Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-5jxc-g6h9-qhh2 | Missing Authorization vulnerability in ignitionwp IgnitionDeck ignitiondeck allows Exploiting Incor… | 2025-10-27T03:30:38Z | 2025-11-13T12:31:29Z |
| ghsa-58cj-fhxc-8766 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:38Z | 2025-11-13T12:31:30Z |
| ghsa-57jv-qvc3-pqvx | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:38Z | 2025-11-13T12:31:29Z |
| ghsa-4x6p-59v2-q4rm | Insertion of Sensitive Information Into Sent Data vulnerability in publitio Publitio publitio allow… | 2025-10-27T03:30:38Z | 2025-11-13T12:31:30Z |
| ghsa-4wgc-mr64-xpj9 | Missing Authorization vulnerability in mrityunjay Smart WeTransfer smart-wetransfer allows Exploiti… | 2025-10-27T03:30:38Z | 2025-11-13T12:31:29Z |
| ghsa-4p29-549h-2gh8 | Missing Authorization vulnerability in themeshopy TS Demo Importer ts-demo-importer allows Exploiti… | 2025-10-27T03:30:38Z | 2025-11-13T12:31:29Z |
| ghsa-43fg-2qr4-qfpx | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:38Z | 2025-11-13T12:31:29Z |
| ghsa-2r2f-xx92-v4f7 | Missing Authorization vulnerability in ilmosys Open Close WooCommerce Store woc-open-close allows E… | 2025-10-27T03:30:38Z | 2025-11-13T12:31:30Z |
| ghsa-xv7r-59fx-748w | Missing Authorization vulnerability in KingAddons.com King Addons for Elementor king-addons allows … | 2025-10-27T03:30:37Z | 2025-11-13T12:31:28Z |
| ghsa-r7j5-qh6m-fq7m | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:37Z | 2025-11-13T12:31:28Z |
| ghsa-qgrx-9g4w-jqhw | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:37Z | 2025-11-13T12:31:28Z |
| ghsa-q37x-33h5-j3m6 | Missing Authorization vulnerability in Premmerce Premmerce User Roles premmerce-user-roles allows E… | 2025-10-27T03:30:37Z | 2025-11-13T12:31:28Z |
| ghsa-pwph-xh28-vc48 | Cross-Site Request Forgery (CSRF) vulnerability in digitaldonkey Multilang Contact Form multilang-c… | 2025-10-27T03:30:37Z | 2025-11-13T12:31:28Z |
| ghsa-pfhc-9962-564w | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:37Z | 2025-11-13T12:31:28Z |
| ghsa-mpp5-m6c8-j88w | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:37Z | 2025-11-13T12:31:28Z |
| ghsa-jx8m-5cp9-vhfv | Cross-Site Request Forgery (CSRF) vulnerability in Premmerce Premmerce Brands for WooCommerce premm… | 2025-10-27T03:30:37Z | 2025-11-13T12:31:28Z |
| ghsa-jw9h-98r6-h6g5 | Insertion of Sensitive Information Into Sent Data vulnerability in Vito Peleg Atarim atarim-visual-… | 2025-10-27T03:30:37Z | 2025-11-13T12:31:28Z |
| ghsa-jj73-x7vp-qmwc | Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Pricing Table builder wpdevart-pricing-… | 2025-10-27T03:30:37Z | 2025-11-13T12:31:28Z |
| ghsa-j6jh-rjjw-8j6w | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Brec… | 2025-10-27T03:30:37Z | 2025-11-13T12:31:28Z |
| ghsa-hvh9-vxxp-gpc2 | Cross-Site Request Forgery (CSRF) vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus (Slide… | 2025-10-27T03:30:37Z | 2025-11-13T12:31:28Z |
| ghsa-h5wc-wh24-wmj3 | Missing Authorization vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay allows Exp… | 2025-10-27T03:30:37Z | 2025-11-13T12:31:28Z |
| ghsa-h432-rvxr-c29p | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:37Z | 2025-11-13T12:31:29Z |
| ghsa-f8q6-hmxg-h9wf | Missing Authorization vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-po… | 2025-10-27T03:30:37Z | 2025-11-13T12:31:28Z |
| ghsa-9x8g-4jjw-rm2h | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:37Z | 2025-11-13T12:31:29Z |
