Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-fmw9-c6hw-79vg | A weakness has been identified in D-Link DAP-2695 2.00RC13. The affected element is the function su… | 2025-10-27T18:31:11Z | 2025-10-27T18:31:11Z |
| ghsa-5w58-vmv5-p957 | Nagios Fusion v2024R1.2 and v2024R2 does not invalidate already existing session tokens when the tw… | 2025-10-27T18:31:11Z | 2025-10-27T21:30:26Z |
| ghsa-2rcq-28xm-f7jp | A vulnerability was detected in atjiu pybbs up to 6.0.0. This affects an unknown function of the fi… | 2025-10-27T18:31:11Z | 2025-10-27T18:31:12Z |
| ghsa-r6fg-m2vv-9gfg | A security flaw has been discovered in SourceCodester Point of Sales 1.0. Impacted is an unknown fu… | 2025-10-27T18:31:10Z | 2025-10-27T18:31:10Z |
| ghsa-m758-qjqv-m6pc | A vulnerability was identified in SourceCodester Point of Sales 1.0. This issue affects some unknow… | 2025-10-27T18:31:10Z | 2025-10-27T18:31:10Z |
| ghsa-gw88-wf4r-9cfj | A vulnerability was found in ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System up to 1.1… | 2025-10-27T18:31:10Z | 2025-10-27T18:31:10Z |
| ghsa-fp45-49fj-v563 | A vulnerability was determined in SourceCodester Point of Sales 1.0. This vulnerability affects unk… | 2025-10-27T18:31:10Z | 2025-10-27T18:31:10Z |
| ghsa-f8r7-6gm2-hh64 | A lack of rate limiting in the OTP verification component of Nagios Fusion v2024R1.2 and v2024R2 al… | 2025-10-27T18:31:10Z | 2025-10-27T18:31:10Z |
| ghsa-9w74-q55j-hgpp | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2025-10-27T18:31:10Z | 2025-10-30T15:32:22Z |
| ghsa-7fgg-wm6h-3j8p | AhnLab EPP 1.0.15 is vulnerable to SQL Injection via the "preview parameter." | 2025-10-27T18:31:10Z | 2025-10-27T21:30:26Z |
| ghsa-359c-qvwm-hgjp | Incorrect access control in the REST API endpoint of HubSpot v1.29441 allows unauthenticated attack… | 2025-10-27T18:31:10Z | 2025-10-27T21:30:26Z |
| ghsa-hq76-6gh2-5g4q | Constellation has insecure LUKS2 persistent storage partitions which may be opened and used | 2025-10-27T16:20:25Z | 2025-10-27T22:31:49Z |
| ghsa-rprr-3qm3-qh88 | StarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a hardcoded AES key which al… | 2025-10-27T15:30:43Z | 2025-10-27T21:30:26Z |
| ghsa-rj69-qp3g-r76j | Improper handling of OTP/TOTP/HOTP values in NetKnights GmbH privacyIDEA Authenticator v.4.3.0 on A… | 2025-10-27T15:30:43Z | 2025-10-27T18:31:10Z |
| ghsa-hg9g-9mr2-cpv6 | IBM OpenPages 9.1 and 9.0 is vulnerable to HTML injection. A remotely authenticated attacker could … | 2025-10-27T15:30:43Z | 2025-10-27T15:30:43Z |
| ghsa-5mcm-pj54-864c | A flaw has been found in Sui Shang Information Technology Suishang Enterprise-Level B2B2C Multi-Use… | 2025-10-27T15:30:43Z | 2025-10-27T15:30:43Z |
| ghsa-5j49-q8fx-ph3m | Rox, the software running BeWelcome, contains a PHP object injection vulnerability resulting from d… | 2025-10-27T15:30:43Z | 2025-10-27T18:31:09Z |
| ghsa-xrjw-pqg4-p22x | A security vulnerability has been detected in Bdtask Wholesale Inventory Control and Inventory Mana… | 2025-10-27T15:30:42Z | 2025-10-27T15:30:42Z |
| ghsa-x2w5-644h-c9p2 | A security flaw has been discovered in code-projects Client Details System 1.0. The impacted elemen… | 2025-10-27T15:30:42Z | 2025-10-27T15:30:42Z |
| ghsa-qpr3-rq65-76fj | An issue in the Web Configuration module of Startcharge Artemis AC Charger 7-22 kW v1.0.4 allows au… | 2025-10-27T15:30:42Z | 2025-10-27T18:31:09Z |
| ghsa-qc6x-m39q-wg7q | A vulnerability has been found in Sui Shang Information Technology Suishang Enterprise-Level B2B2C … | 2025-10-27T15:30:42Z | 2025-10-27T15:30:43Z |
| ghsa-pcpf-m9xc-438x | Cross-site scripting (XSS) vulnerability in the SAML Authentication module in OpenVPN Access Server… | 2025-10-27T15:30:42Z | 2025-10-30T21:30:45Z |
| ghsa-p682-3c89-vwfr | An issue in MikroTik RouterOS v.7.14.2 and SwitchOS v.2.18 allows a remote attacker to execute arbi… | 2025-10-27T15:30:42Z | 2025-10-27T18:31:09Z |
