Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-rrvr-f37x-r3f9 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-29T06:31:13Z | 2025-10-29T06:31:13Z |
| ghsa-r62f-cx5r-q9jm | The Anti-Malware Security and Brute-Force Firewall plugin for WordPress is vulnerable to Arbitrary … | 2025-10-29T06:31:13Z | 2025-10-29T06:31:13Z |
| ghsa-pw2w-qh66-g5qq | Rejected reason: Not used | 2025-10-29T06:31:13Z | 2025-10-29T06:31:13Z |
| ghsa-h9fv-xmvq-pgf6 | Missing Authorization vulnerability in Facebook Facebook for WooCommerce allows Exploiting Incorrec… | 2025-10-29T06:31:13Z | 2025-10-29T06:31:13Z |
| ghsa-fxrj-3fj6-972h | Rejected reason: Not used | 2025-10-29T06:31:13Z | 2025-10-29T06:31:13Z |
| ghsa-6rh5-xgvr-7x95 | Rejected reason: Not used | 2025-10-29T06:31:13Z | 2025-10-29T06:31:13Z |
| ghsa-hrf6-48c7-hhqf | Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Popup box allows Cross Site Request Forg… | 2025-10-29T06:31:12Z | 2025-10-29T06:31:12Z |
| ghsa-cwrr-22vg-2h79 | Rejected reason: Not used | 2025-10-29T06:31:12Z | 2025-10-29T06:31:12Z |
| ghsa-95w7-mm38-c8mc | Rejected reason: Not used | 2025-10-29T06:31:12Z | 2025-10-29T06:31:12Z |
| ghsa-mj35-jrmp-p9jm | WordPress plugin Contact Form CFDB7 versions up to and including 1.3.2 are affected by a pre-authen… | 2025-10-29T00:30:26Z | 2025-10-29T00:30:26Z |
| ghsa-qh7p-pfq3-677h | Consul event endpoint is vulnerable to denial of service | 2025-10-28T21:30:33Z | 2025-11-05T22:12:37Z |
| ghsa-7g3r-8c6v-hfmr | Consul key/value endpoint is vulnerable to denial of service | 2025-10-28T21:30:33Z | 2025-11-05T22:12:03Z |
| ghsa-62gf-9726-4v22 | An issue was discovered in Dataphone A920 v2025.07.161103. A custom packet based on public document… | 2025-10-28T21:30:33Z | 2025-10-29T15:31:54Z |
| ghsa-2mmx-jx99-8cmf | HP ThinPro 8.1 System management application failed to verify user's true id. HP has released HP Th… | 2025-10-28T21:30:33Z | 2025-10-28T21:30:33Z |
| ghsa-wprm-2272-vjqg | Local Privilege Escalation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . | 2025-10-28T21:30:31Z | 2025-11-07T15:31:26Z |
| ghsa-qc62-mj75-qffr | Privilege Escalation through SUID-bit Binary.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: t… | 2025-10-28T21:30:31Z | 2025-11-07T15:31:26Z |
| ghsa-j24q-5p96-5g77 | Protocol manipulation might lead to denial of service.This issue affects BLU-IC2: through 1.19.5; B… | 2025-10-28T21:30:31Z | 2025-11-07T15:31:26Z |
| ghsa-7f5h-v6xp-fcq8 | Starlette vulnerable to O(n^2) DoS via Range header merging in ``starlette.responses.FileResponse`` | 2025-10-28T20:38:01Z | 2025-11-04T17:40:59Z |
| ghsa-867c-p784-5q6g | PrivateBin is missing HTML sanitization of attached filename in file size hint | 2025-10-28T20:14:09Z | 2025-10-29T14:48:58Z |
| ghsa-v4c2-68g7-mpcf | Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption (issue 2 of 2). | 2025-10-28T18:30:30Z | 2025-10-29T15:31:54Z |
| ghsa-r668-gv5f-w9pf | Vulnerable Upgrade Feature (Arbitrary File Write) may lead to obtaining super user permissions on b… | 2025-10-28T18:30:30Z | 2025-11-07T15:31:26Z |
| ghsa-q7fw-jpjh-xmmm | Incorrect access control in the /jshERP-boot/user/info interface of jshERP up to commit 90c411a all… | 2025-10-28T18:30:30Z | 2025-10-29T18:30:32Z |
| ghsa-q7cx-22m3-64gr | zhangyd-c OneBlog before 2.3.9 was vulnerable to SSTI (Server-Side Template Injection) via FreeMark… | 2025-10-28T18:30:30Z | 2025-10-29T15:31:54Z |
| ghsa-q384-jm53-6758 | A reflected Cross-Site Scripting (XSS) vulnerability has been identified in Clear2Pay Bank Visibili… | 2025-10-28T18:30:30Z | 2025-10-28T21:30:31Z |
| ghsa-9qfv-m6w2-fhch | Hotta Studio GameDriverX64.sys 7.23.4.7, a signed kernel-mode anti-cheat driver, allows local attac… | 2025-10-28T18:30:30Z | 2025-10-29T15:31:54Z |
