Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-8xq3-r8f5-3hw3 | Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxFwRule… | 2025-11-06T21:31:30Z | 2025-11-06T21:31:30Z |
| ghsa-7x36-v2p9-4w5j | Netgate pfSense CE Suricata Path Traversal Remote Code Execution Vulnerability. This vulnerability … | 2025-11-06T21:31:30Z | 2025-11-06T21:31:30Z |
| ghsa-wj94-phrx-4jq9 | SuiteCRM versions prior to 7.12.6 contain a SQL injection vulnerability within the processing of th… | 2025-11-06T21:31:29Z | 2025-11-06T21:31:29Z |
| ghsa-v3gf-8mqh-c3w6 | D-Link DIR-1260 Wi-Fi router firmware versions up to and including v1.20B05 contain a command injec… | 2025-11-06T21:31:29Z | 2025-11-06T21:31:29Z |
| ghsa-qqgx-j7v5-7wrr | Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP manage… | 2025-11-06T21:31:29Z | 2025-11-06T21:31:29Z |
| ghsa-g2xr-8jgc-jrmr | Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP manage… | 2025-11-06T21:31:29Z | 2025-11-06T21:31:29Z |
| ghsa-c9hp-6rxj-h2wx | SuiteCRM versions prior to 7.12.6 contain a type confusion vulnerability within the processing of t… | 2025-11-06T21:31:29Z | 2025-11-06T21:31:29Z |
| ghsa-96fr-vhf8-gmqq | A Server-Side Request Forgery (SSRF) in the /api/proxy/ component of linshenkx prompt-optimizer v1.… | 2025-11-06T21:31:29Z | 2025-11-07T18:30:28Z |
| ghsa-95fw-x52j-jfx5 | Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G ver… | 2025-11-06T21:31:29Z | 2025-11-06T21:31:29Z |
| ghsa-7gp7-vv9p-9rw8 | Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP manage… | 2025-11-06T21:31:29Z | 2025-11-06T21:31:29Z |
| ghsa-65rh-73gq-wf9h | Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP manage… | 2025-11-06T21:31:29Z | 2025-11-06T21:31:29Z |
| ghsa-32gj-59h5-4jf2 | Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP manage… | 2025-11-06T21:31:29Z | 2025-11-06T21:31:29Z |
| ghsa-2pmp-x7wc-gxr9 | A Server-Side Request Forgery (SSRF) vulnerability, achievable through an XML External Entity (XXE)… | 2025-11-06T21:31:29Z | 2025-11-07T18:30:28Z |
| ghsa-xfj8-gxhp-pgmr | An issue was discovered in AnyDesk before 9.0.0. It has an integer overflow and resultant heap-base… | 2025-11-06T18:32:58Z | 2025-11-07T18:30:28Z |
| ghsa-q872-6vf4-qmmw | An issue was discovered in AnyDesk through 9.0.4. When the connection between two clients is establ… | 2025-11-06T18:32:58Z | 2025-11-07T18:30:28Z |
| ghsa-g2cq-q859-8fm9 | An issue was discovered in AnyDesk through 9.0.4. A remotely connected user with the "Control my de… | 2025-11-06T18:32:58Z | 2025-11-07T18:30:28Z |
| ghsa-3ghq-53cj-qqmp | An issue was discovered in AnyDesk through 9.0.4. Remote Denial of Service can occur because of inc… | 2025-11-06T18:32:58Z | 2025-11-07T18:30:28Z |
| ghsa-vjvr-7hrq-r8p6 | A reflected XSS vulnerability exists in CMSimple_XH 1.8's index.php router when attacker-controlled… | 2025-11-06T18:32:57Z | 2025-11-06T21:31:28Z |
| ghsa-qj6m-vqpr-wffx | Improper privilege management during pre-MFA cookie handling in Devolutions Server 2025.3.5.0 and e… | 2025-11-06T18:32:57Z | 2025-11-06T21:31:28Z |
| ghsa-mw56-2hx2-2xfg | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T18:32:57Z | 2025-11-06T18:32:57Z |
| ghsa-jgfp-mcxc-wwr9 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T18:32:57Z | 2025-11-06T18:32:57Z |
| ghsa-j6g4-c6pw-p63g | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T18:32:57Z | 2025-11-06T18:32:57Z |
| ghsa-hxmj-h87g-5c53 | Unrestricted Upload of File with Dangerous Type vulnerability in Rometheme RTMKit rometheme-for-ele… | 2025-11-06T18:32:57Z | 2025-11-06T18:32:57Z |
| ghsa-gj82-c7f3-xr2m | An unauthenticated reflected cross-site scripting vulnerability in the query handling of CMSimpleXH… | 2025-11-06T18:32:57Z | 2025-11-06T21:31:28Z |
| ghsa-f9mp-xcq7-hf3m | alexusmai laravel-file-manager 3.3.1 is vulnerable to Cross Site Scripting (XSS). The application p… | 2025-11-06T18:32:57Z | 2025-11-06T18:32:57Z |