| ghsa-m3r7-hp4v-q24g | Reachable Assertion vulnerability in Open5GS up to version 2.7.5 allows attackers with connectivity… | 2025-10-27T15:30:42Z | 2025-10-29T12:30:25Z |
| ghsa-h7m5-vjwp-2jfx | Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless m… | 2025-10-27T15:30:42Z | 2025-10-27T15:30:42Z |
| ghsa-fxp8-rpp4-78jr | A vulnerability was identified in code-projects Client Details System 1.0. The affected element is … | 2025-10-27T15:30:42Z | 2025-10-27T15:30:42Z |
| ghsa-fwc5-xhrg-wx5f | A weakness has been identified in VeePN up to 1.6.2. This affects an unknown function of the file C… | 2025-10-27T15:30:42Z | 2025-10-27T15:30:42Z |
| ghsa-f93c-g7j4-xh4v | StarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a stack overflow via the cgi… | 2025-10-27T15:30:42Z | 2025-10-30T15:32:22Z |
| ghsa-c9m6-h899-pcgw | A vulnerability was found in code-projects Client Details System 1.0. This issue affects some unkno… | 2025-10-27T15:30:42Z | 2025-10-27T15:30:42Z |
| ghsa-9959-fxcg-v2wc | A vulnerability has been found in code-projects Client Details System 1.0. This vulnerability affec… | 2025-10-27T15:30:42Z | 2025-10-27T15:30:42Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-12363 | 10 (v4.0) | Email Password Disclosure |
Azure Access Technology |
BLU-IC2 |
2025-10-27T18:04:44.909Z | 2025-10-27T18:21:58.672Z |
| cve-2025-12303 | PHPGurukul Curfew e-Pass Management System admin-profi… |
PHPGurukul |
Curfew e-Pass Management System |
2025-10-27T18:02:11.761Z | 2025-10-27T18:50:39.152Z | |
| cve-2025-12302 | code-projects Simple Food Ordering System editproduct.… |
code-projects |
Simple Food Ordering System |
2025-10-27T18:02:06.307Z | 2025-10-27T19:06:09.730Z | |
| cve-2025-12301 | code-projects Simple Food Ordering System editproduct.… |
code-projects |
Simple Food Ordering System |
2025-10-27T17:32:08.574Z | 2025-10-27T19:07:17.223Z | |
| cve-2025-12300 | code-projects Simple Food Ordering System addcategory.… |
code-projects |
Simple Food Ordering System |
2025-10-27T17:32:05.932Z | 2025-10-27T20:34:02.804Z | |
| cve-2025-61795 | Apache Tomcat: Delayed cleaning of multi-part upload t… |
Apache Software Foundation |
Apache Tomcat |
2025-10-27T17:30:28.334Z | 2025-11-04T21:14:10.512Z | |
| cve-2025-55752 | Apache Tomcat: Directory traversal via rewrite with po… |
Apache Software Foundation |
Apache Tomcat |
2025-10-27T17:29:56.060Z | 2025-11-10T21:38:09.790Z | |
| cve-2025-55754 | Apache Tomcat: console manipulation via escape sequenc… |
Apache Software Foundation |
Apache Tomcat |
2025-10-27T17:29:50.756Z | 2025-11-04T21:13:16.888Z | |
| cve-2025-12299 | code-projects Simple Food Ordering System addproduct.p… |
code-projects |
Simple Food Ordering System |
2025-10-27T17:02:09.143Z | 2025-10-27T17:20:34.973Z | |
| cve-2025-12298 | code-projects Simple Food Ordering System editcategory… |
code-projects |
Simple Food Ordering System |
2025-10-27T17:02:06.443Z | 2025-10-27T17:23:52.692Z | |
| cve-2025-12297 | atjiu pybbs UserApiController.java information disclosure |
atjiu |
pybbs |
2025-10-27T16:32:14.311Z | 2025-10-27T17:26:20.100Z | |
| cve-2025-12296 | D-Link DAP-2695 Firmware Update sub_4174B0 os command … |
D-Link |
DAP-2695 |
2025-10-27T16:32:09.223Z | 2025-10-30T14:17:17.330Z | |
| cve-2025-12295 | D-Link DAP-2695 Firmware Update sub_40C6B8 signature v… |
D-Link |
DAP-2695 |
2025-10-27T16:32:06.340Z | 2025-10-27T17:44:26.651Z | |
| cve-2025-12294 | SourceCodester Point of Sales delete_category.php sql … |
SourceCodester |
Point of Sales |
2025-10-27T16:02:10.885Z | 2025-10-27T20:31:41.606Z | |
| cve-2025-12293 | SourceCodester Point of Sales category.php sql injection |
SourceCodester |
Point of Sales |
2025-10-27T16:02:07.688Z | 2025-10-27T20:31:16.208Z | |
| cve-2025-12292 | SourceCodester Point of Sales index.php sql injection |
SourceCodester |