| ghsa-7684-hq9j-3rmh | Unauthorized modification of arbitrary articles vulnerability exists in blog-vue-springboot. | 2025-10-28T18:30:30Z | 2025-10-29T15:31:54Z |
| ghsa-6wcj-m5m4-hw9r | Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption (issue 1 of 2). | 2025-10-28T18:30:30Z | 2025-10-29T15:31:54Z |
| ghsa-35qg-4gg3-p395 | An issue was discovered in BESSystem BES Application Server thru 9.5.x allowing unauthorized attack… | 2025-10-28T18:30:30Z | 2025-10-29T18:30:32Z |
| ghsa-rhx3-j9rv-vfqm | alexusmai laravel-file-manager 3.3.1 and before allows an authenticated attacker to achieve Remote … | 2025-10-28T18:30:29Z | 2025-10-29T15:31:54Z |
| ghsa-pc3q-39gv-wcg8 | An issue was discovered in Prevx v3.0.5.220 allowing attackers to cause a denial of service via sen… | 2025-10-28T18:30:29Z | 2025-10-29T15:31:54Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-64204 | N/A | WordPress SmartMag theme <= 10.3.1 - Cross Site Script… |
ThemeSphere |
SmartMag |
2025-10-29T08:38:07.091Z | 2025-11-13T10:33:49.303Z |
| cve-2025-64202 | N/A | WordPress Sahifa theme < 5.8.6 - Cross Site Scripting … |
TieLabs |
Sahifa |
2025-10-29T08:38:06.577Z | 2025-11-13T10:33:49.339Z |
| cve-2025-64201 | N/A | WordPress PowerPress Podcasting plugin <= 11.13.12 - C… |
blubrry |
PowerPress Podcasting |
2025-10-29T08:38:06.132Z | 2025-11-13T10:33:49.293Z |
| cve-2025-64200 | N/A | WordPress Email Template Customizer for WooCommerce pl… |
VillaTheme |
Email Template Customizer for WooCommerce |
2025-10-29T08:38:05.654Z | 2025-11-13T10:33:49.274Z |
| cve-2025-64199 | N/A | WordPress wpresidence theme <= 5.3.2 - Broken Access C… |
WpEstate |
wpresidence |
2025-10-29T08:38:05.202Z | 2025-11-13T10:33:49.338Z |
| cve-2025-64197 | N/A | WordPress Rehub theme < 19.9.9.1 - Cross Site Scriptin… |
sizam |
Rehub |
2025-10-29T08:38:04.636Z | 2025-11-13T10:33:49.275Z |
| cve-2025-64195 | N/A | WordPress Eduma theme <= 5.7.6 - Local File Inclusion … |
ThimPress |
Eduma |
2025-10-29T08:38:04.034Z | 2025-11-13T10:33:49.272Z |
| cve-2025-64194 | N/A | WordPress Eduma theme <= 5.7.6 - Cross Site Scripting … |
ThimPress |
Eduma |
2025-10-29T08:38:03.614Z | 2025-11-13T10:33:49.276Z |
| cve-2025-60075 | N/A | WordPress hpb seo plugin for WordPress plugin <= 3.0.1… |
Allegro Marketing |
hpb seo plugin for WordPress |
2025-10-29T08:38:03.170Z | 2025-11-13T10:33:44.617Z |
| cve-2025-58939 | N/A | WordPress Super Store Finder plugin <= 7.5 - Cross Sit… |
highwarden |
Super Store Finder |
2025-10-29T08:38:02.625Z | 2025-11-13T10:33:42.959Z |
| cve-2025-58711 | N/A | WordPress Blog Designer PRO plugin <= 3.4.8 - Broken A… |
solwin |
Blog Designer PRO |
2025-10-29T08:38:01.894Z | 2025-11-13T10:33:42.794Z |
| cve-2025-11702 | 8.5 (v3.1) | Missing Authorization in GitLab |
GitLab |
GitLab |
2025-10-29T07:04:52.286Z | 2025-10-30T03:56:00.997Z |
| cve-2023-7320 | WooCommerce <= 7.8.2 - Sensitive Information Exposure |
automattic |
WooCommerce |
2025-10-29T06:45:48.702Z | 2025-10-29T14:19:46.784Z | |
| cve-2025-9544 | N/A | Doppler Forms <= 2.5.1 - Subscriber+ Limited Plugin In… |
Unknown |
Doppler Forms |
2025-10-29T06:00:06.910Z | 2025-10-29T13:51:20.351Z |
| cve-2025-49042 | 5.9 (v3.1) | WordPress WooCommerce plugin <= 10.0.2 - Cross Site Sc… |
Automattic |
WooCommerce |
2025-10-29T04:50:12.507Z | 2025-10-29T13:31:19.805Z |
| cve-2025-62776 | 7.8 (v3.0) 8.4 (v4.0) | The installer of WTW EAGLE (for Windows) 3.0.8.0 … |
Wireless Tsukamoto Co., Ltd. |
WTW EAGLE (for Windows) |
2025-10-29T04:29:44.387Z | 2025-10-29T13:42:33.180Z |
| cve-2025-11705 | Anti-Malware Security and Brute-Force Firewall <= 4.23… |
scheeeli |
Anti-Malware Security and Brute-Force Firewall |