| ghsa-f39h-ggv6-wr4j | Cross-Site Request Forgery (CSRF) vulnerability in Wasiliy Strecker / ContestGallery developer Cont… | 2025-11-06T18:32:57Z | 2025-11-06T18:32:57Z |
| ghsa-cmjg-8wgr-32f6 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-11-06T18:32:57Z | 2025-11-06T18:32:57Z |
| ghsa-8rxx-f9pw-chh2 | A maliciously crafted file, when executed on the victim's machine, can lead to privilege escalation… | 2025-11-06T18:32:57Z | 2025-11-06T18:32:57Z |
| ghsa-878r-8w43-p6c6 | Improper access control in Devolutions Server 2025.3.5.0 and earlier allows a View-only user to ret… | 2025-11-06T18:32:57Z | 2025-11-07T15:31:29Z |
| ghsa-699q-v8cp-38m8 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-11-06T18:32:57Z | 2025-11-06T18:32:57Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-11208 | N/A | Inappropriate implementation in Media in Google C… |
Google |
Chrome |
2025-11-06T22:08:54.038Z | 2025-11-07T14:04:08.574Z |
| cve-2025-11207 | N/A | Side-channel information leakage in Storage in Go… |
Google |
Chrome |
2025-11-06T22:08:53.752Z | 2025-11-06T22:08:53.752Z |
| cve-2025-11206 | N/A | Heap buffer overflow in Video in Google Chrome pr… |
Google |
Chrome |
2025-11-06T22:08:53.382Z | 2025-11-08T04:55:16.020Z |
| cve-2025-11205 | N/A | Heap buffer overflow in WebGPU in Google Chrome p… |
Google |
Chrome |
2025-11-06T22:08:52.920Z | 2025-11-08T04:55:16.818Z |
| cve-2025-64179 | lakeFS: Unauthenticated access to API usage metrics |
treeverse |
lakeFS |
2025-11-06T21:57:18.234Z | 2025-11-07T13:24:42.263Z | |
| cve-2024-12125 | 5.4 (v3.1) | 3scale-porta: readonly fields not validated server-side |
Red Hat |
Red Hat 3scale API Management Platform 2 |
2025-11-06T21:50:40.704Z | 2025-11-07T15:14:34.402Z |
| cve-2025-64178 | Jellysweep uses uncontrolled data in image cache API e… |
jon4hz |
jellysweep |
2025-11-06T21:46:58.994Z | 2025-11-07T14:59:57.782Z | |
| cve-2025-64177 | ThinkDashboard: Stored XSS in Dashboard via Malicious … |
MatiasDesuu |
ThinkDashboard |
2025-11-06T21:32:43.236Z | 2025-11-06T21:45:13.536Z | |
| cve-2025-64176 | ThinkDashboard: Arbitrary File Upload vulnerability in… |
MatiasDesuu |
ThinkDashboard |
2025-11-06T21:12:38.265Z | 2025-11-06T21:31:41.244Z | |
| cve-2025-12790 | 7.4 (v3.1) | Rubygem-mqtt: rubygem-mqtt hostname validation |
Red Hat |
Red Hat Satellite 6 |
2025-11-06T21:07:34.970Z | 2025-11-08T04:55:19.808Z |
| cve-2025-64327 | ThinkDashboard: Blind Server-Side Request Forgery (SSR… |
MatiasDesuu |
ThinkDashboard |
2025-11-06T21:07:17.672Z | 2025-11-06T21:29:15.660Z | |
| cve-2025-64326 | Weblate leaks the IP of project members inviting users… |
WeblateOrg |
weblate |
2025-11-06T20:55:17.594Z | 2025-11-06T21:18:02.834Z | |
| cve-2025-64174 | OpenMage is vulnerable to XSS in Admin Notifications |
OpenMage |
magento-lts |
2025-11-06T20:45:55.915Z | 2025-11-06T21:20:10.817Z | |
| cve-2025-33110 | 5.4 (v3.1) | IBM OpenPages Vulnerable to HTML Injection |
IBM |
OpenPages |
2025-11-06T20:43:16.690Z | 2025-11-06T21:11:53.167Z |
| cve-2025-64173 | Apollo Router Core: Access Control Bypass on Polymorph… |
apollographql |
router |
2025-11-06T20:42:51.785Z | 2025-11-07T13:48:35.506Z | |
| cve-2025-52881 | runc: LSM labels can be bypassed with malicious config… |
opencontainers |
runc |
2025-11-06T20:23:36.237Z | 2025-11-06T21:07:09.382Z | |
| cve-2025-12486 | 8.8 (v3.0) | Heimdall Data Database Proxy Cross-Site Scripting Remo… |
Heimdall Data |
Database Proxy |
2025-11-06T20:12:54.400Z | 2025-11-06T20:26:19.171Z |
| cve-2025-12487 | 9.8 (v3.0) | oobabooga text-generation-webui trust_remote_code Reli… |
oobabooga |
text-generation-webui |
2025-11-06T20:12:07.187Z | 2025-11-06T20:29:38.307Z |
| cve-2025-12488 | 9.8 (v3.0) | oobabooga text-generation-webui trust_remote_code Reli… |
oobabooga |
text-generation-webui |
2025-11-06T20:11:52.136Z | 2025-11-06T20:30:32.724Z |