| ghsa-8q77-p5q9-gvx9 | Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart al… | 2025-10-27T03:30:37Z | 2025-11-13T12:31:28Z |
| ghsa-7848-668p-fhjf | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:37Z | 2025-11-13T12:31:29Z |
| ghsa-6q4g-932g-63xg | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:37Z | 2025-11-13T12:31:29Z |
| ghsa-5m2r-v35x-jhhx | Authorization Bypass Through User-Controlled Key vulnerability in mediavine Create by Mediavine med… | 2025-10-27T03:30:37Z | 2025-11-13T12:31:28Z |
| ghsa-4xjg-xwcf-8rx4 | Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage … | 2025-10-27T03:30:37Z | 2025-11-13T12:31:28Z |
| ghsa-2x26-r374-v69m | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-10-27T03:30:37Z | 2025-11-13T12:31:29Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-62913 | N/A | WordPress Opal Service plugin <= 1.9.1 - Cross Site Sc… |
wpopal |
Opal Service |
2025-10-27T01:33:54.900Z | 2025-11-13T10:33:47.693Z |
| cve-2025-62912 | N/A | WordPress SiteGround Email Marketing plugin <= 1.7.1 -… |
SiteGround |
SiteGround Email Marketing |
2025-10-27T01:33:54.526Z | 2025-11-13T10:33:47.671Z |
| cve-2025-62911 | N/A | WordPress Rock Convert plugin <= 3.0.1 - Cross Site Sc… |
Rock Content |
Rock Convert |
2025-10-27T01:33:54.127Z | 2025-11-13T10:33:47.676Z |
| cve-2025-62910 | N/A | WordPress Video Gallery by Huzzaz plugin <= 10.5 - Cro… |
deshine |
Video Gallery by Huzzaz |
2025-10-27T01:33:53.748Z | 2025-11-13T10:33:47.648Z |
| cve-2025-62909 | N/A | WordPress Smart WeTransfer plugin <= 1.3 - Broken Acce… |
mrityunjay |
Smart WeTransfer |
2025-10-27T01:33:53.355Z | 2025-11-13T10:33:47.658Z |
| cve-2025-62908 | N/A | WordPress Podlove Web Player plugin <= 5.9.1 - Broken … |
gerritvanaaken |
Podlove Web Player |
2025-10-27T01:33:52.965Z | 2025-11-13T10:33:47.659Z |
| cve-2025-62907 | N/A | WordPress Custom Post Type Attachment plugin <= 3.4.6 … |
aviplugins.com |
Custom Post Type Attachment |
2025-10-27T01:33:52.564Z | 2025-11-13T10:33:47.661Z |
| cve-2025-62906 | N/A | WordPress Referral Link Tracker plugin <= 1.1.4 - Brok… |
epiphanyit321 |
Referral Link Tracker |
2025-10-27T01:33:52.110Z | 2025-11-13T10:33:47.637Z |
| cve-2025-62905 | N/A | WordPress Query Posts plugin <= 0.3.2 - Cross Site Scr… |
Justin Tadlock |
Query Posts |
2025-10-27T01:33:51.717Z | 2025-11-13T10:33:47.633Z |
| cve-2025-62904 | N/A | WordPress WP Geo plugin <= 3.5.1 - Cross Site Scriptin… |
Ben Huson |
WP Geo |
2025-10-27T01:33:51.339Z | 2025-11-13T10:33:47.648Z |
| cve-2025-62903 | N/A | WordPress WPC Smart Messages for WooCommerce plugin <=… |
WPClever |
WPC Smart Messages for WooCommerce |
2025-10-27T01:33:50.952Z | 2025-11-13T10:33:47.607Z |
| cve-2025-62902 | N/A | WordPress WP Popup Builder plugin <= 1.3.6 - Sensitive… |
ThemeHunk |
WP Popup Builder |
2025-10-27T01:33:50.531Z | 2025-11-13T10:33:47.599Z |
| cve-2025-62900 | N/A | WordPress Popular Posts by Webline plugin <= 1.1.1 - C… |
WeblineIndia |
Popular Posts by Webline |
2025-10-27T01:33:50.140Z | 2025-11-13T10:33:47.605Z |
| cve-2025-62899 | N/A | WordPress Photospace Responsive plugin <= 2.2.0 - Cros… |
THRIVE - Web Design Gold Coast |
Photospace Responsive |
2025-10-27T01:33:49.758Z | 2025-11-13T10:33:47.602Z |
| cve-2025-62898 | N/A | WordPress Links shortcode plugin <= 1.8.3 - Cross Site… |
Maarten |
Links shortcode |
2025-10-27T01:33:49.376Z | 2025-11-13T10:33:47.622Z |
| cve-2025-62897 | N/A | WordPress WP Recipe Maker plugin <= 10.1.1 - Content I… |