2025-10-29T04:27:11.600Z | 2025-10-29T13:43:07.462Z | |
| cve-2025-64296 | 5.3 (v3.1) | WordPress Facebook for WooCommerce plugin <= 3.5.7 - B… |
Facebook |
Facebook for WooCommerce |
2025-10-29T04:08:45.858Z | 2025-10-29T13:43:42.103Z |
| cve-2025-57931 | 5.3 (v3.1) | WordPress Popup box plugin <= 5.5.4 - Cross Site Reque… |
Ays Pro |
Popup box |
2025-10-29T04:02:09.962Z | 2025-10-29T14:05:13.270Z |
| cve-2025-63622 | N/A | A vulnerability was found in code-projects Online… |
n/a |
n/a |
2025-10-29T00:00:00.000Z | 2025-10-30T14:31:13.651Z |
| cve-2025-61876 | N/A | Insecure Direct Object Reference (IDOR) in /tenan… |
n/a |
n/a |
2025-10-29T00:00:00.000Z | 2025-10-30T14:35:48.145Z |
| cve-2025-61429 | N/A | An issue in NCR Atleos Terminal Manager (ConfigAp… |
n/a |
n/a |
2025-10-29T00:00:00.000Z | 2025-10-29T15:23:35.246Z |
| cve-2025-61234 | N/A | Incorrect access control on Dataphone A920 v2025.… |
n/a |
n/a |
2025-10-29T00:00:00.000Z | 2025-10-30T20:31:01.774Z |
| cve-2025-61161 | N/A | DLL hijacking vulnerability in Evope Collector 1.… |
n/a |
n/a |
2025-10-29T00:00:00.000Z | 2025-10-29T14:24:37.110Z |
| cve-2025-61156 | N/A | Incorrect access control in the kernel driver of … |
n/a |
n/a |
2025-10-29T00:00:00.000Z | 2025-10-30T14:28:08.595Z |
| cve-2025-60898 | N/A | An unauthenticated server-side request forgery (S… |
n/a |
n/a |
2025-10-29T00:00:00.000Z | 2025-10-29T17:23:16.811Z |
| cve-2025-60595 | N/A | SPH Engineering UgCS 5.13.0 is vulnerable to Arbi… |
n/a |
n/a |
2025-10-29T00:00:00.000Z | 2025-10-30T20:29:49.865Z |
| cve-2025-60542 | N/A | SQL Injection vulnerability in TypeORM before 0.3… |
n/a |
n/a |
2025-10-29T00:00:00.000Z | 2025-10-30T20:28:41.544Z |
| cve-2025-60320 | N/A | memoQ 10.1.13.ef1b2b52aae and earlier contains an… |
n/a |
n/a |
2025-10-29T00:00:00.000Z | 2025-10-30T14:40:19.867Z |
| cve-2025-57227 | N/A | An unquoted service path in Kingosoft Technology … |
n/a |
n/a |
2025-10-29T00:00:00.000Z | 2025-10-29T20:31:06.475Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-64139 | N/A | A missing permission check in Jenkins Start Windo… |
Jenkins Project |
Jenkins Start Windocks Containers Plugin |
2025-10-29T13:29:45.114Z | 2025-11-04T21:14:33.120Z |
| cve-2025-64138 | N/A | A cross-site request forgery (CSRF) vulnerability… |
Jenkins Project |
Jenkins Start Windocks Containers Plugin |
2025-10-29T13:29:44.349Z | 2025-11-04T21:14:31.752Z |
| cve-2025-64137 | N/A | A missing permission check in Jenkins Themis Plug… |
Jenkins Project |
Jenkins Themis Plugin |
2025-10-29T13:29:43.669Z | 2025-11-04T21:14:30.356Z |
| cve-2025-64136 | N/A | A cross-site request forgery (CSRF) vulnerability… |
Jenkins Project |
Jenkins Themis Plugin |
2025-10-29T13:29:42.998Z | 2025-11-04T21:14:29.011Z |
| cve-2025-64135 | N/A | Jenkins Eggplant Runner Plugin 0.0.1.301.v963cffe… |
Jenkins Project |
Jenkins Eggplant Runner Plugin |
2025-10-29T13:29:42.358Z | 2025-11-04T21:14:27.669Z |
| cve-2025-64134 | N/A | Jenkins JDepend Plugin 1.3.1 and earlier includes… |
Jenkins Project |
Jenkins JDepend Plugin |
2025-10-29T13:29:41.699Z | 2025-11-04T21:14:26.342Z |
| cve-2025-64133 | N/A | A cross-site request forgery (CSRF) vulnerability… |
Jenkins Project |
Jenkins Extensible Choice Parameter Plugin |
2025-10-29T13:29:41.045Z | 2025-11-04T21:14:25.010Z |
| cve-2025-64132 | N/A | Jenkins MCP Server Plugin 0.84.v50ca_24ef83f2 and… |
Jenkins Project |
Jenkins MCP Server Plugin |
2025-10-29T13:29:40.401Z | 2025-11-04T21:14:23.718Z |
| cve-2025-64131 | N/A | Jenkins SAML Plugin 4.583.vc68232f7018a_ and earl… |
Jenkins Project |
Jenkins SAML Plugin |
2025-10-29T13:29:39.724Z | 2025-11-04T21:14:22.397Z |