| cve-2025-12489 | 7.8 (v3.0) | evernote-mcp-server openBrowser Command Injection Priv… |
evernote-mcp-server |
evernote-mcp-server |
2025-11-06T20:11:32.632Z | 2025-11-06T20:43:33.002Z |
| cve-2025-12490 | 8.8 (v3.0) | Netgate pfSense CE Suricata Path Traversal Remote Code… |
Netgate |
pfSense |
2025-11-06T20:10:57.257Z | 2025-11-06T20:44:02.067Z |
| cve-2025-52565 | container escape due to /dev/console mount and related races |
opencontainers |
runc |
2025-11-06T20:02:58.513Z | 2025-11-06T21:32:19.129Z | |
| cve-2022-50590 | 8.8 (v4.0) | SuiteCRM < 7.12.6 Type Confusion via 'deleteAttachment… |
SuiteCRM |
SuiteCRM |
2025-11-06T19:59:36.078Z | 2025-11-06T20:26:09.006Z |
| cve-2022-50589 | 9.3 (v4.0) | SuiteCRM < 7.12.6 SQL Injection via 'export' Functionality |
SuiteCRM |
SuiteCRM |
2025-11-06T19:59:12.520Z | 2025-11-06T20:27:20.421Z |
| cve-2022-50596 | 9.3 (v4.0) | D-Link DIR-1260 <= v1.20B05 GetDeviceSettings Unauthen… |
D-Link |
DIR-1260 |
2025-11-06T19:58:51.704Z | 2025-11-07T15:07:18.977Z |
| cve-2022-50595 | 9.3 (v4.0) | Advantech iView < v5.7.04 Build 6425 ztp_search_value … |
Advantech |
iView |
2025-11-06T19:58:23.068Z | 2025-11-06T20:33:36.519Z |
| cve-2022-50591 | 8.8 (v4.0) | Advantech iView < v5.7.04 Build 6425 ztp_config_id Par… |
Advantech |
iView |
2025-11-06T19:58:06.223Z | 2025-11-06T20:36:15.818Z |
| cve-2022-50593 | 9.3 (v4.0) | Advantech iView < v5.7.04 Build 6425 search_term Param… |
Advantech |
iView |
2025-11-06T19:57:44.271Z | 2025-11-06T21:02:21.355Z |
| cve-2022-50592 | 9.3 (v4.0) | Advantech iView < v5.7.04 Build 6425 getInventoryRepor… |
Advantech |
iView |
2025-11-06T19:57:20.528Z | 2025-11-06T21:07:38.762Z |
| cve-2022-50594 | 8.8 (v4.0) | Advantech iView < v5.7.04 Build 6425 data Parameter SQ… |
Advantech |
iView |
2025-11-06T19:57:00.425Z | 2025-11-06T21:10:30.978Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-11213 | N/A | Inappropriate implementation in Omnibox in Google… |
Google |
Chrome |
2025-11-06T22:08:56.274Z | 2025-11-07T15:00:24.639Z |
| cve-2025-11212 | N/A | Inappropriate implementation in Media in Google C… |
Google |
Chrome |
2025-11-06T22:08:55.792Z | 2025-11-07T15:01:19.055Z |
| cve-2025-11211 | N/A | Out of bounds read in Media in Google Chrome prio… |
Google |
Chrome |
2025-11-06T22:08:55.517Z | 2025-11-06T22:08:55.517Z |
| cve-2025-11210 | N/A | Side-channel information leakage in Tab in Google… |
Google |
Chrome |
2025-11-06T22:08:54.752Z | 2025-11-07T13:28:35.994Z |
| cve-2025-11209 | N/A | Inappropriate implementation in Omnibox in Google… |
Google |
Chrome |
2025-11-06T22:08:54.364Z | 2025-11-06T22:08:54.364Z |
| cve-2025-11208 | N/A | Inappropriate implementation in Media in Google C… |
Google |
Chrome |
2025-11-06T22:08:54.038Z | 2025-11-07T14:04:08.574Z |
| cve-2025-11207 | N/A | Side-channel information leakage in Storage in Go… |
Google |
Chrome |
2025-11-06T22:08:53.752Z | 2025-11-06T22:08:53.752Z |
| cve-2025-11206 | N/A | Heap buffer overflow in Video in Google Chrome pr… |
Google |
Chrome |
2025-11-06T22:08:53.382Z | 2025-11-08T04:55:16.020Z |
| cve-2025-11205 | N/A | Heap buffer overflow in WebGPU in Google Chrome p… |
Google |
Chrome |
2025-11-06T22:08:52.920Z | 2025-11-08T04:55:16.818Z |
| cve-2024-12125 | 5.4 (v3.1) | 3scale-porta: readonly fields not validated server-side |
Red Hat |
Red Hat 3scale API Management Platform 2 |
2025-11-06T21:50:40.704Z | 2025-11-07T15:14:34.402Z |
| cve-2025-64327 | ThinkDashboard: Blind Server-Side Request Forgery (SSR… |
MatiasDesuu |
ThinkDashboard |
2025-11-06T21:07:17.672Z | 2025-11-06T21:29:15.660Z | |
| cve-2025-64326 | Weblate leaks the IP of project members inviting users… |
WeblateOrg |
weblate |
2025-11-06T20:55:17.594Z | 2025-11-06T21:18:02.834Z | |
| cve-2025-64174 | OpenMage is vulnerable to XSS in Admin Notifications |
OpenMage |
magento-lts |
2025-11-06T20:45:55.915Z | 2025-11-06T21:20:10.817Z | |