Brecht |
WP Recipe Maker |
2025-10-27T01:33:49.016Z | 2025-11-13T10:33:47.627Z |
| cve-2025-62896 | N/A | WordPress Multilang Contact Form plugin <= 1.5 - Cross… |
digitaldonkey |
Multilang Contact Form |
2025-10-27T01:33:48.644Z | 2025-11-13T10:33:47.595Z |
| cve-2025-62895 | N/A | WordPress Atarim plugin <= 4.2 - Sensitive Data Exposu… |
Vito Peleg |
Atarim |
2025-10-27T01:33:48.249Z | 2025-11-13T10:33:47.596Z |
| cve-2025-62894 | N/A | WordPress ACF Recent Posts Widget plugin <= 5.9.3 - Cr… |
magicoders |
ACF Recent Posts Widget |
2025-10-27T01:33:47.856Z | 2025-11-13T10:33:47.529Z |
| cve-2025-62893 | N/A | WordPress Create by Mediavine plugin <= 1.9.14 - Insec… |
mediavine |
Create by Mediavine |
2025-10-27T01:33:47.484Z | 2025-11-13T10:33:47.483Z |
| cve-2025-62892 | N/A | WordPress Sunshine Photo Cart plugin <= 3.5.3 - Broken… |
sunshinephotocart |
Sunshine Photo Cart |
2025-10-27T01:33:47.085Z | 2025-11-13T10:33:47.490Z |
| cve-2025-62891 | N/A | WordPress Off-Canvas Sidebars & Menus (Slidebars) plug… |
Jory Hogeveen |
Off-Canvas Sidebars & Menus (Slidebars) |
2025-10-27T01:33:46.691Z | 2025-11-13T10:33:47.451Z |
| cve-2025-62890 | N/A | WordPress Premmerce Brands for WooCommerce plugin <= 1… |
Premmerce |
Premmerce Brands for WooCommerce |
2025-10-27T01:33:46.308Z | 2025-11-13T10:33:47.456Z |
| cve-2025-62889 | N/A | WordPress King Addons for Elementor plugin <= 51.1.37 … |
KingAddons.com |
King Addons for Elementor |
2025-10-27T01:33:45.909Z | 2025-11-13T10:33:47.452Z |
| cve-2025-62887 | N/A | WordPress King Addons for Elementor plugin <= 51.1.37 … |
KingAddons.com |
King Addons for Elementor |
2025-10-27T01:33:45.420Z | 2025-11-13T10:33:47.462Z |
| cve-2025-62886 | N/A | WordPress Pricing Table builder plugin <= 1.5.1 - Cros… |
wpdevart |
Pricing Table builder |
2025-10-27T01:33:44.741Z | 2025-11-13T10:33:47.425Z |
| cve-2025-62885 | N/A | WordPress WP VR plugin <= 8.5.42 - Cross Site Scriptin… |
RexTheme |
WP VR |
2025-10-27T01:33:44.357Z | 2025-11-13T10:33:47.375Z |
| cve-2025-62884 | N/A | WordPress Coupon Affiliates plugin <= 7.0.3 - Broken A… |
Elliot Sowersby / RelyWP |
Coupon Affiliates |
2025-10-27T01:33:43.969Z | 2025-11-13T10:33:47.423Z |
| cve-2025-62883 | N/A | WordPress Premmerce User Roles plugin <= 1.0.13 - Brok… |
Premmerce |
Premmerce User Roles |
2025-10-27T01:33:43.581Z | 2025-11-13T10:33:47.380Z |
| cve-2025-62882 | N/A | WordPress Seriously Simple Podcasting plugin <= 3.13.0… |
Craig Hewitt |
Seriously Simple Podcasting |
2025-10-27T01:33:43.191Z | 2025-11-13T10:33:47.353Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-12209 | Tenda O3 setDhcpConfig GetValue stack-based overflow |
Tenda |
O3 |
2025-10-27T03:02:10.129Z | 2025-10-28T13:48:15.487Z | |
| cve-2025-12208 | SourceCodester Best House Rental Management System adm… |
SourceCodester |
Best House Rental Management System |
2025-10-27T03:02:06.554Z | 2025-10-28T13:50:50.036Z | |
| cve-2025-12207 | Kamailio Grammar Rule cfg.y yyerror_at null pointer de… |
n/a |
Kamailio |
2025-10-27T02:32:17.604Z | 2025-11-04T21:09:31.867Z | |
| cve-2025-12206 | Kamailio rvalue.c rve_is_constant null pointer dereference |
n/a |
Kamailio |
2025-10-27T02:32:12.753Z | 2025-11-04T21:09:29.239Z | |
| cve-2025-12205 | Kamailio Configuration File cfg.lex sr_push_yy_state u… |
n/a |
Kamailio |
2025-10-27T02:32:07.777Z | 2025-11-04T21:09:26.652Z | |
| cve-2025-12204 | Kamailio Configuration File rvalue.c rve_destroy heap-… |
n/a |
Kamailio |
2025-10-27T02:02:11.424Z | 2025-11-04T21:09:23.967Z | |