Point of Sales |
2025-10-27T15:32:09.216Z | 2025-10-30T14:16:59.817Z | |
| cve-2025-12291 | ashymuzuro Full-Ecommece-Website/Muzuro Ecommerce Syst… |
ashymuzuro |
Full-Ecommece-Website |
2025-10-27T15:32:05.824Z | 2025-10-30T14:16:42.162Z | |
| cve-2025-34133 | 7 (v4.0) | Wimi Teamwork < v7.38.17 CSRF |
Cloud Solutions SAS |
Wimi Teamwork |
2025-10-27T15:13:06.704Z | 2025-10-27T15:32:02.819Z |
| cve-2025-10023 | 6.2 (v3.1) | A user with elevated privileges can inject XSS in the … |
Centreon |
Infra Monitoring |
2025-10-27T15:07:21.621Z | 2025-10-30T13:48:16.904Z |
| cve-2025-12351 | 6.8 (v3.1) | Inadequate access control measure allows unauthorized … |
Honeywell |
S35 3M/5M/8M/Pinhole/Kit Camera |
2025-10-27T15:03:57.602Z | 2025-10-27T16:04:11.466Z |
| cve-2025-12290 | Sui Shang Information Technology Suishang Enterprise-L… |
Sui Shang Information Technology |
Suishang Enterprise-Level B2B2C Multi-User Mall System |
2025-10-27T15:02:08.700Z | 2025-10-27T15:55:50.999Z | |
| cve-2025-12289 | Sui Shang Information Technology Suishang Enterprise-L… |
Sui Shang Information Technology |
Suishang Enterprise-Level B2B2C Multi-User Mall System |
2025-10-27T15:02:05.980Z | 2025-10-27T15:55:56.418Z | |
| cve-2025-36121 | 5.4 (v3.1) | HTML Injection Vulnerability in a Specific URL Endpoin… |
IBM |
OpenPages |
2025-10-27T14:56:07.466Z | 2025-10-27T18:51:26.399Z |
| cve-2025-26862 | 0 (v4.0) | PingFederate unexpected browser flow initiation in red… |
Ping Identity |
PingFederate |
2025-10-27T14:39:41.284Z | 2025-10-27T14:48:11.544Z |
| cve-2025-34292 | 9.4 (v4.0) | BeWelcome/Rox PHP Object Injection RCE |
BeWelcome |
Rox |
2025-10-27T14:36:52.888Z | 2025-10-27T21:09:42.910Z |
| cve-2025-12288 | Bdtask Pharmacy Management System User Profile edit_us… |
Bdtask |
Pharmacy Management System |
2025-10-27T14:32:09.211Z | 2025-10-30T14:16:30.330Z | |
| cve-2025-12287 | Bdtask Wholesale Inventory Control and Inventory Manag… |
Bdtask |
Wholesale Inventory Control and Inventory Management System |
2025-10-27T14:32:06.663Z | 2025-10-27T14:32:06.663Z | |
| cve-2025-12286 | VeePN AVService avservice.exe unquoted search path |
n/a |
VeePN |
2025-10-27T14:02:08.168Z | 2025-10-27T14:02:08.168Z | |
| cve-2025-12283 | code-projects Client Details System authorization |
code-projects |
Client Details System |
2025-10-27T14:02:05.718Z | 2025-10-27T14:02:05.718Z | |
| cve-2025-9164 | 8.8 (v4.0) | Multiple DLL Search Order Hijacking Vulnerabilities in… |
Docker |
Docker Desktop |
2025-10-27T13:53:40.216Z | 2025-10-28T03:56:02.643Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-62779 | Frappe Learning users were able to add HTML through in… |
frappe |
lms |
2025-10-27T21:19:03.978Z | 2025-10-28T15:17:15.768Z | |
| cve-2025-62778 | Frappe Learning allowed students to access the Quiz F… |
frappe |
lms |
2025-10-27T21:16:06.220Z | 2025-10-28T13:38:07.740Z | |
| cve-2025-62261 | 6.9 (v4.0) | Liferay Portal 7.4.0 through 7.4.3.99, and older … |
Liferay |
Portal |
2025-10-27T21:11:46.893Z | 2025-10-28T14:27:47.375Z |
| cve-2025-62260 | 7.1 (v4.0) | Liferay Portal 7.4.0 through 7.4.3.99, and Lifera… |
Liferay |
Portal |
2025-10-27T21:44:08.185Z | 2025-10-28T15:01:26.622Z |
| cve-2025-12331 | Willow CMS add unrestricted upload |
Willow |
CMS |
2025-10-27T22:02:08.240Z | 2025-10-28T19:47:11.849Z | |
| cve-2025-12330 | Willow CMS Add Post add cross site scripting |
Willow |
CMS |
2025-10-27T22:02:05.611Z | 2025-10-28T19:46:06.033Z | |
| cve-2025-12329 | shawon100 RUET OJ details.php sql injection |
shawon100 |
RUET OJ |
2025-10-27T21:32:07.288Z | 2025-10-28T15:02:27.795Z | |
| cve-2025-12328 | shawon100 RUET OJ contestproblem.php sql injection |
shawon100 |
RUET OJ |
2025-10-27T21:32:05.306Z | 2025-10-28T15:03:29.607Z | |
| cve-2025-62784 | InventoryGui allows item duplication in GUIs which use… |
Phoenix616 |
InventoryGui |