| cve-2025-64173 | Apollo Router Core: Access Control Bypass on Polymorph… |
apollographql |
router |
2025-11-06T20:42:51.785Z | 2025-11-07T13:48:35.506Z | |
| cve-2025-52881 | runc: LSM labels can be bypassed with malicious config… |
opencontainers |
runc |
2025-11-06T20:23:36.237Z | 2025-11-06T21:07:09.382Z | |
| cve-2025-33110 | 5.4 (v3.1) | IBM OpenPages Vulnerable to HTML Injection |
IBM |
OpenPages |
2025-11-06T20:43:16.690Z | 2025-11-06T21:11:53.167Z |
| cve-2025-12790 | 7.4 (v3.1) | Rubygem-mqtt: rubygem-mqtt hostname validation |
Red Hat |
Red Hat Satellite 6 |
2025-11-06T21:07:34.970Z | 2025-11-08T04:55:19.808Z |
| cve-2025-12489 | 7.8 (v3.0) | evernote-mcp-server openBrowser Command Injection Priv… |
evernote-mcp-server |
evernote-mcp-server |
2025-11-06T20:11:32.632Z | 2025-11-06T20:43:33.002Z |
| cve-2025-12488 | 9.8 (v3.0) | oobabooga text-generation-webui trust_remote_code Reli… |
oobabooga |
text-generation-webui |
2025-11-06T20:11:52.136Z | 2025-11-06T20:30:32.724Z |
| cve-2025-12487 | 9.8 (v3.0) | oobabooga text-generation-webui trust_remote_code Reli… |
oobabooga |
text-generation-webui |
2025-11-06T20:12:07.187Z | 2025-11-06T20:29:38.307Z |
| cve-2025-12486 | 8.8 (v3.0) | Heimdall Data Database Proxy Cross-Site Scripting Remo… |
Heimdall Data |
Database Proxy |
2025-11-06T20:12:54.400Z | 2025-11-06T20:26:19.171Z |
| cve-2025-52565 | container escape due to /dev/console mount and related races |
opencontainers |
runc |
2025-11-06T20:02:58.513Z | 2025-11-06T21:32:19.129Z | |
| cve-2025-34247 | 5.1 (v4.0) | Advantech WebAccess/VPN < 1.1.5 SQL Injection via Netw… |
Advantech |
WebAccess/VPN |
2025-11-06T19:49:37.330Z | 2025-11-06T20:05:51.848Z |
| cve-2025-34246 | 5.3 (v4.0) | Advantech WebAccess/VPN < 1.1.5 SQL Injection via Ajax… |
Advantech |
WebAccess/VPN |
2025-11-06T19:49:01.611Z | 2025-11-06T20:06:14.132Z |
| cve-2025-34245 | 5.3 (v4.0) | Advantech WebAccess/VPN < 1.1.5 SQL Injection via Ajax… |
Advantech |
WebAccess/VPN |
2025-11-06T19:48:21.189Z | 2025-11-06T20:06:33.433Z |
| cve-2025-34244 | 5.3 (v4.0) | Advantech WebAccess/VPN < 1.1.5 SQL Injection via Ajax… |
Advantech |
WebAccess/VPN |
2025-11-06T19:47:41.796Z | 2025-11-06T20:06:52.567Z |
| cve-2025-34243 | 5.3 (v4.0) | Advantech WebAccess/VPN < 1.1.5 SQL Injection via Ajax… |
Advantech |
WebAccess/VPN |
2025-11-06T19:47:04.733Z | 2025-11-06T20:07:10.296Z |
| cve-2025-34242 | 8.6 (v4.0) | Advantech WebAccess/VPN < 1.1.5 SQL Injection via Ajax… |
Advantech |
WebAccess/VPN |
2025-11-06T19:46:20.183Z | 2025-11-06T20:08:14.910Z |
| cve-2025-34241 | 5.3 (v4.0) | Advantech WebAccess/VPN < 1.1.5 SQL Injection via Ajax… |
Advantech |
WebAccess/VPN |
2025-11-06T19:45:39.944Z | 2025-11-06T20:08:33.015Z |
| cve-2025-34240 | 8.6 (v4.0) | Advantech WebAccess/VPN < 1.1.5 SQL Injection via AppM… |
Advantech |
WebAccess/VPN |
2025-11-06T19:45:02.692Z | 2025-11-06T21:01:40.174Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-54812 | Malicious code in sari-mieaceh100-sluey (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54811 | Malicious code in sari-martabak8-sluey (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54810 | Malicious code in sari-mangut86-sukiwir (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54809 | Malicious code in sari-mangga72-miaww (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54808 | Malicious code in sari-lodeh33-breki (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54807 | Malicious code in sari-lapis93-breki (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54806 | Malicious code in sari-kue58-breki (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54805 | Malicious code in sari-kue47-sluey (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54804 | Malicious code in sari-kue10-riris (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54803 | Malicious code in sari-kripik46-miaww (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54802 | Malicious code in sari-kripik44-riris (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54801 | Malicious code in sari-klipo13-breki (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54800 | Malicious code in sari-ketan21-apidev (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54799 | Malicious code in sari-keraktelor68-breki (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54798 | Malicious code in sari-keraktelor14-riris (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54797 | Malicious code in sari-kembang62-sluey (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54796 | Malicious code in sari-kacang40-ruro (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54795 | Malicious code in sari-getuk86-miaww (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54794 | Malicious code in sari-getas7-breki (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54793 | Malicious code in sari-getas64-sluey (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54792 | Malicious code in sari-getas49-tititugel (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54791 | Malicious code in sari-getas11-miaww (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54790 | Malicious code in sari-gembus94-sukiwir (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54789 | Malicious code in sari-gembus25-sluey (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54788 | Malicious code in sari-gaplek93-sluey (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54787 | Malicious code in sari-gaplek2-breki (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54786 | Malicious code in sari-gandul78-sluey (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54785 | Malicious code in sari-bubursumsum4-sukiwir (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54784 | Malicious code in sari-bubur74-sluey (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| mal-2025-54783 | Malicious code in sari-bakwan4-sluey (npm) | 2025-11-10T05:18:00Z | 2025-11-10T05:18:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:18416 | Red Hat Security Advisory: Automotive bug fix and enhancement update | 2025-10-21T03:29:45+00:00 | 2025-10-21T08:02:11+00:00 |
| rhsa-2025:9563 | Red Hat Security Advisory: OpenShift Container Platform 4.20.0 security and extras update | 2025-10-21T03:27:40+00:00 | 2025-11-06T22:56:51+00:00 |
| rhsa-2025:18525 | Red Hat Security Advisory: rust-bootupd security update from RHEL | 2025-10-21T03:13:35+00:00 | 2025-10-21T08:02:17+00:00 |
| rhsa-2025:18510 | Red Hat Security Advisory: python3.11 security update from RHEL | 2025-10-21T03:13:27+00:00 | 2025-10-21T08:02:14+00:00 |
| rhsa-2025:18505 | Red Hat Security Advisory: rhc security update from RHEL | 2025-10-21T03:12:20+00:00 | 2025-10-21T08:02:14+00:00 |
| rhsa-2025:18408 | Red Hat Security Advisory: krb5 security update from RHEL | 2025-10-21T03:09:48+00:00 | 2025-10-21T08:02:04+00:00 |
| rhsa-2025:18407 | Red Hat Security Advisory: iptraf-ng security update from RHEL | 2025-10-21T03:05:35+00:00 | 2025-10-21T08:02:04+00:00 |
| rhsa-2025:18433 | Red Hat Security Advisory: keylime-agent-rust security update from RHEL | 2025-10-21T02:52:05+00:00 | 2025-10-21T08:02:01+00:00 |
| rhsa-2025:18442 | Red Hat Security Advisory: openssh security update from RHEL | 2025-10-21T02:51:30+00:00 | 2025-10-21T08:02:12+00:00 |
| rhsa-2025:18450 | Red Hat Security Advisory: rsync security update from RHEL | 2025-10-21T02:50:15+00:00 | 2025-10-21T08:02:11+00:00 |
| rhsa-2025:18446 | Red Hat Security Advisory: xorg-x11-server-Xwayland security update from RHEL | 2025-10-21T02:50:10+00:00 | 2025-10-21T08:02:09+00:00 |
| rhsa-2025:18452 | Red Hat Security Advisory: openjpeg2 security update from RHEL | 2025-10-21T02:45:40+00:00 | 2025-10-21T08:02:12+00:00 |
| rhsa-2025:18437 | Red Hat Security Advisory: gnutls security update from RHEL | 2025-10-21T02:32:20+00:00 | 2025-10-21T08:02:06+00:00 |