| cve-2025-12203 | givanz Vvveb Code Editor functions.php sanitizeFileNam… |
givanz |
Vvveb |
2025-10-27T02:02:06.391Z | 2025-10-27T20:01:52.199Z | |
| cve-2025-62988 | N/A | WordPress Slider Templates plugin <= 1.0.3 - Server Si… |
Codeless |
Slider Templates |
2025-10-27T01:34:22.355Z | 2025-11-13T10:33:49.048Z |
| cve-2025-62987 | N/A | WordPress Builderall Builder for WordPress plugin <= 3… |
Builderall |
Builderall Builder for WordPress |
2025-10-27T01:34:21.954Z | 2025-11-13T10:33:49.047Z |
| cve-2025-62986 | N/A | WordPress FanBridge signup plugin <= 0.6 - Cross Site … |
FanBridge |
FanBridge signup |
2025-10-27T01:34:21.481Z | 2025-11-13T10:33:49.052Z |
| cve-2025-62985 | N/A | WordPress Simple Pull Quote plugin <= 1.6.3 - Cross Si… |
llamaman |
Simple Pull Quote |
2025-10-27T01:34:21.085Z | 2025-11-13T10:33:49.043Z |
| cve-2025-62984 | N/A | WordPress WP AdCenter plugin <= 2.6.1 - Cross Site Scr… |
WPeka |
WP AdCenter |
2025-10-27T01:34:20.717Z | 2025-11-13T10:33:49.045Z |
| cve-2025-62983 | N/A | WordPress Posts By Tag plugin <= 3.2.1 - Cross Site Sc… |
Sudar Muthu |
Posts By Tag |
2025-10-27T01:34:20.337Z | 2025-11-13T10:33:48.824Z |
| cve-2025-62982 | N/A | WordPress Dynamic User Directory plugin <= 2.3 - Cross… |
Sarah Giles |
Dynamic User Directory |
2025-10-27T01:34:19.955Z | 2025-11-13T10:33:48.769Z |
| cve-2025-62981 | N/A | WordPress WP Gravity Forms Zoho CRM and Bigin plugin <… |
CRM Perks |
WP Gravity Forms Zoho CRM and Bigin |
2025-10-27T01:34:19.548Z | 2025-11-13T10:33:48.765Z |
| cve-2025-62980 | N/A | WordPress Persian Admnin Fonts plugin <= 4.1.03 - Brok… |
MDZ |
Persian Admnin Fonts |
2025-10-27T01:34:19.046Z | 2025-11-13T10:33:48.757Z |
| cve-2025-62979 | N/A | WordPress ACF to REST API plugin <= 3.3.4 - Sensitive … |
airesvsg |
ACF to REST API |
2025-10-27T01:34:18.671Z | 2025-11-13T10:33:48.608Z |
| cve-2025-62978 | N/A | WordPress KiotViet Sync plugin <= 1.8.5 - Broken Acces… |
Kiotviet |
KiotViet Sync |
2025-10-27T01:34:18.281Z | 2025-11-13T10:33:48.705Z |
| cve-2025-62977 | N/A | WordPress 百度站长SEO合集(支持百度/神马/Bing/头条推送) plugin <= 2.1.3… |
沃之涛 |
百度站长SEO合集(支持百度/神马/Bing/头条推送) |
2025-10-27T01:34:17.906Z | 2025-11-13T10:33:48.772Z |
| cve-2025-62976 | N/A | WordPress Sendle Shipping plugin <= 6.02 - Broken Acce… |
Joovii |
Sendle Shipping |
2025-10-27T01:34:17.528Z | 2025-11-13T10:33:48.598Z |
| cve-2025-62975 | N/A | WordPress Raychat plugin <= 2.2.1 - Cross Site Request… |
raychat |
Raychat |
2025-10-27T01:34:17.146Z | 2025-11-13T10:33:48.609Z |
| cve-2025-62974 | N/A | WordPress Headline Analyzer plugin <= 1.3.7 - Cross Si… |
CoSchedule |
Headline Analyzer |
2025-10-27T01:34:16.779Z | 2025-11-13T10:33:48.494Z |
| cve-2025-62973 | N/A | WordPress BuddyForms plugin <= 2.9.0 - Broken Access C… |
Themekraft |
BuddyForms |
2025-10-27T01:34:16.394Z | 2025-11-13T10:33:48.556Z |
| cve-2025-62972 | N/A | WordPress WebinarPress plugin <= 1.33.28 - Broken Acce… |
WPWebinarSystem |
WebinarPress |
2025-10-27T01:34:16.018Z | 2025-11-13T10:33:48.696Z |
| cve-2025-62971 | N/A | WordPress Attesa Extra plugin <= 1.4.5 - Cross Site Sc… |
CrestaProject |
Attesa Extra |
2025-10-27T01:34:15.629Z | 2025-11-13T10:33:48.691Z |
| cve-2025-62970 | N/A | WordPress Link Whisper Free plugin <= 0.8.8 - Broken A… |
Spencer Haws |
Link Whisper Free |
2025-10-27T01:34:15.242Z | 2025-11-13T10:33:48.458Z |
| cve-2025-62969 | N/A | WordPress NextMove Lite plugin <= 2.21.0 - Cross Site … |
XLPlugins |
NextMove Lite |