| cve-2025-61161 | N/A | DLL hijacking vulnerability in Evope Collector 1.… |
n/a |
n/a |
2025-10-29T00:00:00.000Z | 2025-10-29T14:24:37.110Z |
| cve-2025-40085 | N/A | ALSA: usb-audio: Fix NULL pointer deference in try_to_… |
Linux |
Linux |
2025-10-29T13:37:04.707Z | 2025-10-29T13:37:04.707Z |
| cve-2025-40084 | N/A | ksmbd: transport_ipc: validate payload size before rea… |
Linux |
Linux |
2025-10-29T13:37:03.185Z | 2025-11-03T00:39:28.104Z |
| cve-2025-40083 | N/A | net/sched: sch_qfq: Fix null-deref in agg_dequeue |
Linux |
Linux |
2025-10-29T13:37:01.868Z | 2025-11-02T13:30:42.936Z |
| cve-2024-45162 | N/A | A stack-based buffer overflow issue was discovere… |
n/a |
n/a |
2025-10-29T00:00:00.000Z | 2025-10-29T14:19:18.542Z |
| cve-2024-45161 | N/A | A CSRF issue was discovered in the administrative… |
n/a |
n/a |
2025-10-29T00:00:00.000Z | 2025-10-29T14:29:46.131Z |
| cve-2023-7324 | N/A | scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses |
Linux |
Linux |
2025-10-29T13:46:14.184Z | 2025-10-29T13:46:14.184Z |
| cve-2025-11632 | Call Now Button <= 1.5.4 - Authenticated (Subscriber+)… |
jgrietveld |
Call Now Button – The #1 Click to Call Button for WordPress |
2025-10-29T12:31:51.107Z | 2025-10-29T13:24:38.942Z | |
| cve-2025-11587 | Call Now Button <= 1.5.3 - Missing Authorization to Au… |
jgrietveld |
Call Now Button – The #1 Click to Call Button for WordPress |
2025-10-29T12:31:51.684Z | 2025-10-29T13:21:28.252Z | |
| cve-2025-12142 | 6.9 (v4.0) 6.1 (v3.1) | BSS(Block Started by Symbol) Memory Corruption Vulnerability |
ABB |
Terra AC wallbox |
2025-10-29T12:00:42.236Z | 2025-10-29T13:30:33.090Z |
| cve-2023-39178 | N/A | {'providerMetadata': {'orgId': '92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5', 'shortName': 'fedora', 'dateUpdated': '2025-10-29T11:51:42.603Z'}, 'rejectedReasons': [{'lang': 'en', 'value': 'Duplicate of CVE-2023-52441.'}]} | N/A | N/A | 2025-10-29T11:51:42.603Z | |
| cve-2023-39177 | N/A | {'providerMetadata': {'orgId': '92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5', 'shortName': 'fedora', 'dateUpdated': '2025-10-29T11:51:57.669Z'}, 'rejectedReasons': [{'lang': 'en', 'value': 'Duplicate of CVE-2023-52442.'}]} | N/A | N/A | 2025-10-29T11:51:57.669Z | |
| cve-2025-12461 | 6.9 (v4.0) | Unprotected access to parts of the application in Epsi… |
Grupo Castilla |
Epsilon RH |
2025-10-29T10:51:36.915Z | 2025-10-29T13:33:58.079Z |
| cve-2025-12450 | LiteSpeed Cache <= 7.5.0.1 - Reflected Cross-Site Scripting |
litespeedtech |
LiteSpeed Cache |
2025-10-29T09:27:57.311Z | 2025-10-29T13:59:32.341Z | |
| cve-2015-10147 | Easy Testimonial Slider and Form <= 1.0.2 - Authentica… |
nik00726 |
Easy Testimonial Slider and Form |
2025-10-29T09:27:57.650Z | 2025-10-29T13:54:08.317Z | |
| cve-2015-10146 | Thumbnail Slider With Lightbox <= 1.0.4 - Authenticate… |
nik00726 |
Thumbnail Slider With Lightbox |
2025-10-29T09:27:56.750Z | 2025-10-29T14:05:43.855Z | |
| cve-2025-64291 | N/A | WordPress Premmerce User Roles plugin <= 1.0.13 - Cros… |
Premmerce |
Premmerce User Roles |
2025-10-29T08:38:15.757Z | 2025-11-13T10:33:49.343Z |
| cve-2025-64290 | N/A | WordPress Premmerce Product Search for WooCommerce plu… |
Premmerce |
Premmerce Product Search for WooCommerce |
2025-10-29T08:38:15.299Z | 2025-11-13T10:33:49.409Z |
| cve-2025-64289 | N/A | WordPress Premmerce Product Search for WooCommerce plu… |
Premmerce |
Premmerce Product Search for WooCommerce |
2025-10-29T08:38:14.838Z | 2025-11-13T10:33:49.275Z |
| cve-2025-64288 | N/A | WordPress Premmerce plugin <= 1.3.19 - Cross Site Requ… |
Premmerce |
Premmerce |
2025-10-29T08:38:14.400Z | 2025-11-13T10:33:49.364Z |
| cve-2025-64286 | N/A | WordPress WP Rentals theme <= 3.13.1 - Cross Site Requ… |