2025-10-27T20:59:22.085Z | 2025-10-28T14:32:11.543Z | |
| cve-2025-62783 | InventoryGui affected by item duplication in GUIs whic… |
Phoenix616 |
InventoryGui |
2025-10-27T20:54:36.254Z | 2025-10-28T14:32:27.050Z | |
| cve-2025-62782 | InventoryGUI vulnerable to item duplication via Bundle… |
Phoenix616 |
InventoryGui |
2025-10-27T20:50:07.579Z | 2025-10-28T14:33:18.973Z | |
| cve-2025-62725 | Docker Compose Vulnerable to Path Traversal via OCI Ar… |
docker |
compose |
2025-10-27T20:37:32.340Z | 2025-10-28T14:47:42.196Z | |
| cve-2025-62524 | PILOS Exposes PHP version |
THM-Health |
PILOS |
2025-10-27T20:18:42.366Z | 2025-10-27T20:39:26.086Z | |
| cve-2025-62523 | PILOS Misconfigured the Access-Control-Allow-Origin Header |
THM-Health |
PILOS |
2025-10-27T20:10:51.351Z | 2025-10-27T20:38:52.301Z | |
| cve-2025-62262 | 4.6 (v4.0) | Information exposure through log file vulnerabili… |
Liferay |
Portal |
2025-10-27T20:39:23.416Z | 2025-10-28T14:41:31.296Z |
| cve-2025-12327 | shawon100 RUET OJ description.php sql injection |
shawon100 |
RUET OJ |
2025-10-27T21:02:07.613Z | 2025-10-28T14:28:35.791Z | |
| cve-2025-12326 | shawon100 RUET OJ POST Request process.php sql injection |
shawon100 |
RUET OJ |
2025-10-27T21:02:05.555Z | 2025-10-28T14:28:59.114Z | |
| cve-2025-12325 | SourceCodester Best Salon Management System forgot-pas… |
SourceCodester |
Best Salon Management System |
2025-10-27T20:32:12.484Z | 2025-10-28T14:49:25.142Z | |
| cve-2025-12322 | Tenda CH22 NatStaticSetting fromNatStaticSetting buffe… |
Tenda |
CH22 |
2025-10-27T20:32:09.364Z | 2025-10-28T14:50:06.689Z | |
| cve-2025-12316 | code-projects Courier Management System edit-courier.p… |
code-projects |
Courier Management System |
2025-10-27T20:32:05.320Z | 2025-10-28T14:50:43.387Z | |
| cve-2025-62594 | ImageMagick CLAHE : Unsigned underflow and division-by… |
ImageMagick |
ImageMagick |
2025-10-27T20:00:33.205Z | 2025-10-27T20:23:20.526Z | |
| cve-2025-62516 | N/A | {'rejectedReasons': [{'lang': 'en', 'value': 'Further research determined the issue is not a vulnerability.'}], 'providerMetadata': {'orgId': 'a0819718-46f1-4df5-94e2-005712e83aaa', 'shortName': 'GitHub_M', 'dateUpdated': '2025-10-29T17:21:39.746Z'}} | N/A | N/A | 2025-10-27T19:46:32.122Z | 2025-10-29T17:21:39.746Z |
| cve-2025-62263 | 4.8 (v4.0) | Multiple cross-site scripting (XSS) vulnerabiliti… |
Liferay |
Portal |
2025-10-27T19:38:44.073Z | 2025-10-27T20:24:49.578Z |
| cve-2025-61105 | N/A | FRRouting/frr from v4.0 through v10.4.1 was disco… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-28T17:07:38.582Z |
| cve-2025-61102 | N/A | FRRouting/frr from v4.0 through v10.4.1 was disco… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-28T17:05:18.373Z |
| cve-2025-61101 | N/A | FRRouting/frr from v4.0 through v10.4.1 was disco… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-28T17:06:21.400Z |
| cve-2025-59151 | Pi-hole Admin Interface vulnerable to HTTP response he… |
pi-hole |
web |
2025-10-27T19:42:59.596Z | 2025-10-27T20:24:05.879Z | |
| cve-2025-58356 | Constellation allows insecure use of LUKS2 persistent … |
edgelesssys |
constellation |
2025-10-27T19:33:23.969Z | 2025-10-27T19:44:45.350Z | |
| cve-2025-12315 | code-projects Food Ordering System menu.php sql injection |
code-projects |
Food Ordering System |
2025-10-27T20:02:12.148Z | 2025-10-30T15:01:14.577Z | |
| cve-2025-12314 | code-projects Food Ordering System deleteitem.php sql … |
code-projects |
Food Ordering System |
