Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-2x59-2w3w-3ccw | A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects an… | 2025-10-27T06:30:28Z | 2025-10-27T06:30:28Z |
| ghsa-2w2q-r6q7-86fg | A vulnerability was found in SourceCodester Best House Rental Management System 1.0. Impacted is th… | 2025-10-27T06:30:28Z | 2025-10-27T06:30:28Z |
| ghsa-fxm8-3753-c2p6 | A security vulnerability has been detected in Tenda O3 1.0.0.10(2478). This vulnerability affects t… | 2025-10-27T06:30:27Z | 2025-10-27T06:30:27Z |
| ghsa-26wj-qjvf-gf89 | A weakness has been identified in Tenda O3 1.0.0.10(2478). This affects the function SetValue/GetVa… | 2025-10-27T06:30:27Z | 2025-10-27T06:30:27Z |
| ghsa-5rcg-7jx4-f3xr | A security flaw has been discovered in Tenda O3 1.0.0.10(2478). Affected by this issue is the funct… | 2025-10-27T06:30:26Z | 2025-10-27T06:30:26Z |
| ghsa-wh86-wjvr-gp4g | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:40Z | 2025-10-27T03:30:40Z |
| ghsa-w4xm-vpx3-v86f | Cross-Site Request Forgery (CSRF) vulnerability in Waituk Entrada theme allows Cross Site Request F… | 2025-10-27T03:30:40Z | 2025-10-27T03:30:40Z |
| ghsa-r4c7-v3m5-mx58 | A vulnerability was found in SourceCodester Best House Rental Management System 1.0. This impacts t… | 2025-10-27T03:30:40Z | 2025-10-27T03:30:40Z |
| ghsa-q7mg-7pgv-5gh9 | A vulnerability was determined in Tenda O3 1.0.0.10(2478). Affected is the function SetValue/GetVal… | 2025-10-27T03:30:40Z | 2025-10-27T03:30:40Z |
| ghsa-c7cc-4r75-qhxm | A vulnerability has been found in Kamailio 5.5. This affects the function yyerror_at of the file sr… | 2025-10-27T03:30:40Z | 2025-11-05T00:31:30Z |
| ghsa-4m9p-ff32-46w8 | A vulnerability was identified in Tenda O3 1.0.0.10(2478). Affected by this vulnerability is the fu… | 2025-10-27T03:30:40Z | 2025-10-27T03:30:40Z |
| ghsa-xwq4-m3ff-5w2g | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:39Z | 2025-11-13T12:31:32Z |
| ghsa-xvj8-fgfh-f3gx | Server-Side Request Forgery (SSRF) vulnerability in Codeless Slider Templates slider-templates allo… | 2025-10-27T03:30:39Z | 2025-11-13T12:31:32Z |
| ghsa-xppm-25h7-qf3q | Missing Authorization vulnerability in Codeinwp Revive Old Posts tweet-old-post allows Exploiting I… | 2025-10-27T03:30:39Z | 2025-11-13T12:31:31Z |
| ghsa-w294-95cp-qx33 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:39Z | 2025-11-13T12:31:32Z |
| ghsa-v8q4-wpfv-hmr2 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:39Z | 2025-11-13T12:31:32Z |
| ghsa-rxr2-m2mh-wpx6 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms Zoh… | 2025-10-27T03:30:39Z | 2025-11-13T12:31:32Z |
| ghsa-rqm5-mx2c-5fhp | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:39Z | 2025-11-13T12:31:31Z |
| ghsa-rj3x-qp7v-5vp5 | A flaw has been found in Kamailio 5.5. The impacted element is the function rve_is_constant of the … | 2025-10-27T03:30:39Z | 2025-11-05T00:31:30Z |
| ghsa-r3xr-wm72-mg2w | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:39Z | 2025-11-13T12:31:32Z |
| ghsa-qvpv-xh75-74pw | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:39Z | 2025-11-13T12:31:32Z |
| ghsa-qgvx-wfx5-x9qg | Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly C… | 2025-10-27T03:30:39Z | 2025-11-13T12:31:31Z |
| ghsa-qc8p-jp3g-x9hm | Missing Authorization vulnerability in MDZ Persian Admnin Fonts persian-admin-fonts allows Exploiti… | 2025-10-27T03:30:39Z | 2025-11-13T12:31:32Z |
| ghsa-prw8-6vx3-vrxm | Improper Control of Generation of Code ('Code Injection') vulnerability in videowhisper Paid Videoc… | 2025-10-27T03:30:39Z | 2025-11-13T12:31:31Z |
| ghsa-p9x7-3xvx-2h65 | Missing Authorization vulnerability in WPWebinarSystem WebinarPress wp-webinarsystem allows Exploit… | 2025-10-27T03:30:39Z | 2025-11-13T12:31:32Z |