WpEstate |
WP Rentals |
2025-10-29T08:38:13.920Z | 2025-11-13T10:33:49.258Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-188281 | Malicious code in nightwatch-aldebaran-stratosphere-bionics (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188280 | Malicious code in nightwatch-abiogenesis-semantic-release-supercluster (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188279 | Malicious code in nightmare-version-levels-mui (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188278 | Malicious code in nightmare-start-meteor-node-sass (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188277 | Malicious code in nightmare-semantic-ui-init-config (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188276 | Malicious code in nightmare-package-quark-cli (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188275 | Malicious code in nightmare-mesosphere-iota-dotenv (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188274 | Malicious code in nightmare-jasmine-janus-prompts (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188273 | Malicious code in nightmare-europa-restart-antares (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188272 | Malicious code in nextjs-weywot-bioinformatics-selenium (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188271 | Malicious code in nextjs-tachyon-apollo-cosmos (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188270 | Malicious code in nextjs-stratigraphy-stratigraphy-oauth (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188269 | Malicious code in nextjs-shelljs-centaurus-singularity (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188268 | Malicious code in nextjs-sagitta-backend-nightwatch (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188267 | Malicious code in nextjs-radiant-proteomics-neptune (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188266 | Malicious code in nextjs-quark-supercluster-nebula (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188265 | Malicious code in nextjs-octans-interferometry-fusion (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188264 | Malicious code in nextjs-html-webpack-plugin-express-gemini (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188263 | Malicious code in nextjs-google-transport-markdownlint (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188262 | Malicious code in nextjs-event-chromedriver-pm2 (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188261 | Malicious code in new-user-static-awk-zeta (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188260 | Malicious code in new-transpile-alpha-log-proxy (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188259 | Malicious code in new-promise-compress-compress-private (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188258 | Malicious code in new-optimize-async-spy-process (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188257 | Malicious code in new-mu-sigma-float-visualize (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188256 | Malicious code in new-decode-process-orchestrate-balance (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188255 | Malicious code in new-alpha-transpile-air-resolve (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188254 | Malicious code in neutronstar-regulus-sqlite-stratosphere (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188253 | Malicious code in neutronstar-quark-dotenv-safe-koa (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188252 | Malicious code in neutronstar-native-dynamo-hydra (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:3629 | Red Hat Security Advisory: gimp security update | 2025-04-07T08:42:21+00:00 | 2025-11-06T23:05:50+00:00 |