| rhsa-2025:18436 | Red Hat Security Advisory: libtasn1 security update from RHEL | 2025-10-21T02:32:20+00:00 | 2025-10-21T08:02:02+00:00 |
| rhsa-2025:18478 | Red Hat Security Advisory: microcode_ctl security update from RHEL | 2025-10-21T02:28:40+00:00 | 2025-10-21T08:02:13+00:00 |
| rhsa-2025:18390 | Red Hat Security Advisory: gstreamer1-plugins-good security update from RHEL | 2025-10-21T02:27:50+00:00 | 2025-10-21T08:00:51+00:00 |
| rhsa-2025:18398 | Red Hat Security Advisory: git-lfs security update from RHEL | 2025-10-21T02:27:09+00:00 | 2025-10-21T08:00:48+00:00 |
| rhsa-2025:18389 | Red Hat Security Advisory: gstreamer1-plugins-base security update from RHEL | 2025-10-21T02:26:12+00:00 | 2025-10-21T08:01:57+00:00 |
| rhsa-2025:18361 | Red Hat Security Advisory: python-requests security update from RHEL | 2025-10-21T01:40:55+00:00 | 2025-10-21T08:01:52+00:00 |
| rhsa-2025:18321 | Red Hat Security Advisory: thunderbird security update | 2025-10-20T19:14:52+00:00 | 2025-11-10T06:42:31+00:00 |
| rhsa-2025:18320 | Red Hat Security Advisory: thunderbird security update | 2025-10-20T19:06:37+00:00 | 2025-11-10T06:42:29+00:00 |
| rhsa-2025:18318 | Red Hat Security Advisory: kernel security update | 2025-10-20T10:01:06+00:00 | 2025-11-07T19:47:52+00:00 |
| rhsa-2025:18297 | Red Hat Security Advisory: kernel security update | 2025-10-20T02:48:20+00:00 | 2025-11-06T22:02:19+00:00 |
| rhsa-2025:18298 | Red Hat Security Advisory: kernel-rt security update | 2025-10-20T02:35:50+00:00 | 2025-11-06T22:02:21+00:00 |
| rhsa-2025:18281 | Red Hat Security Advisory: kernel security update | 2025-10-20T02:28:10+00:00 | 2025-11-08T07:17:26+00:00 |
| rhsa-2025:18285 | Red Hat Security Advisory: firefox security update | 2025-10-20T02:25:40+00:00 | 2025-11-10T06:42:30+00:00 |
| rhsa-2025:18286 | Red Hat Security Advisory: libssh security update | 2025-10-20T02:19:30+00:00 | 2025-11-06T23:42:33+00:00 |
| rhsa-2025:18280 | Red Hat Security Advisory: kernel security update | 2025-10-20T00:25:14+00:00 | 2025-11-06T23:05:44+00:00 |
| rhsa-2025:18279 | Red Hat Security Advisory: kernel-rt security update | 2025-10-20T00:10:49+00:00 | 2025-11-06T23:05:43+00:00 |
| rhsa-2025:18275 | Red Hat Security Advisory: libssh security update | 2025-10-16T22:09:51+00:00 | 2025-11-06T23:42:33+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-9230 | Out-of-bounds read & write in RFC 3211 KEK Unwrap | 2025-09-02T00:00:00.000Z | 2025-10-02T01:05:57.000Z |
| msrc_cve-2025-9086 | Out of bounds read for cookie path | 2025-09-02T00:00:00.000Z | 2025-09-13T01:05:35.000Z |
| msrc_cve-2025-8869 | Fallback tar extraction in pip doesn't check symbolic links point to extraction directory | 2025-09-02T00:00:00.000Z | 2025-09-27T01:02:56.000Z |
| msrc_cve-2025-8277 | Libssh: memory exhaustion via repeated key exchange in libssh | 2025-09-02T00:00:00.000Z | 2025-09-11T01:01:43.000Z |
| msrc_cve-2025-7039 | Glib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file() | 2025-09-02T00:00:00.000Z | 2025-09-05T01:05:05.000Z |
| msrc_cve-2025-60019 | Glib-networking: uninitialized memory dereferences on glib-networking through glib-networking/tls/openssl/gtlsbio.c via g_tls_bio_new_from_iostream() and g_tls_bio_new_from_datagram_based() | 2025-09-02T00:00:00.000Z | 2025-09-29T01:01:23.000Z |
| msrc_cve-2025-60018 | Glib-networking: out of bound reads on glib-networking through tls/openssl/gtlscertificate-openssl.c via "g_tls_certificate_openssl_get_property()" | 2025-09-02T00:00:00.000Z | 2025-09-29T01:01:31.000Z |
| msrc_cve-2025-59825 | astral-tokio-tar has a path traversal in tar extraction | 2025-09-02T00:00:00.000Z | 2025-09-27T01:03:20.000Z |
| msrc_cve-2025-59375 | libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing. | 2025-09-02T00:00:00.000Z | 2025-09-16T01:01:15.000Z |