| ghsa-p98w-mx82-xhg4 | Missing Authorization vulnerability in Spencer Haws Link Whisper Free link-whisper allows Exploitin… | 2025-10-27T03:30:39Z | 2025-11-13T12:31:32Z |
| ghsa-mx76-j492-6c3v | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:39Z | 2025-11-13T12:31:32Z |
| ghsa-j768-6r6g-m9h3 | A vulnerability was detected in Kamailio 5.5. The affected element is the function sr_push_yy_state… | 2025-10-27T03:30:39Z | 2025-11-05T00:31:30Z |
| ghsa-j46c-hfxp-3h44 | Missing Authorization vulnerability in wpseek Admin Management Xtended admin-management-xtended al… | 2025-10-27T03:30:39Z | 2025-11-13T12:31:31Z |
| ghsa-hg8r-q6jx-8pfj | Missing Authorization vulnerability in Themekraft BuddyForms buddyforms allows Accessing Functional… | 2025-10-27T03:30:39Z | 2025-11-13T12:31:32Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-12223 | Bdtask Flight Booking Software Package Information pac… |
Bdtask |
Flight Booking Software |
2025-10-27T04:32:07.968Z | 2025-10-27T20:05:20.283Z | |
| cve-2025-12222 | Bdtask Flight Booking Software Deposit deposit unrestr… |
Bdtask |
Flight Booking Software |
2025-10-27T04:32:05.653Z | 2025-10-27T20:04:43.065Z | |
| cve-2025-12215 | projectworlds Online Shopping System login_submit.php … |
projectworlds |
Online Shopping System |
2025-10-27T04:02:12.489Z | 2025-10-27T20:03:23.987Z | |
| cve-2025-12214 | Tenda O3 sysAutoReboot GetValue stack-based overflow |
Tenda |
O3 |
2025-10-27T04:02:10.027Z | 2025-10-27T20:02:25.401Z | |
| cve-2025-12213 | Tenda O3 setVlanConfig GetValue stack-based overflow |
Tenda |
O3 |
2025-10-27T04:02:06.607Z | 2025-10-27T15:16:14.832Z | |
| cve-2025-12212 | Tenda O3 setNetworkService GetValue stack-based overflow |
Tenda |
O3 |
2025-10-27T03:32:10.375Z | 2025-10-27T15:22:32.247Z | |
| cve-2025-12211 | Tenda O3 setDmzInfo GetValue stack-based overflow |
Tenda |
O3 |
2025-10-27T03:32:06.892Z | 2025-10-28T13:22:35.992Z | |
| cve-2025-12210 | Tenda O3 AdvSetLanip GetValue stack-based overflow |
Tenda |
O3 |
2025-10-27T03:02:13.722Z | 2025-10-28T13:27:32.757Z | |
| cve-2025-12209 | Tenda O3 setDhcpConfig GetValue stack-based overflow |
Tenda |
O3 |
2025-10-27T03:02:10.129Z | 2025-10-28T13:48:15.487Z | |
| cve-2025-12208 | SourceCodester Best House Rental Management System adm… |
SourceCodester |
Best House Rental Management System |
2025-10-27T03:02:06.554Z | 2025-10-28T13:50:50.036Z | |
| cve-2025-12207 | Kamailio Grammar Rule cfg.y yyerror_at null pointer de… |
n/a |
Kamailio |
2025-10-27T02:32:17.604Z | 2025-11-04T21:09:31.867Z | |
| cve-2025-12206 | Kamailio rvalue.c rve_is_constant null pointer dereference |
n/a |
Kamailio |
2025-10-27T02:32:12.753Z | 2025-11-04T21:09:29.239Z | |
| cve-2025-12205 | Kamailio Configuration File cfg.lex sr_push_yy_state u… |
n/a |
Kamailio |
2025-10-27T02:32:07.777Z | 2025-11-04T21:09:26.652Z | |
| cve-2025-48088 | 6.5 (v3.1) | WordPress Ultimate Addons for WPBakery Page Builder pl… |
Brainstorm Force |
Ultimate Addons for WPBakery Page Builder |
2025-10-27T02:09:52.224Z | 2025-10-28T16:03:09.945Z |
| cve-2025-58918 | 4.3 (v3.1) | WordPress Entrada theme <= 5.7.7 - Cross Site Request … |
Waituk |
Entrada |
2025-10-27T02:07:49.744Z | 2025-10-27T14:45:34.467Z |
| cve-2025-12204 | Kamailio Configuration File rvalue.c rve_destroy heap-… |
n/a |
Kamailio |
2025-10-27T02:02:11.424Z | 2025-11-04T21:09:23.967Z | |
| cve-2025-12203 | givanz Vvveb Code Editor functions.php sanitizeFileNam… |
givanz |
Vvveb |
2025-10-27T02:02:06.391Z | 2025-10-27T20:01:52.199Z | |
| cve-2025-62988 | N/A | WordPress Slider Templates plugin <= 1.0.3 - Server Si… |
Codeless |
Slider Templates |
2025-10-27T01:34:22.355Z | 2025-11-13T10:33:49.048Z |
| cve-2025-62987 | N/A | WordPress Builderall Builder for WordPress plugin <= 3… |