| rhsa-2025:3628 | Red Hat Security Advisory: firefox security update | 2025-04-07T08:21:11+00:00 | 2025-11-06T23:15:17+00:00 |
| rhsa-2025:3627 | Red Hat Security Advisory: libxslt security update | 2025-04-07T06:38:36+00:00 | 2025-11-15T00:14:04+00:00 |
| rhsa-2025:3624 | Red Hat Security Advisory: libxslt security update | 2025-04-07T02:23:25+00:00 | 2025-11-06T22:35:47+00:00 |
| rhsa-2025:3625 | Red Hat Security Advisory: libxslt security update | 2025-04-07T02:21:55+00:00 | 2025-11-06T22:35:47+00:00 |
| rhsa-2025:3626 | Red Hat Security Advisory: libxslt security update | 2025-04-07T02:20:05+00:00 | 2025-11-06T22:35:47+00:00 |
| rhsa-2025:3617 | Red Hat Security Advisory: gimp security update | 2025-04-07T02:19:40+00:00 | 2025-11-06T23:05:44+00:00 |
| rhsa-2025:3620 | Red Hat Security Advisory: firefox security update | 2025-04-07T02:18:25+00:00 | 2025-11-06T23:15:16+00:00 |
| rhsa-2025:3621 | Red Hat Security Advisory: firefox security update | 2025-04-07T02:18:05+00:00 | 2025-11-06T23:15:16+00:00 |
| rhsa-2025:3622 | Red Hat Security Advisory: python-jinja2 security update | 2025-04-07T02:17:30+00:00 | 2025-11-13T17:26:58+00:00 |
| rhsa-2025:3623 | Red Hat Security Advisory: firefox security update | 2025-04-07T02:13:45+00:00 | 2025-11-06T23:15:17+00:00 |
| rhsa-2025:3618 | Red Hat Security Advisory: grafana security update | 2025-04-07T02:07:30+00:00 | 2025-11-15T00:11:52+00:00 |
| rhsa-2025:3619 | Red Hat Security Advisory: libxslt security update | 2025-04-07T02:02:05+00:00 | 2025-11-06T22:35:47+00:00 |
| rhsa-2025:3616 | Red Hat Security Advisory: grafana security update | 2025-04-07T01:59:15+00:00 | 2025-11-15T00:11:47+00:00 |
| rhsa-2025:3615 | Red Hat Security Advisory: libxslt security update | 2025-04-07T01:56:15+00:00 | 2025-11-15T00:14:04+00:00 |
| rhsa-2025:3612 | Red Hat Security Advisory: libxslt security update | 2025-04-07T01:38:10+00:00 | 2025-11-06T22:35:45+00:00 |
| rhsa-2025:3614 | Red Hat Security Advisory: libxslt security update | 2025-04-07T01:34:15+00:00 | 2025-11-15T00:14:04+00:00 |
| rhsa-2025:3613 | Red Hat Security Advisory: libxslt security update | 2025-04-07T01:28:16+00:00 | 2025-11-15T00:14:04+00:00 |
| rhsa-2025:3607 | Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.5.1 release | 2025-04-04T13:38:55+00:00 | 2025-11-15T00:11:46+00:00 |
| rhsa-2025:3595 | Red Hat Security Advisory: Red Hat Developer Hub 1.4.3 release. | 2025-04-03T15:16:21+00:00 | 2025-11-13T17:26:56+00:00 |
| rhsa-2025:3593 | Red Hat Security Advisory: opentelemetry-collector security update | 2025-04-03T13:38:52+00:00 | 2025-11-15T00:11:46+00:00 |
| rhsa-2025:3590 | Red Hat Security Advisory: firefox security update | 2025-04-03T10:56:15+00:00 | 2025-11-06T23:15:16+00:00 |
| rhsa-2025:3589 | Red Hat Security Advisory: firefox security update | 2025-04-03T10:48:15+00:00 | 2025-11-06T23:15:16+00:00 |
| rhsa-2025:3588 | Red Hat Security Advisory: python-jinja2 security update | 2025-04-03T10:46:30+00:00 | 2025-11-13T17:26:55+00:00 |
| rhsa-2025:3587 | Red Hat Security Advisory: firefox security update | 2025-04-03T10:41:45+00:00 | 2025-11-06T23:15:15+00:00 |
| rhsa-2025:3582 | Red Hat Security Advisory: firefox security update | 2025-04-03T10:40:50+00:00 | 2025-11-06T23:15:15+00:00 |
| rhsa-2025:3586 | Red Hat Security Advisory: python-jinja2 security update | 2025-04-03T10:38:50+00:00 | 2025-11-13T17:26:55+00:00 |
| rhsa-2025:3585 | Red Hat Security Advisory: python-jinja2 security update | 2025-04-03T10:35:05+00:00 | 2025-11-13T17:26:55+00:00 |
| rhsa-2025:3581 | Red Hat Security Advisory: firefox security update | 2025-04-03T10:10:55+00:00 | 2025-11-06T23:15:15+00:00 |