| msrc_cve-2025-59362 | Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asn_build_objid in lib/snmplib/asn1.c. | 2025-09-02T00:00:00.000Z | 2025-09-28T01:02:19.000Z |
| msrc_cve-2025-58767 | REXML has a DoS condition when parsing malformed XML file | 2025-09-02T00:00:00.000Z | 2025-09-21T01:04:06.000Z |
| msrc_cve-2025-58754 | Axios is vulnerable to DoS attack through lack of data size check | 2025-09-02T00:00:00.000Z | 2025-09-16T01:02:01.000Z |
| msrc_cve-2025-58749 | WAMR runtime hangs or crashes with large memory.fill addresses in LLVM-JIT mode | 2025-09-02T00:00:00.000Z | 2025-09-21T01:03:55.000Z |
| msrc_cve-2025-58364 | cups: Remote DoS via null dereference | 2025-09-02T00:00:00.000Z | 2025-09-12T01:09:13.000Z |
| msrc_cve-2025-58354 | Kata Containers coco-tdx malicious host can circumvent initdata verification | 2025-09-02T00:00:00.000Z | 2025-09-25T01:02:04.000Z |
| msrc_cve-2025-58063 | CoreDNS: DNS Cache Pinning via etcd Lease ID Confusion | 2025-09-02T00:00:00.000Z | 2025-09-11T01:01:49.000Z |
| msrc_cve-2025-58060 | cups has Authentication bypass with AuthType Negotiate | 2025-09-02T00:00:00.000Z | 2025-09-12T01:08:34.000Z |
| msrc_cve-2025-57052 | cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters. | 2025-09-02T00:00:00.000Z | 2025-09-07T01:15:37.000Z |
| msrc_cve-2025-55560 | An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor. | 2025-09-02T00:00:00.000Z | 2025-10-02T01:05:29.000Z |
| msrc_cve-2025-55558 | A buffer overflow occurs in pytorch v2.7.0 when a PyTorch model consists of torch.nn.Conv2d, torch.nn.functional.hardshrink, and torch.Tensor.view-torch.mv() and is compiled by Inductor, leading to a Denial of Service (DoS). | 2025-09-02T00:00:00.000Z | 2025-10-02T01:05:39.000Z |
| msrc_cve-2025-55557 | A Name Error occurs in pytorch v2.7.0 when a PyTorch model consists of torch.cummin and is compiled by Inductor, leading to a Denial of Service (DoS). | 2025-09-02T00:00:00.000Z | 2025-10-02T01:05:13.000Z |
| msrc_cve-2025-55554 | pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nan_to_num-.long(). | 2025-09-02T00:00:00.000Z | 2025-10-05T01:01:42.000Z |
| msrc_cve-2025-55553 | A syntax error in the component proxy_tensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service (DoS). | 2025-09-02T00:00:00.000Z | 2025-10-01T17:11:29.000Z |
| msrc_cve-2025-55552 | pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randn_like are used together. | 2025-09-02T00:00:00.000Z | 2025-10-05T01:01:33.000Z |
| msrc_cve-2025-55551 | An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when performing a slice operation. | 2025-09-02T00:00:00.000Z | 2025-10-05T01:01:25.000Z |
| msrc_cve-2025-48041 | SSH_FXP_OPENDIR may Lead to Exhaustion of File Handles | 2025-09-02T00:00:00.000Z | 2025-09-12T01:08:55.000Z |
| msrc_cve-2025-48040 | Malicious Key Exchange Messages may Lead to Excessive Resource Consumption | 2025-09-02T00:00:00.000Z | 2025-09-13T01:06:10.000Z |
| msrc_cve-2025-48039 | Unverified Paths can Cause Excessive Use of System Resources | 2025-09-02T00:00:00.000Z | 2025-09-12T01:09:04.000Z |
| msrc_cve-2025-48038 | Unverified File Handles can Cause Excessive Use of System Resources | 2025-09-02T00:00:00.000Z | 2025-09-12T01:08:45.000Z |
| msrc_cve-2025-46153 | PyTorch before 3.7.0 has a bernoulli_p decompose function in decompositions.py even though it lacks full consistency with the eager CPU implementation, negatively affecting nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d for fallback_random=True. | 2025-09-02T00:00:00.000Z | 2025-10-02T01:04:57.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2023-027250 | Security Problem in Web Browser Permission Mechanism | 2024-09-11T18:19+09:00 | 2024-09-11T18:19+09:00 |
| jvndb-2020-018327 | Malleability attack against executables encrypted by CBC mode with no integrity check | 2024-09-11T18:19+09:00 | 2024-09-11T18:19+09:00 |