2025-10-27T20:02:09.659Z | 2025-10-28T06:28:30.719Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-188012 | Malicious code in meteor-betelgeuse-eigenstate-cladistics (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188011 | Malicious code in meteor-australis-filament-andromeda (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188010 | Malicious code in metalsmith-xanthus-react-bootstrap-sequelize (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188009 | Malicious code in metalsmith-postcss-loader-magellan-test (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188008 | Malicious code in metalsmith-json-husky-dotenv-safe (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188007 | Malicious code in metalsmith-ganymede-gravitationalwave-biogeochemistry (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188006 | Malicious code in metalsmith-eslint-plugin-proxima-update (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188005 | Malicious code in metalsmith-antares-barnard-yildun (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188004 | Malicious code in metabolomics-steganography-palynology-deneb (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188003 | Malicious code in metabolomics-octans-soap-membrane (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188002 | Malicious code in metabolomics-cross-env-antares-run-script (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188001 | Malicious code in meta-monitor-info-import-final (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-188000 | Malicious code in meta-load-thread-grep-decompress (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187999 | Malicious code in meta-grep-stack-serialize-authenticate (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187998 | Malicious code in meta-fire-validate-refactor-cache (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187997 | Malicious code in meta-code-debug-key-old (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187996 | Malicious code in meta-boolean-analyze-decode-cloud (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187995 | Malicious code in mesosphere-query-dynamo-uranology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187994 | Malicious code in mesosphere-private-farout-boson (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187993 | Malicious code in mesosphere-planckscale-quark-promise (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187992 | Malicious code in mesosphere-nanotechnology-got-scorpius (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187991 | Malicious code in mesosphere-kinetic-ignite-tectonic (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187990 | Malicious code in mesosphere-jupiter-sirius-spinner (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187989 | Malicious code in mesosphere-innercore-transport-proteomics (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187988 | Malicious code in mesosphere-genomics-oscillation-mechatronics (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187987 | Malicious code in mesosphere-exobiology-sedna-baryon (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187986 | Malicious code in mesosphere-chai-hermes-eris (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187985 | Malicious code in mesosphere-bootes-primatology-levels (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187984 | Malicious code in mesosphere-achernar-paleontology-deneb (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187983 | Malicious code in mensa-subscription-antares-csv (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhea-2025:2419 | Red Hat Enhancement Advisory: microcode_ctl bug fix and enhancement update | 2025-03-06T00:16:56+00:00 | 2025-11-06T21:39:28+00:00 |
| rhsa-2025:2416 | Red Hat Security Advisory: Streams for Apache Kafka 2.9.0 release and security update | 2025-03-05T20:59:06+00:00 | 2025-11-11T17:10:35+00:00 |
| rhsa-2025:2415 | Red Hat Security Advisory: Red Hat Insights for Runtimes security update | 2025-03-05T20:41:26+00:00 | 2025-11-14T11:39:15+00:00 |
| rhsa-2025:2399 | Red Hat Security Advisory: Satellite 6.16.3 Async Update | 2025-03-05T14:29:44+00:00 | 2025-11-14T11:18:42+00:00 |