Builderall |
Builderall Builder for WordPress |
2025-10-27T01:34:21.954Z | 2025-11-13T10:33:49.047Z |
| cve-2025-62986 | N/A | WordPress FanBridge signup plugin <= 0.6 - Cross Site … |
FanBridge |
FanBridge signup |
2025-10-27T01:34:21.481Z | 2025-11-13T10:33:49.052Z |
| cve-2025-62985 | N/A | WordPress Simple Pull Quote plugin <= 1.6.3 - Cross Si… |
llamaman |
Simple Pull Quote |
2025-10-27T01:34:21.085Z | 2025-11-13T10:33:49.043Z |
| cve-2025-62984 | N/A | WordPress WP AdCenter plugin <= 2.6.1 - Cross Site Scr… |
WPeka |
WP AdCenter |
2025-10-27T01:34:20.717Z | 2025-11-13T10:33:49.045Z |
| cve-2025-62983 | N/A | WordPress Posts By Tag plugin <= 3.2.1 - Cross Site Sc… |
Sudar Muthu |
Posts By Tag |
2025-10-27T01:34:20.337Z | 2025-11-13T10:33:48.824Z |
| cve-2025-62982 | N/A | WordPress Dynamic User Directory plugin <= 2.3 - Cross… |
Sarah Giles |
Dynamic User Directory |
2025-10-27T01:34:19.955Z | 2025-11-13T10:33:48.769Z |
| cve-2025-62981 | N/A | WordPress WP Gravity Forms Zoho CRM and Bigin plugin <… |
CRM Perks |
WP Gravity Forms Zoho CRM and Bigin |
2025-10-27T01:34:19.548Z | 2025-11-13T10:33:48.765Z |
| cve-2025-62980 | N/A | WordPress Persian Admnin Fonts plugin <= 4.1.03 - Brok… |
MDZ |
Persian Admnin Fonts |
2025-10-27T01:34:19.046Z | 2025-11-13T10:33:48.757Z |
| cve-2025-62979 | N/A | WordPress ACF to REST API plugin <= 3.3.4 - Sensitive … |
airesvsg |
ACF to REST API |
2025-10-27T01:34:18.671Z | 2025-11-13T10:33:48.608Z |
| cve-2025-62978 | N/A | WordPress KiotViet Sync plugin <= 1.8.5 - Broken Acces… |
Kiotviet |
KiotViet Sync |
2025-10-27T01:34:18.281Z | 2025-11-13T10:33:48.705Z |
| cve-2025-62977 | N/A | WordPress 百度站长SEO合集(支持百度/神马/Bing/头条推送) plugin <= 2.1.3… |
沃之涛 |
百度站长SEO合集(支持百度/神马/Bing/头条推送) |
2025-10-27T01:34:17.906Z | 2025-11-13T10:33:48.772Z |
| cve-2025-62976 | N/A | WordPress Sendle Shipping plugin <= 6.02 - Broken Acce… |
Joovii |
Sendle Shipping |
2025-10-27T01:34:17.528Z | 2025-11-13T10:33:48.598Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-12281 | code-projects Client Details System clientview.php cro… |
code-projects |
Client Details System |
2025-10-27T13:32:08.483Z | 2025-10-27T14:21:09.648Z | |
| cve-2025-12280 | code-projects Client Details System update-clients.php… |
code-projects |
Client Details System |
2025-10-27T13:32:05.925Z | 2025-10-27T14:25:29.509Z | |
| cve-2025-41384 | 5.1 (v4.0) | Reflected Cross-Site Scripting (XSS) in SuiteCRM |
SuiteCRM |
SuiteCRM |
2025-10-27T12:53:51.383Z | 2025-10-27T15:08:15.360Z |
| cve-2025-41068 | 8.7 (v4.0) | Reachable Assertion vulnerability in Open5GS |
NewPlane |
Open5GS |
2025-10-27T12:47:57.984Z | 2025-10-29T10:28:05.622Z |
| cve-2025-41067 | 8.7 (v4.0) | Reachable Assertion vulnerability in Open5GS |
NewPlane |
Open5GS |
2025-10-27T12:47:32.364Z | 2025-10-29T10:27:42.252Z |
| cve-2025-12279 | code-projects Client Details System welcome.php cross … |
code-projects |
Client Details System |
2025-10-27T13:02:10.472Z | 2025-10-27T20:16:07.395Z | |
| cve-2025-12277 | Abdullah-Hasan-Sajjad Online-School studentLogin.php s… |
Abdullah-Hasan-Sajjad |
Online-School |
2025-10-27T13:02:07.671Z | 2025-10-27T20:15:12.936Z | |
| cve-2025-12276 | LearnHouse Image information disclosure |
n/a |
LearnHouse |
2025-10-27T13:02:05.167Z | 2025-10-27T20:14:46.615Z | |
| cve-2025-12274 | Tenda CH22 P2pListFilter fromP2pListFilter buffer overflow |
Tenda |
CH22 |
2025-10-27T12:32:12.399Z | 2025-10-27T13:05:48.770Z | |
| cve-2025-12273 | Tenda CH22 webExcptypemanFilter fromwebExcptypemanFilt… |
Tenda |
CH22 |
2025-10-27T12:32:08.278Z | 2025-10-27T13:07:43.656Z | |
| cve-2025-11248 | 3.2 (v3.1) | Sensitive Information Logged |
Zohocorp |
ManageEngine Endpoint Central |
2025-10-27T12:56:35.389Z | 2025-10-27T15:07:22.584Z |
