase LAPB_HEADER_LEN | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56658 | net: defer final 'struct net' free in netns dismantle | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56657 | ALSA: control: Avoid WARN() for symlink errors | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56655 | netfilter: nf_tables: do not defer rule destruction via call_rcu | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56654 | Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56653 | Bluetooth: btmtk: avoid UAF in btmtk_process_coredump | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56651 | can: hi311x: hi3110_can_ist(): fix potential use-after-free | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56650 | netfilter: x_tables: fix LED ID check in led_tg_check() | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56649 | net: enetc: Do not configure preemptible TCs if SIs do not support | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56648 | net: hsr: avoid potential out-of-bound access in fill_frame_info() | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56647 | net: Fix icmp host relookup triggering ip_rt_bug | 2024-12-02T00:00:00.000Z | 2025-09-03T22:31:39.000Z |
| msrc_cve-2024-56643 | dccp: Fix memory leak in dccp_feat_change_recv | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-56642 | tipc: Fix use-after-free of kernel socket in cleanup_bearer(). | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56641 | net/smc: initialize close_work early to avoid warning | 2024-12-02T00:00:00.000Z | 2025-10-08T01:01:42.000Z |
| msrc_cve-2024-56640 | net/smc: fix LGR and link use-after-free issue | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56635 | net: avoid potential UAF in default_operstate() | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56634 | gpio: grgpio: Add NULL check in grgpio_probe | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56631 | scsi: sg: Fix slab-use-after-free read in sg_release() | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56629 | HID: wacom: fix when get product name maybe null pointer | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56627 | ksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56626 | ksmbd: fix Out-of-Bounds Write in ksmbd_vfs_stream_write | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56623 | scsi: qla2xxx: Fix use after free on unload | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56622 | scsi: ufs: core: sysfs: Prevent div by zero | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56617 | cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| msrc_cve-2024-56615 | bpf: fix OOB devmap writes when deleting elements | 2024-12-02T00:00:00.000Z | 2025-03-13T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2014-000014 | Opera browser for Android issue in handling intent scheme URL's | 2014-02-06T12:20+09:00 | 2014-02-10T19:09+09:00 |
| jvndb-2014-000013 | Joyful Note vulnerable to cross-site scripting | 2014-01-31T13:41+09:00 | 2014-02-04T17:38+09:00 |
| jvndb-2014-000011 | Sanshiro Series vulnerable to arbitrary code execution | 2014-01-28T14:48+09:00 | 2014-01-30T14:24+09:00 |
| jvndb-2014-000010 | Multiple SQL injection vulnerabilities in Cybozu Garoon | 2014-01-28T14:40+09:00 | 2014-01-30T14:22+09:00 |
| jvndb-2014-000009 | OpenPNE vulnerable to PHP Object Injection | 2014-01-24T12:36+09:00 | 2014-01-28T18:02+09:00 |
| jvndb-2014-000008 | SimZip (Simple Zip Viewer) vulnerable to directory traversal | 2014-01-24T12:34+09:00 | 2014-01-28T18:03+09:00 |
| jvndb-2014-001203 | A Problem of CPU Consumption in Host Data Collector bundled with Hitachi Device Manager Software | 2014-01-22T18:06+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-000007 | Information disclosure vulnerability in Sleipnir Mobile for Android | 2014-01-22T15:29+09:00 | 2014-01-27T09:47+09:00 |
| jvndb-2014-000006 | EC-CUBE vulnerable to authorization bypass | 2014-01-22T15:28+09:00 | 2024-05-15T14:59+09:00 |
| jvndb-2014-000005 | EC-CUBE vulnerable to information alteration | 2014-01-22T15:27+09:00 | 2014-01-27T09:51+09:00 |
| jvndb-2014-000004 | NeoFiler vulnerable to directory traversal | 2014-01-10T14:44+09:00 | 2014-01-15T12:32+09:00 |
| jvndb-2014-000003 | Security File Manager vulnerable to directory traversal | 2014-01-10T14:42+09:00 | 2014-01-10T14:42+09:00 |
| jvndb-2014-000002 | tetra filer vulnerable to directory traversal | 2014-01-10T14:41+09:00 | 2014-01-10T14:41+09:00 |
| jvndb-2014-000001 | ZIP with Pass vulnerable to directory traversal | 2014-01-10T14:34+09:00 | 2014-01-10T14:34+09:00 |
| jvndb-2013-000126 | HP Autonomy Ultraseek vulnerable to cross-site scripting | 2013-12-26T12:32+09:00 | 2013-12-26T12:32+09:00 |
| jvndb-2013-005669 | Xml eXternal Entity Vulnerability in Hitachi Cosminexus | 2013-12-25T19:13+09:00 | 2013-12-25T19:13+09:00 |
| jvndb-2013-000125 | Cybozu Garoon Keitai vulnerable to authentication bypass | 2013-12-25T12:22+09:00 | 2014-01-07T16:12+09:00 |
| jvndb-2013-000124 | Cybozu Garoon vulnerable to SQL injection | 2013-12-25T12:21+09:00 | 2014-01-07T19:22+09:00 |
| jvndb-2013-000123 | VMware ESX and ESXi may allow access to arbitrary files | 2013-12-24T15:02+09:00 | 2013-12-25T14:01+09:00 |
| jvndb-2013-000120 | IrfanView vulnerable to buffer overflow | 2013-12-24T15:02+09:00 | 2014-01-07T19:25+09:00 |
| jvndb-2013-000111 | Android OS vulnerable to arbitrary Java method execution | 2013-12-17T13:57+09:00 | 2014-03-05T17:27+09:00 |
| jvndb-2013-000119 | Juniper ScreenOS vulnerable to denial-of-service (DoS) | 2013-12-13T12:23+09:00 | 2013-12-18T15:23+09:00 |
| jvndb-2013-000118 | Cybozu Dezie vulnerable to cross-site scripting | 2013-12-10T14:13+09:00 | 2013-12-18T14:51+09:00 |
| jvndb-2013-000117 | Cybozu Garoon vulnerable to session fixation | 2013-12-03T13:51+09:00 | 2013-12-06T10:52+09:00 |
| jvndb-2013-000116 | Cybozu Garoon vulnerable to mail header injection | 2013-12-03T13:49+09:00 | 2013-12-06T10:50+09:00 |
| jvndb-2013-000115 | Cybozu Garoon vulnerable to denial-of-service (DoS) | 2013-12-03T13:46+09:00 | 2013-12-06T10:48+09:00 |
| jvndb-2013-000114 | Cybozu Garoon vulnerable to SQL injection | 2013-12-03T13:45+09:00 | 2013-12-06T10:47+09:00 |
| jvndb-2013-000113 | Multiple cross-site scripting vulnerabilities in Cybozu Garoon | 2013-12-03T13:37+09:00 | 2013-12-06T10:42+09:00 |
| jvndb-2013-000112 | TOWN (modified version) vulnerable to directory traversal | 2013-11-29T14:23+09:00 | 2013-12-06T10:38+09:00 |
| jvndb-2013-005262 | Buffer Overflow Vulnerability in the log function of Interstage HTTP Server | 2013-11-28T16:38+09:00 | 2013-12-18T16:16+09:00 |
| ID | Description | Updated |
|---|