| rhsa-2025:1985 | Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.9.12 | 2025-03-05T13:15:01+00:00 | 2025-11-08T07:13:29+00:00 |
| rhsa-2025:2359 | Red Hat Security Advisory: firefox security update | 2025-03-05T11:27:39+00:00 | 2025-11-06T23:24:12+00:00 |
| rhsa-2025:2270 | Red Hat Security Advisory: kernel security update | 2025-03-05T02:49:03+00:00 | 2025-11-07T15:42:49+00:00 |
| rhsa-2025:1908 | Red Hat Security Advisory: OpenShift Container Platform 4.18.2 packages and security update | 2025-03-04T17:29:22+00:00 | 2025-11-14T01:34:12+00:00 |
| rhsa-2025:2223 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 Openshift Jenkins security update | 2025-03-04T14:40:23+00:00 | 2025-11-16T03:22:41+00:00 |
| rhsa-2025:2221 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 Openshift Jenkins security update | 2025-03-04T14:39:57+00:00 | 2025-11-11T16:11:10+00:00 |
| rhsa-2025:2220 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.15 Openshift Jenkins security update | 2025-03-04T14:39:42+00:00 | 2025-11-11T16:11:09+00:00 |
| rhsa-2025:2218 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.17 Openshift Jenkins security update | 2025-03-04T14:38:57+00:00 | 2025-11-11T16:11:07+00:00 |
| rhsa-2025:2222 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.13 Openshift Jenkins security update | 2025-03-04T14:20:47+00:00 | 2025-11-11T16:11:13+00:00 |
| rhsa-2025:2219 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.16 Openshift Jenkins security update | 2025-03-04T14:19:22+00:00 | 2025-11-11T16:11:07+00:00 |
| rhsa-2025:2195 | Red Hat Security Advisory: emacs security update | 2025-03-04T08:01:31+00:00 | 2025-11-06T23:24:12+00:00 |
| rhsa-2025:2157 | Red Hat Security Advisory: emacs security update | 2025-03-03T17:44:51+00:00 | 2025-11-06T23:24:12+00:00 |
| rhsa-2025:2130 | Red Hat Security Advisory: emacs security update | 2025-03-03T16:37:24+00:00 | 2025-11-06T23:24:11+00:00 |
| rhsa-2025:2125 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-03-03T15:53:14+00:00 | 2025-11-06T22:35:30+00:00 |
| rhsa-2025:2126 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-03-03T15:44:09+00:00 | 2025-11-06T22:35:30+00:00 |
| rhsa-2025:2121 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-03-03T14:31:44+00:00 | 2025-11-06T22:35:30+00:00 |
| rhsa-2025:2067 | Red Hat Security Advisory: Red Hat Build of Apache Camel 4.8 for Quarkus 3.15 update is now available (RHBQ 3.15.3.SP1) | 2025-03-03T13:23:22+00:00 | 2025-11-11T16:10:57+00:00 |
| rhsa-2025:2034 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-03-03T12:39:23+00:00 | 2025-11-06T22:35:28+00:00 |
| rhsa-2025:2035 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-03-03T12:34:58+00:00 | 2025-11-06T22:35:28+00:00 |
| rhsa-2025:2029 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.6 security update | 2025-03-03T11:12:03+00:00 | 2025-11-11T16:05:03+00:00 |
| rhsa-2025:2026 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.6 security update | 2025-03-03T11:06:28+00:00 | 2025-11-11T16:05:03+00:00 |
| rhsa-2025:2025 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.6 security update | 2025-03-03T11:06:08+00:00 | 2025-11-11T16:05:02+00:00 |
| rhsa-2025:2022 | Red Hat Security Advisory: emacs security update | 2025-03-03T11:05:33+00:00 | 2025-11-06T23:24:11+00:00 |
| rhsa-2025:1962 | Red Hat Security Advisory: emacs security update | 2025-03-03T01:51:27+00:00 | 2025-11-06T23:24:04+00:00 |
| rhsa-2025:1964 | Red Hat Security Advisory: emacs security update | 2025-03-03T01:48:47+00:00 | 2025-11-06T23:24:05+00:00 |
| rhsa-2025:1963 | Red Hat Security Advisory: emacs security update | 2025-03-03T01:48:47+00:00 | 2025-11-06T23:24:05+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2024-9675 | Buildah: buildah allows arbitrary directory mount | 2024-10-01T07:00:00.000Z | 2025-09-03T22:41:10.000Z |
| msrc_cve-2024-9632 | Xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability | 2024-10-01T07:00:00.000Z | 2024-11-26T00:00:00.000Z |