| cve-2025-41009 | 9.3 (v4.0) | SQL injection on the virtual campus platform of Diseño… |
Disenno de Recursos Educativos S.L |
virtual campus platform |
2025-10-27T11:35:35.426Z | 2025-10-27T13:17:02.766Z |
| cve-2025-12272 | Tenda CH22 addressNat fromAddressNat buffer overflow |
Tenda |
CH22 |
2025-10-27T12:02:14.528Z | 2025-10-27T13:14:57.485Z | |
| cve-2025-12271 | Tenda CH22 RouteStatic fromRouteStatic buffer overflow |
Tenda |
CH22 |
2025-10-27T12:02:10.792Z | 2025-10-27T13:15:34.156Z | |
| cve-2025-12270 | LearnHouse Student Assignment Submission sub_file reso… |
n/a |
LearnHouse |
2025-10-27T12:02:07.011Z | 2025-10-27T13:16:14.087Z | |
| cve-2025-12269 | LearnHouse Account Setting previews cross site scripting |
n/a |
LearnHouse |
2025-10-27T11:32:08.512Z | 2025-10-27T13:17:47.154Z | |
| cve-2025-12268 | LearnHouse Course Thumbnail courses unrestricted upload |
n/a |
LearnHouse |
2025-10-27T11:32:06.104Z | 2025-10-27T13:18:34.621Z | |
| cve-2025-11955 | 8.2 (v4.0) | Incorrect validation of OCSP certificates in TheGreenB… |
TheGreenBow |
TheGreenBow VPN Client Windows Enterprise |
2025-10-27T11:30:24.102Z | 2025-10-27T13:19:15.842Z |
| cve-2025-59463 | 4.3 (v3.1) | Denial-of-service (DoS) via chunk size mismatch |
SICK AG |
TLOC100-100 all Firmware versions |
2025-10-27T10:14:31.607Z | 2025-10-27T18:05:28.122Z |
| cve-2025-59462 | 6.5 (v3.1) | Denial-of-service (DoS) via delayed or missing client … |
SICK AG |
TLOC100-100 all Firmware versions |
2025-10-27T10:12:55.225Z | 2025-10-27T18:07:30.977Z |
| cve-2025-59461 | 7.6 (v3.1) | API does not require authentication |
SICK AG |
TLOC100-100 all Firmware versions |
2025-10-27T10:11:46.163Z | 2025-10-27T18:08:15.868Z |
| cve-2025-59460 | 7.5 (v3.1) | Unsecure access configuration |
SICK AG |
TLOC100-100 with Firmware <7.1.1 |
2025-10-27T10:10:31.105Z | 2025-10-27T18:10:18.984Z |
| cve-2025-59459 | 5.5 (v3.1) | Denial-of-service (DoS) via resource consumption |
SICK AG |
TLOC100-100 with Firmware <7.1.1 |
2025-10-27T10:09:03.229Z | 2025-10-27T13:20:18.768Z |
| cve-2025-12267 | abhicodebox ModernShop search cross site scripting |
abhicodebox |
ModernShop |
2025-10-27T11:02:13.921Z | 2025-10-27T12:05:29.018Z | |
| cve-2025-12266 | Zytec Dalian Zhuoyun Technology Central Authentication… |
Zytec Dalian Zhuoyun Technology |
Central Authentication Service |
2025-10-27T11:02:10.635Z | 2025-10-27T12:10:15.962Z | |
| cve-2025-12265 | Tenda CH22 VirtualSer fromVirtualSer buffer overflow |
Tenda |
CH22 |
2025-10-27T11:02:07.933Z | 2025-10-27T12:14:52.668Z | |
| cve-2025-12264 | Wisencode Create Support Ticket create cross site scripting |
n/a |
Wisencode |
2025-10-27T10:32:10.416Z | 2025-10-27T12:20:59.536Z | |
| cve-2025-12263 | code-projects Online Event Judging System edit_judge.p… |
code-projects |
Online Event Judging System |
2025-10-27T10:32:08.484Z | 2025-10-27T12:46:44.143Z | |
| cve-2025-12262 | code-projects Online Event Judging System edit_criteri… |
code-projects |
Online Event Judging System |
2025-10-27T10:32:05.934Z | 2025-10-27T13:22:24.941Z | |
| cve-2025-8432 | 8.4 (v3.1) | CentreonBI user account on the MBI server can execute … |
Centreon |
Infra Monitoring |