| rhsa-2025:3580 | Red Hat Security Advisory: python-jinja2 security update | 2025-04-03T09:49:20+00:00 | 2025-11-13T17:26:55+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2024-53154 | clk: clk-apple-nco: Add NULL check in applnco_probe | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53151 | svcrdma: Address an integer overflow | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-53150 | ALSA: usb-audio: Fix out of bounds reads when finding clock sources | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-53147 | exfat: fix out-of-bounds access of directory entries | 2024-12-02T00:00:00.000Z | 2025-09-04T02:13:09.000Z |
| msrc_cve-2024-53146 | NFSD: Prevent a potential integer overflow | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-53145 | um: Fix potential integer overflow during physmem setup | 2024-12-02T00:00:00.000Z | 2025-03-08T00:00:00.000Z |
| msrc_cve-2024-53142 | initramfs: avoid filename buffer overrun | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53141 | netfilter: ipset: add missing range check in bitmap_ip_uadt | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53140 | netlink: terminate outstanding dump on socket close | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53139 | sctp: fix possible UAF in sctp_v6_available() | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53138 | net/mlx5e: kTLS, Fix incorrect page refcounting | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53136 | mm: revert "mm: shmem: fix data-race in shmem_getattr()" | 2024-12-02T00:00:00.000Z | 2025-09-03T19:33:54.000Z |
| msrc_cve-2024-53135 | KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53134 | pmdomain: imx93-blk-ctrl: correct remove path | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53133 | drm/amd/display: Handle dml allocation failure to avoid crash | 2024-12-02T00:00:00.000Z | 2025-09-03T22:25:56.000Z |
| msrc_cve-2024-53131 | nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53130 | nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53129 | drm/rockchip: vop: Fix a dereferenced before check warning | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53128 | sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers | 2024-12-02T00:00:00.000Z | 2025-09-03T19:49:09.000Z |
| msrc_cve-2024-53127 | Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53126 | vdpa: solidrun: Fix UB bug with devres | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53124 | net: fix data-races around sk->sk_forward_alloc | 2024-12-02T00:00:00.000Z | 2025-09-03T19:40:44.000Z |
| msrc_cve-2024-53123 | mptcp: error out earlier on disconnect | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53122 | mptcp: cope racing subflow creation in mptcp_rcv_space_adjust | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53121 | net/mlx5: fs, lock FTE when checking if active | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53120 | net/mlx5e: CT: Fix null-ptr-deref in add rule err flow | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53119 | virtio/vsock: Fix accept_queue memory leak | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53114 | x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client | 2024-12-02T00:00:00.000Z | 2025-09-03T22:37:30.000Z |
| msrc_cve-2024-53113 | mm: fix NULL pointer dereference in alloc_pages_bulk_noprof | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-53112 | ocfs2: uncache inode which has failed entering the group | 2024-12-02T00:00:00.000Z | 2025-01-29T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2013-000032 | Sleipnir for Windows vulnerable to address bar spoofing | 2013-04-11T14:14+09:00 | 2013-04-11T14:14+09:00 |
| jvndb-2013-000031 | Active! mail vulnerable to information disclosure | 2013-04-04T14:43+09:00 | 2013-06-25T18:30+09:00 |