| msrc_cve-2024-9407 | Buildah: podman: improper input validation in bind-propagation option of dockerfile run --mount instruction | 2024-10-01T07:00:00.000Z | 2025-09-03T22:02:59.000Z |
| msrc_cve-2024-9355 | Golang-fips: golang fips zeroed buffer | 2024-10-01T07:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2024-9341 | Podman: buildah: cri-o: fips crypto-policy directory mounting issue in containers/common go library | 2024-10-01T07:00:00.000Z | 2025-09-03T20:56:05.000Z |
| msrc_cve-2024-9287 | Virtual environment (venv) activation scripts don't quote paths | 2024-10-01T07:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2024-9143 | Low-level invalid GF(2^m) parameters lead to OOB memory access | 2024-10-01T07:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2024-9026 | PHP-FPM logs from children may be altered | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-8927 | cgi.force_redirect configuration is bypassable due to the environment variable collision | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-8926 | PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass) | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-8925 | Erroneous parsing of multipart form data | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-8508 | Unbounded name compression could lead to Denial of Service | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-7883 | CMSE secure state may leak from stack to floating-point registers | 2024-10-01T07:00:00.000Z | 2025-04-16T00:00:00.000Z |
| msrc_cve-2024-50615 | TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef. | 2024-10-01T07:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2024-50614 | TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef. | 2024-10-01T07:00:00.000Z | 2025-09-03T21:15:17.000Z |
| msrc_cve-2024-50613 | libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close. | 2024-10-01T07:00:00.000Z | 2025-09-03T21:18:22.000Z |
| msrc_cve-2024-50612 | libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read. | 2024-10-01T07:00:00.000Z | 2025-05-05T00:00:00.000Z |
| msrc_cve-2024-50602 | An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. | 2024-10-01T07:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2024-50088 | btrfs: fix uninitialized pointer free in add_inode_ref() | 2024-10-01T07:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-50087 | btrfs: fix uninitialized pointer free on read_alloc_one_name() error | 2024-10-01T07:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-50085 | mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow | 2024-10-01T07:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-50084 | net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test() | 2024-10-01T07:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-50083 | tcp: fix mptcp DSS corruption due to large pmtu xmit | 2024-10-01T07:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-50082 | blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race | 2024-10-01T07:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-50080 | ublk: don't allow user copy for unprivileged device | 2024-10-01T07:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-50078 | Bluetooth: Call iso_exit() on module unload | 2024-10-01T07:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-50077 | Bluetooth: ISO: Fix multiple init when debugfs is disabled | 2024-10-01T07:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-50076 | vt: prevent kernel-infoleak in con_font_get() | 2024-10-01T07:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-50075 | xhci: tegra: fix checked USB2 port number | 2024-10-01T07:00:00.000Z | 2025-01-29T00:00:00.000Z |
| msrc_cve-2024-50073 | tty: n_gsm: Fix use-after-free in gsm_cleanup_mux | 2024-10-01T07:00:00.000Z | 2025-01-29T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2011-000013 | F-Secure Internet Gatekeeper for Linux authentication issue | 2011-02-17T10:27+09:00 | 2011-02-17T10:27+09:00 |