2025-10-27T10:08:33.662Z | 2025-10-30T13:51:12.045Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-187892 | Malicious code in lyra-nebula-node-config-terser-webpack-plugin (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187891 | Malicious code in lyra-janus-spectron-rigel (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187890 | Malicious code in lyra-fomalhaut-arcturus-enceladus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187889 | Malicious code in lyra-cryovolcano-mongoose-multiverse (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187888 | Malicious code in lyra-archaeoastronomy-graviton-altair (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187887 | Malicious code in lynx-supervisor-relay-loop (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187886 | Malicious code in lynx-phoebe-alphard-betelgeuse (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187885 | Malicious code in lynx-nashira-heliophysics-solis (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187884 | Malicious code in lynx-foundation-astroinformatics-geckodriver (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187883 | Malicious code in lynx-astrobiology-exobiology-plutology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187882 | Malicious code in luna-zephyr-hugo-fusion (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187881 | Malicious code in luna-xanadu-aquarius-barnard (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187880 | Malicious code in luna-sequelize-markdown-pdf-meissa (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187879 | Malicious code in luna-mira-eslint-wezen (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187878 | Malicious code in luna-local-optimize-css-assets-webpack-plugin-postgres (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187877 | Malicious code in luna-cordelia-blackhole-lithosphere (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187876 | Malicious code in luminescence-pino-superagent-axios (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187875 | Malicious code in luminescence-meteor-elara-oortcloud (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187874 | Malicious code in luminescence-colors-resonance-publish (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187873 | Malicious code in luminescence-chai-cryonics-eclipse (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187872 | Malicious code in luminescence-achernar-promise-nuxtjs (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187871 | Malicious code in loopback-tethys-airbnb-typeorm (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187870 | Malicious code in loopback-remark-cordelia-commitlint (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187869 | Malicious code in loopback-magellan-foundation-csrf (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187868 | Malicious code in loop-webdriverio-vulcan-proxima (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187867 | Malicious code in loop-wasat-chai-equinox (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187866 | Malicious code in loop-quito-hyperion-centauri (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187865 | Malicious code in loop-mysql-jwt-jekyll (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187864 | Malicious code in loop-cosmos-perturbation-andromeda (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187863 | Malicious code in loop-cosmicray-repository-entanglement (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:1613 | Red Hat Security Advisory: nodejs:22 security update | 2025-02-17T19:21:42+00:00 | 2025-11-13T22:33:41+00:00 |
| rhsa-2025:1611 | Red Hat Security Advisory: nodejs:22 security update | 2025-02-17T18:04:26+00:00 | 2025-11-13T22:33:39+00:00 |
| rhsa-2025:1609 | Red Hat Security Advisory: Cluster Observability Operator 1.0.0 | 2025-02-17T16:13:51+00:00 | 2025-11-15T08:44:55+00:00 |
| rhsa-2025:1601 | Red Hat Security Advisory: gcc security update | 2025-02-17T15:03:01+00:00 | 2025-11-06T23:54:08+00:00 |
| rhsa-2025:1582 | Red Hat Security Advisory: nodejs:18 security update | 2025-02-17T12:52:35+00:00 | 2025-11-13T22:33:39+00:00 |
| rhsa-2025:1580 | Red Hat Security Advisory: gcc security update | 2025-02-17T12:12:31+00:00 | 2025-11-06T23:54:06+00:00 |