| jvndb-2013-000025 | OpenWnn for Android vulnerable to information disclosure | 2013-03-29T13:58+09:00 | 2013-03-29T13:58+09:00 |
| jvndb-2013-000030 | Lotus Domino vulnerable to denial-of-service (DoS) | 2013-03-28T12:32+09:00 | 2013-03-28T12:32+09:00 |
| jvndb-2013-000028 | OpenWnn/Flick support vulnerable to information disclosure | 2013-03-26T14:55+09:00 | 2013-03-26T14:55+09:00 |
| jvndb-2013-000027 | COBIME vulnerable to information disclosure | 2013-03-26T14:55+09:00 | 2013-03-26T14:55+09:00 |
| jvndb-2013-000029 | Simeji vulnerable to information disclosure | 2013-03-26T14:51+09:00 | 2013-03-26T14:51+09:00 |
| jvndb-2013-000026 | ArtIME Japanese Input vulnerable to information disclosure | 2013-03-26T13:36+09:00 | 2013-03-26T13:36+09:00 |
| jvndb-2013-000024 | Multiple NEC mobile routers vulnerable to cross-site request forgery | 2013-03-19T13:45+09:00 | 2013-06-25T18:19+09:00 |
| jvndb-2013-000023 | VxWorks Web Server vulnerable to denial-of-service (DoS) | 2013-03-18T14:43+09:00 | 2013-06-25T18:15+09:00 |
| jvndb-2013-000022 | VxWorks WebCLI vulnerable to denial-of-service (DoS) | 2013-03-18T14:40+09:00 | 2013-06-25T18:10+09:00 |
| jvndb-2013-000021 | VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability | 2013-03-18T14:38+09:00 | 2013-06-25T18:06+09:00 |
| jvndb-2013-000018 | VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability | 2013-03-18T14:33+09:00 | 2013-06-25T17:54+09:00 |
| jvndb-2013-000019 | VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability | 2013-03-18T14:32+09:00 | 2013-06-25T17:57+09:00 |
| jvndb-2013-000020 | VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability | 2013-03-18T14:30+09:00 | 2013-06-25T18:01+09:00 |
| jvndb-2013-000017 | Multiple Cisco products vulnerable to denial-of-service (DoS) | 2013-03-07T14:13+09:00 | 2013-03-11T16:22+09:00 |
| jvndb-2013-000016 | Kingsoft Writer vulnerable to buffer overflow | 2013-03-01T14:47+09:00 | 2013-03-01T14:47+09:00 |
| jvndb-2013-000014 | dopvSTAR* vulnerable to cross-site scripting | 2013-02-28T13:46+09:00 | 2013-02-28T13:46+09:00 |
| jvndb-2013-000013 | dopvCOMET* vulnerable to cross-site scripting | 2013-02-28T13:37+09:00 | 2013-02-28T13:37+09:00 |
| jvndb-2013-000015 | Multiple JustSystems products vulnerable to arbitrary code execution | 2013-02-26T14:45+09:00 | 2013-02-26T14:45+09:00 |
| jvndb-2013-001605 | Multiple vulnerabilities in Hitachi Tuning Manager and JP1/Performance Management | 2013-02-22T20:09+09:00 | 2013-02-22T20:09+09:00 |
| jvndb-2013-000012 | NEC Universal RAID Utility fails to restrict access permissions | 2013-02-21T13:54+09:00 | 2013-03-01T11:34+09:00 |
| jvndb-2013-000011 | 3DM (3ware Disk Manager) vulnerable to directory traversal | 2013-02-15T14:29+09:00 | 2013-02-15T14:29+09:00 |
| jvndb-2013-000010 | GREE for Android vulnerable to directory traversal | 2013-02-14T14:15+09:00 | 2013-02-14T14:15+09:00 |
| jvndb-2013-000009 | imgboard vulnerable to cross-site scripting | 2013-02-14T14:10+09:00 | 2013-02-14T14:10+09:00 |
| jvndb-2013-001470 | Accela BizSearch Gateway Option for TeamWARE Spoofing Vulnerability | 2013-02-13T16:47+09:00 | 2013-02-13T16:47+09:00 |
| jvndb-2013-001321 | User Authentication Vulnerability in Operational Management Function of Cosminexus | 2013-02-12T14:24+09:00 | 2013-02-12T14:24+09:00 |
| jvndb-2013-000007 | Cybozu Garoon vulnerable to SQL injection | 2013-02-08T13:58+09:00 | 2013-02-08T13:58+09:00 |
| jvndb-2013-000008 | Cybozu Garoon vulnerable to cross-site scripting | 2013-02-08T13:53+09:00 | 2013-02-08T13:53+09:00 |
| jvndb-2013-000006 | mora Downloader may insecurely load executable files | 2013-02-07T14:00+09:00 | 2013-02-07T14:00+09:00 |
| ID | Description | Updated |
|---|