| jvndb-2011-000011 | EC-CUBE vulnerable to cross-site scripting | 2011-02-02T14:54+09:00 | 2011-02-02T14:54+09:00 |
| jvndb-2011-000010 | Opera may insecurely load executable files | 2011-02-02T14:53+09:00 | 2011-02-02T14:53+09:00 |
| jvndb-2011-000009 | MODx Evolution vulnerable to directory traversal | 2011-01-26T15:52+09:00 | 2011-01-26T15:52+09:00 |
| jvndb-2011-000008 | MODx Evolution vulnerable to SQL injection | 2011-01-26T15:46+09:00 | 2011-01-26T15:46+09:00 |
| jvndb-2011-000004 | Lunascape may insecurely load dynamic libraries | 2011-01-21T18:30+09:00 | 2011-01-21T18:30+09:00 |
| jvndb-2011-000007 | Cisco Linksys WRT54GC vulnerable to buffer overflow | 2011-01-21T18:22+09:00 | 2011-01-21T18:22+09:00 |
| jvndb-2011-000006 | Cross-site scripting vulnerability in multiple Rocomotion products | 2011-01-18T17:51+09:00 | 2011-01-18T17:51+09:00 |
| jvndb-2011-000005 | Ruby Version Manager escape sequence injection vulnerability | 2011-01-18T17:49+09:00 | 2011-01-18T17:49+09:00 |
| jvndb-2011-000003 | Aipo vulnerable to SQL injection | 2011-01-13T11:53+09:00 | 2011-01-13T11:53+09:00 |
| jvndb-2011-000002 | SGX-SP Final and SGX-SP Final NE vulnerable to cross-site scripting | 2011-01-13T11:46+09:00 | 2011-01-13T11:46+09:00 |
| jvndb-2011-000001 | Contents-Mall vulnerability in password handling | 2011-01-13T11:41+09:00 | 2011-01-13T11:41+09:00 |
| jvndb-2009-002207 | SquirrelMail vulnerable to cross-site request forgery | 2011-01-07T14:40+09:00 | 2011-01-07T14:40+09:00 |
| jvndb-2007-000398 | SquirrelMail vulnerable to cross-site scripting | 2011-01-07T14:39+09:00 | 2011-01-07T14:39+09:00 |
| jvndb-2010-002529 | Access Control Security Bypass Vulnerability in Interstage Application Server | 2010-12-24T16:25+09:00 | 2010-12-24T16:25+09:00 |
| jvndb-2010-002528 | Buffer Overflow Vulnerability in Hitachi Groupmax Related Products | 2010-12-24T16:22+09:00 | 2010-12-24T16:22+09:00 |
| jvndb-2010-000066 | AttacheCase may insecurely load executable files | 2010-12-17T18:30+09:00 | 2010-12-17T18:30+09:00 |
| jvndb-2010-000065 | Internet Explorer vulnerable to cross-site scripting | 2010-12-15T18:20+09:00 | 2010-12-15T18:20+09:00 |
| jvndb-2010-000064 | Internet Explorer vulnerable to cross-site scripting | 2010-12-15T18:19+09:00 | 2010-12-15T18:19+09:00 |
| jvndb-2010-000063 | Internet Explorer vulnerable to cross-site scripting | 2010-12-15T18:19+09:00 | 2010-12-15T18:19+09:00 |
| jvndb-2010-000062 | Internet Explorer vulnerable to cross-site scripting | 2010-12-15T18:18+09:00 | 2010-12-15T18:18+09:00 |
| jvndb-2010-002468 | EUR Form Client Arbitrary File Execution Vulnerability | 2010-12-14T15:21+09:00 | 2010-12-14T15:21+09:00 |
| jvndb-2010-002467 | Interstage Application Server Information Disclosure Vulnerability | 2010-12-14T15:18+09:00 | 2010-12-14T15:18+09:00 |
| jvndb-2010-000061 | Movable Type vulnerable to SQL injection | 2010-12-08T18:28+09:00 | 2010-12-08T18:28+09:00 |
| jvndb-2010-000060 | Movable Type vulnerable to cross-site scripting | 2010-12-08T18:26+09:00 | 2010-12-08T18:26+09:00 |
| jvndb-2010-000059 | Vulnerability in Epson printer driver installer where access permissions are changed | 2010-12-08T18:25+09:00 | 2010-12-08T18:25+09:00 |
| jvndb-2010-000058 | Clipboard contents alteration vulnerability in Grani | 2010-12-01T20:27+09:00 | 2010-12-01T20:27+09:00 |
| jvndb-2010-000057 | Clipboard contents alteration vulnerability in Sleipnir | 2010-12-01T20:27+09:00 | 2010-12-01T20:27+09:00 |
| jvndb-2010-000056 | Google Chrome information disclosure vulnerability | 2010-11-26T17:32+09:00 | 2010-11-26T17:32+09:00 |
| jvndb-2010-001538 | Safari address bar spoofing vulnerability | 2010-11-26T17:16+09:00 | 2010-12-10T17:48+09:00 |
| ID | Description | Updated |
|---|