| rhsa-2025:1517 | Red Hat Security Advisory: libxml2 security update | 2025-02-17T01:37:34+00:00 | 2025-11-06T21:43:49+00:00 |
| rhsa-2025:1516 | Red Hat Security Advisory: libxml2 security update | 2025-02-17T01:31:59+00:00 | 2025-11-06T21:43:47+00:00 |
| rhsa-2025:1514 | Red Hat Security Advisory: ipa security update | 2025-02-17T00:17:04+00:00 | 2025-11-06T23:54:05+00:00 |
| rhsa-2025:1515 | Red Hat Security Advisory: idm:DL1 security update | 2025-02-17T00:13:24+00:00 | 2025-11-06T23:54:06+00:00 |
| rhsa-2025:1487 | Red Hat Security Advisory: updated discovery container images | 2025-02-13T20:14:49+00:00 | 2025-11-08T07:13:28+00:00 |
| rhsa-2025:1468 | Red Hat Security Advisory: ACS 4.4 enhancement and security update | 2025-02-13T18:14:31+00:00 | 2025-11-15T08:44:51+00:00 |
| rhsa-2025:1446 | Red Hat Security Advisory: nodejs:18 security update | 2025-02-13T16:03:15+00:00 | 2025-11-13T22:33:37+00:00 |
| rhsa-2025:1448 | Red Hat Security Advisory: RHOAI 2.17.0 - Red Hat OpenShift AI | 2025-02-13T15:51:37+00:00 | 2025-11-16T03:22:25+00:00 |
| rhsa-2025:1443 | Red Hat Security Advisory: nodejs:20 security update | 2025-02-13T15:42:45+00:00 | 2025-11-13T22:33:36+00:00 |
| rhsa-2025:1437 | Red Hat Security Advisory: kpatch-patch-5_14_0-284_52_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 security update | 2025-02-13T14:51:20+00:00 | 2025-11-06T22:35:24+00:00 |
| rhsa-2025:1434 | Red Hat Security Advisory: kpatch-patch-5_14_0-427_13_1, kpatch-patch-5_14_0-427_31_1, and kpatch-patch-5_14_0-427_44_1 security update | 2025-02-13T14:38:40+00:00 | 2025-11-06T22:35:24+00:00 |
| rhsa-2025:1433 | Red Hat Security Advisory: kpatch-patch-5_14_0-503_15_1 security update | 2025-02-13T14:37:35+00:00 | 2025-11-06T22:35:23+00:00 |
| rhsa-2025:1118 | Red Hat Security Advisory: OpenShift Container Platform 4.13.55 packages and security update | 2025-02-13T02:42:03+00:00 | 2025-11-06T22:35:13+00:00 |
| rhsa-2025:1242 | Red Hat Security Advisory: OpenShift Container Platform 4.12.73 bug fix and security update | 2025-02-13T02:10:52+00:00 | 2025-11-06T22:02:09+00:00 |
| rhsa-2025:1241 | Red Hat Security Advisory: OpenShift Container Platform 4.12.73 security and extras update | 2025-02-13T00:42:45+00:00 | 2025-11-06T22:35:17+00:00 |
| rhsa-2025:1374 | Red Hat Security Advisory: kpatch-patch-5_14_0-70_112_1, kpatch-patch-5_14_0-70_121_1, and kpatch-patch-5_14_0-70_85_1 security update | 2025-02-13T00:29:13+00:00 | 2025-11-06T22:35:22+00:00 |
| rhsa-2025:1225 | Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.8.17 | 2025-02-12T17:51:11+00:00 | 2025-11-06T22:02:08+00:00 |
| rhsa-2025:1332 | Red Hat Security Advisory: Gatekeeper v3.15.3 | 2025-02-12T17:48:36+00:00 | 2025-11-15T08:44:45+00:00 |
| rhsa-2025:1331 | Red Hat Security Advisory: Gatekeeper v3.17.1 | 2025-02-12T17:47:51+00:00 | 2025-11-15T08:44:44+00:00 |
| rhsa-2025:1333 | Red Hat Security Advisory: Gatekeeper v3.14.3 | 2025-02-12T17:36:57+00:00 | 2025-11-15T08:44:46+00:00 |
| rhsa-2025:1227 | Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.9.11 | 2025-02-12T16:40:08+00:00 | 2025-11-06T22:02:09+00:00 |
| rhsa-2025:1350 | Red Hat Security Advisory: libxml2 security update | 2025-02-12T15:32:32+00:00 | 2025-11-06T21:43:45+00:00 |
| rhsa-2025:1351 | Red Hat Security Advisory: nodejs:20 security update | 2025-02-12T15:32:22+00:00 | 2025-11-13T22:33:34+00:00 |
| rhsa-2025:1348 | Red Hat Security Advisory: thunderbird security update | 2025-02-12T09:37:11+00:00 | 2025-11-06T23:23:53+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2024-49953 | net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice | 2024-10-01T07:00:00.000Z | 2024-11-12T00:00:00.000Z |