| jvndb-2024-000095 | Multiple Alps System Integration products and the OEM products vulnerable to cross-site request forgery | 2024-09-09T16:40+09:00 | 2024-09-09T16:40+09:00 |
| jvndb-2024-000096 | Pgpool-II vulnerable to information disclosure | 2024-09-09T14:58+09:00 | 2024-09-09T14:58+09:00 |
| jvndb-2024-000094 | "@cosme" App fails to restrict custom URL schemes properly | 2024-09-09T14:20+09:00 | 2024-09-09T14:20+09:00 |
| jvndb-2024-000097 | WordPress Plugin "Forminator" vulnerable to cross-site scripting | 2024-09-09T13:51+09:00 | 2024-09-09T13:51+09:00 |
| jvndb-2024-000098 | Multiple products from KINGSOFT JAPAN vulnerable to path traversal | 2024-09-06T15:07+09:00 | 2024-09-06T15:07+09:00 |
| jvndb-2024-000090 | Secure Boot bypass Vulnerability in PRIMERGY | 2024-09-06T14:39+09:00 | 2024-09-06T14:39+09:00 |
| jvndb-2024-000093 | WordPress Plugin "Advanced Custom Fields" vulnerable to cross-site scripting | 2024-09-04T13:01+09:00 | 2024-09-04T13:01+09:00 |
| jvndb-2024-007002 | Panasonic Control FPWIN Pro7 vulnerable to stack-based buffer overflow | 2024-09-02T14:57+09:00 | 2024-09-02T14:57+09:00 |
| jvndb-2024-000091 | IPCOM vulnerable to information disclosure | 2024-08-30T14:56+09:00 | 2024-08-30T14:56+09:00 |
| jvndb-2024-000092 | Multiple vulnerabilities in WordPress plugin "Carousel Slider" | 2024-08-30T13:58+09:00 | 2024-08-30T13:58+09:00 |
| jvndb-2024-000089 | WindLDR and WindO/I-NV4 store sensitive information in cleartext | 2024-08-29T15:08+09:00 | 2024-09-24T17:14+09:00 |
| jvndb-2024-006787 | xfpt vulnerable to stack-based buffer overflow | 2024-08-29T14:07+09:00 | 2024-08-29T14:07+09:00 |
| jvndb-2024-000088 | Multiple vulnerabilities in ELECOM wireless LAN routers and access points | 2024-08-27T14:40+09:00 | 2024-11-26T15:17+09:00 |
| jvndb-2024-006646 | Authentication Bypass Vulnerability in Hitachi Ops Center Common Services | 2024-08-27T12:01+09:00 | 2024-08-27T12:01+09:00 |
| jvndb-2024-006367 | Unquoted Service Path in Hitachi Device Manager | 2024-08-26T16:27+09:00 | 2024-08-26T16:27+09:00 |
| jvndb-2024-000087 | BUFFALO wireless LAN routers and wireless LAN repeaters vulnerable to OS command injection | 2024-08-23T14:17+09:00 | 2024-08-23T14:17+09:00 |
| jvndb-2024-000086 | Multiple Safie products vulnerable to improper server certificate verification | 2024-08-22T13:51+09:00 | 2024-08-29T12:23+09:00 |
| jvndb-2020-007305 | Installer of Trend Micro Security 2020 (Consumer) may insecurely load Dynamic Link Libraries | 2024-08-22T11:33+09:00 | 2024-08-22T11:33+09:00 |
| jvndb-2017-009536 | Packetbeat vulnerable to denial-of-service (DoS) | 2024-08-21T17:54+09:00 | 2024-08-21T17:54+09:00 |
| jvndb-2018-009127 | Multiple vulnerabilities in LogonTracer | 2024-08-21T17:37+09:00 | 2024-08-21T17:37+09:00 |
| jvndb-2020-002957 | A vulnerability in TOYOTA MOTOR's DCU (Display Control Unit) | 2024-08-20T18:12+09:00 | 2024-08-20T18:12+09:00 |
| jvndb-2020-007306 | Trend Micro Security (Consumer) Driver vulnerable to Out-of-bounds Read | 2024-08-20T17:52+09:00 | 2024-08-20T17:52+09:00 |
| jvndb-2024-000085 | "Rakuten Ichiba App" fails to restrict custom URL schemes properly | 2024-08-20T16:56+09:00 | 2024-08-20T16:56+09:00 |
| jvndb-2024-005167 | EL Injection Vulnerability in Hitachi Tuning Manager | 2024-08-15T09:38+09:00 | 2024-08-15T09:38+09:00 |
| jvndb-2016-000124 | WAON service app for Android fails to verify SSL server certificates | 2024-08-15T09:36+09:00 | 2024-08-15T09:36+09:00 |
| jvndb-2024-000083 | Firmware update for RICOH JavaTM Platform resets the TLS configuration | 2024-08-06T15:13+09:00 | 2024-08-06T15:13+09:00 |
| jvndb-2024-000079 | Cybozu Office vulnerable to bypass browsing restrictions in Custom App | 2024-08-06T14:59+09:00 | 2024-08-06T14:59+09:00 |
| jvndb-2024-000082 | Pimax Play and PiTool accept WebSocket connections from unintended endpoints | 2024-08-05T13:58+09:00 | 2024-08-05T13:58+09:00 |
| ID | Description | Updated |
|---|