| msrc_cve-2024-49952 | netfilter: nf_tables: prevent nf_skb_duplicated corruption | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-49950 | Bluetooth: L2CAP: Fix uaf in l2cap_connect | 2024-10-01T07:00:00.000Z | 2024-11-12T00:00:00.000Z |
| msrc_cve-2024-49949 | net: avoid potential underflow in qdisc_pkt_len_init() with UFO | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-49948 | net: add more sanity checks to qdisc_pkt_len_init() | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-49946 | ppp: do not assume bh is held in ppp_channel_bridge_input() | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-49945 | net/ncsi: Disable the ncsi work before freeing the associated structure | 2024-10-01T07:00:00.000Z | 2025-09-03T22:14:11.000Z |
| msrc_cve-2024-49944 | sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-49940 | l2tp: prevent possible tunnel refcount underflow | 2024-10-01T07:00:00.000Z | 2025-09-03T21:30:36.000Z |
| msrc_cve-2024-49939 | wifi: rtw89: avoid to add interface to list twice when SER | 2024-10-01T07:00:00.000Z | 2025-09-03T22:39:44.000Z |
| msrc_cve-2024-49938 | wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-49937 | wifi: cfg80211: Set correct chandef when starting CAC | 2024-10-01T07:00:00.000Z | 2025-09-03T22:45:31.000Z |
| msrc_cve-2024-49936 | net/xen-netback: prevent UAF in xenvif_flush_hash() | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-49935 | ACPI: PAD: fix crash in exit_round_robin() | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-49934 | fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name | 2024-10-01T07:00:00.000Z | 2025-09-03T21:23:09.000Z |
| msrc_cve-2024-49933 | blk_iocost: fix more out of bound shifts | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-49932 | btrfs: don't readahead the relocation inode on RST | 2024-10-01T07:00:00.000Z | 2025-09-03T21:43:32.000Z |
| msrc_cve-2024-49931 | wifi: ath12k: fix array out-of-bound access in SoC stats | 2024-10-01T07:00:00.000Z | 2024-11-12T00:00:00.000Z |
| msrc_cve-2024-49930 | wifi: ath11k: fix array out-of-bound access in SoC stats | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-49929 | wifi: iwlwifi: mvm: avoid NULL pointer dereference | 2024-10-01T07:00:00.000Z | 2024-11-12T00:00:00.000Z |
| msrc_cve-2024-49927 | x86/ioapic: Handle allocation failures gracefully | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-49926 | rcu-tasks: Fix access non-existent percpu rtpcp variable in rcu_tasks_need_gpcb() | 2024-10-01T07:00:00.000Z | 2025-09-03T21:17:05.000Z |
| msrc_cve-2024-49925 | fbdev: efifb: Register sysfs groups through driver core | 2024-10-01T07:00:00.000Z | 2025-09-03T22:24:04.000Z |
| msrc_cve-2024-49924 | fbdev: pxafb: Fix possible use after free in pxafb_task() | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-49923 | drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags | 2024-10-01T07:00:00.000Z | 2025-09-03T20:11:02.000Z |
| msrc_cve-2024-49922 | drm/amd/display: Check null pointers before using them | 2024-10-01T07:00:00.000Z | 2025-08-21T17:30:33.000Z |
| msrc_cve-2024-49921 | drm/amd/display: Check null pointers before used | 2024-10-01T07:00:00.000Z | 2025-09-03T23:15:55.000Z |
| msrc_cve-2024-49920 | drm/amd/display: Check null pointers before multiple uses | 2024-10-01T07:00:00.000Z | 2025-09-03T22:32:47.000Z |
| msrc_cve-2024-49919 | drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer | 2024-10-01T07:00:00.000Z | 2025-09-03T19:44:48.000Z |
| msrc_cve-2024-49917 | drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw | 2024-10-01T07:00:00.000Z | 2025-09-03T20:27:18.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2009-000078 | EC-CUBE information disclosure vulnerability | 2009-12-07T14:51+09:00 | 2009-12-07T14:51+09:00 |
| jvndb-2009-000074 | Redmine vulnerable to cross-site request forgery | 2009-11-19T15:45+09:00 | 2009-11-19T15:45+09:00 |
| jvndb-2009-000073 | Redmine vulnerable to cross-site scripting | 2009-11-19T15:45+09:00 | 2009-11-19T15:45+09:00 |
| jvndb-2009-000072 | Roundcube Webmail vulnerable to cross-site request forgery | 2009-11-04T15:27+09:00 | 2009-11-04T15:27+09:00 |
| jvndb-2009-000071 | Roundcube Webmail vulnerable to cross-site request forgery | 2009-11-04T15:27+09:00 | 2009-11-04T15:27+09:00 |
| jvndb-2009-000070 | SEIL/X Series and SEIL/B1 denial of service vulnerability | 2009-11-02T16:42+09:00 | 2009-11-02T16:42+09:00 |
| jvndb-2009-000069 | SEIL/X Series and SEIL/B1 buffer overflow vulnerability | 2009-11-02T16:42+09:00 | 2009-11-02T16:42+09:00 |
| jvndb-2009-000068 | Implementations of IPv6 may be vulnerable to denial of service (DoS) attacks | 2009-10-26T15:58+09:00 | 2010-01-25T12:02+09:00 |
| jvndb-2009-000066 | Canon IT Solutions Inc. ACCESSGUARDIAN vulnerable to cross-site scripting | 2009-10-20T15:56+09:00 | 2009-10-20T15:56+09:00 |
| jvndb-2009-000067 | Multiple Cybozu products vulnerable to cross-site scripting | 2009-10-15T15:21+09:00 | 2009-10-15T15:21+09:00 |
| jvndb-2009-000065 | SugarCRM vulnerable to cross-site scripting | 2009-10-02T16:02+09:00 | 2009-10-02T16:02+09:00 |
| jvndb-2009-000064 | Directory traversal vulnerability in multiple phpspot products | 2009-09-18T18:11+09:00 | 2009-09-18T18:11+09:00 |
| jvndb-2009-000063 | Cross-site scripting vulnerability in multiple phpspot products | 2009-09-18T18:11+09:00 | 2009-09-18T18:11+09:00 |
| jvndb-2009-000062 | XF-Section vulnerable to cross-site scripting | 2009-09-17T15:52+09:00 | 2009-09-17T15:52+09:00 |
| jvndb-2009-000061 | Third-party cookie issue in Opera | 2009-09-17T15:52+09:00 | 2009-09-17T15:52+09:00 |
| jvndb-2009-001968 | GIF File Processing Denial of Service Vulnerability in Multiple JP1 Products | 2009-09-14T10:31+09:00 | 2009-09-14T10:31+09:00 |
| jvndb-2009-001967 | Multiple Vulnerabilities in Hitachi JP1/File Transmission Server/FTP | 2009-09-14T10:31+09:00 | 2009-09-14T10:31+09:00 |
| jvndb-2009-000060 | Webservice-DIC yoyaku_v41 vulnerable to command injection | 2009-09-11T16:36+09:00 | 2009-09-11T16:36+09:00 |
| jvndb-2009-000059 | Buffer overflow vulnerability in Microsoft Windows | 2009-09-09T17:30+09:00 | 2009-09-09T17:30+09:00 |
| jvndb-2009-001931 | Issue of Access Control Failure in Hitachi Device Manager Server | 2009-08-31T15:52+09:00 | 2009-08-31T15:52+09:00 |
| jvndb-2009-001930 | Issue of Access Control Failure in Groupmax Scheduler Server | 2009-08-31T15:52+09:00 | 2009-08-31T15:52+09:00 |
| jvndb-2009-000058 | bingo!CMS core and bingo!CMS vulnerable to cross-site request forgery | 2009-08-27T15:29+09:00 | 2009-08-27T15:29+09:00 |
| jvndb-2009-000055 | Site Calendar 'mycaljp' vulnerable to cross-site scripting | 2009-08-26T15:25+09:00 | 2009-08-26T15:25+09:00 |
| jvndb-2009-001893 | Hitachi Business Logic Cross-Site Scripting Vulnerability | 2009-08-25T10:50+09:00 | 2009-08-25T10:50+09:00 |
| jvndb-2009-000056 | SugarCRM vulnerable to SQL injection | 2009-08-24T16:25+09:00 | 2009-08-24T16:25+09:00 |
| jvndb-2009-000054 | ColdFusion vulnerable to cross-site scripting | 2009-08-19T16:33+09:00 | 2009-08-19T16:33+09:00 |
| jvndb-2009-000053 | Cross-site request forgery vulnerability in FreeNAS | 2009-08-05T15:59+09:00 | 2009-08-05T15:59+09:00 |
| jvndb-2009-000052 | Cross-site scripting vulnerability in FreeNAS | 2009-08-05T15:58+09:00 | 2009-08-05T15:58+09:00 |
| jvndb-2009-000051 | Webservice-DIC yoyaku_v41 vulnerable to command injection | 2009-07-31T15:34+09:00 | 2009-07-31T15:34+09:00 |
| jvndb-2009-000050 | MySQL Connector/J vulnerable to SQL injection | 2009-07-29T15:30+09:00 | 2009-07-29T15:30+09:00 |
| ID | Description | Updated |
|---|