2025-10-27T01:34:14.860Z | 2025-11-13T10:33:48.671Z |
| cve-2025-62968 | N/A | WordPress WP Last Modified Info plugin <= 1.9.2 - Cros… |
Sayan Datta |
WP Last Modified Info |
2025-10-27T01:34:14.465Z | 2025-11-13T10:33:48.544Z |
| cve-2025-62967 | N/A | WordPress DirectoryPress plugin <= 3.6.25 - Cross Site… |
designinvento |
DirectoryPress |
2025-10-27T01:34:14.079Z | 2025-11-13T10:33:48.414Z |
| cve-2025-62966 | N/A | WordPress GoCache plugin <= 1.3.6 - Broken Access Cont… |
Apiki |
GoCache |
2025-10-27T01:34:13.698Z | 2025-11-13T10:33:48.744Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-187802 | Malicious code in lint-antares-luna-nashira (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187801 | Malicious code in link-user-awk-bundle-throw (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187800 | Malicious code in link-upsilon-link-kappa-compress (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187799 | Malicious code in link-uglify-js-fermiparadox-auth (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187798 | Malicious code in link-typeorm-nebula-eigenstate (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187797 | Malicious code in link-theta-float-class-balance (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187796 | Malicious code in link-slidev-dione-markdown-pdf (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187795 | Malicious code in link-sedna-paleomagnetism-npm (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187794 | Malicious code in link-sadr-helios-pulsar (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187793 | Malicious code in link-loopback-hydrogeology-gacrux (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187792 | Malicious code in link-leda-odin-fetch (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187791 | Malicious code in link-emulate-double-table-book (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187790 | Malicious code in link-cron-simulate-assert-log (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187789 | Malicious code in link-cold-file-mock-info (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187788 | Malicious code in link-cat-fork-char-easy (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187787 | Malicious code in link-astrometry-gulp-transhumanism (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187786 | Malicious code in lightyear-ichnology-transform-phoebe (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187785 | Malicious code in lightyear-cors-quasar-procyon (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187784 | Malicious code in library-volcanology-magnetosphere-foundation (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187783 | Malicious code in library-update-commitizen-jabbah (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187782 | Malicious code in library-supernova-eigenstate-juno (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187781 | Malicious code in library-nebula-rest-local (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187780 | Malicious code in library-kronos-start-ceres (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187779 | Malicious code in library-frontend-update-eclipse (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187778 | Malicious code in library-fetch-hyperion-vortex (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187777 | Malicious code in library-dotenv-safe-gridsome-singularity (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187776 | Malicious code in library-capella-tectonic-child-process (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187775 | Malicious code in library-biosignature-bionics-mocha (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187774 | Malicious code in library-bellatrix-cli-cors (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187773 | Malicious code in library-babel-meteor-kronos (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:1250 | Red Hat Security Advisory: python-jinja2 security update | 2025-02-10T21:01:11+00:00 | 2025-11-06T22:35:18+00:00 |
| rhsa-2025:1247 | Red Hat Security Advisory: doxygen security update | 2025-02-10T21:00:59+00:00 | 2025-11-06T23:53:58+00:00 |
| rhsa-2025:1249 | Red Hat Security Advisory: updated discovery container images | 2025-02-10T18:38:39+00:00 | 2025-11-16T17:00:47+00:00 |
| rhsa-2025:1231 | Red Hat Security Advisory: kernel-rt security update | 2025-02-10T15:46:37+00:00 | 2025-11-06T22:35:17+00:00 |
| rhsa-2025:1230 | Red Hat Security Advisory: kernel-rt security update | 2025-02-10T15:46:37+00:00 | 2025-11-06T22:35:20+00:00 |
| rhsa-2025:1211 | Red Hat Security Advisory: tbb security update | 2025-02-10T15:46:25+00:00 | 2025-11-06T23:53:55+00:00 |
| rhsa-2025:1216 | Red Hat Security Advisory: tbb security update | 2025-02-10T15:46:22+00:00 | 2025-11-06T23:53:57+00:00 |
| rhsa-2025:1214 | Red Hat Security Advisory: tbb security update | 2025-02-10T15:46:21+00:00 | 2025-11-06T23:53:56+00:00 |
| rhsa-2025:1212 | Red Hat Security Advisory: tbb security update | 2025-02-10T15:46:21+00:00 | 2025-11-06T23:53:55+00:00 |
| rhsa-2025:1217 | Red Hat Security Advisory: tbb security update | 2025-02-10T15:46:20+00:00 | 2025-11-06T23:53:57+00:00 |
| rhsa-2025:1215 | Red Hat Security Advisory: tbb security update | 2025-02-10T15:46:20+00:00 | 2025-11-06T23:53:57+00:00 |
| rhsa-2025:1213 | Red Hat Security Advisory: tbb security update | 2025-02-10T15:46:20+00:00 | 2025-11-06T23:53:56+00:00 |
| rhsa-2025:1210 | Red Hat Security Advisory: tbb security update | 2025-02-10T15:46:18+00:00 | 2025-11-06T23:53:55+00:00 |
| rhsa-2025:1209 | Red Hat Security Advisory: tbb security update | 2025-02-10T15:46:09+00:00 | 2025-11-06T23:53:55+00:00 |
| rhsa-2025:0830 | Red Hat Security Advisory: OpenShift Container Platform 4.16.33 packages and security update | 2025-02-10T06:29:38+00:00 | 2025-11-16T17:00:44+00:00 |
| rhsa-2025:1184 | Red Hat Security Advisory: thunderbird security update | 2025-02-10T01:29:08+00:00 | 2025-11-06T23:23:49+00:00 |
| rhsa-2025:1190 | Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (etcd) security update | 2025-02-10T01:06:42+00:00 | 2025-11-13T23:00:39+00:00 |
| rhsa-2025:1185 | Red Hat Security Advisory: doxygen security update | 2025-02-10T01:05:29+00:00 | 2025-11-06T23:53:53+00:00 |
| rhsa-2025:1154 | Red Hat Security Advisory: Red Hat Integration Camel K 1.10.9 release and security update. | 2025-02-06T16:42:52+00:00 | 2025-11-08T07:16:56+00:00 |
| rhsa-2025:0842 | Red Hat Security Advisory: OpenShift Container Platform 4.14.46 security update | 2025-02-06T15:46:39+00:00 | 2025-11-16T17:00:44+00:00 |
| rhsa-2025:1140 | Red Hat Security Advisory: firefox security update | 2025-02-06T11:52:24+00:00 | 2025-11-06T23:23:48+00:00 |
| rhsa-2025:1139 | Red Hat Security Advisory: firefox security update | 2025-02-06T11:49:54+00:00 | 2025-11-06T23:23:48+00:00 |
| rhsa-2025:1137 | Red Hat Security Advisory: firefox security update | 2025-02-06T11:41:44+00:00 | 2025-11-06T23:23:48+00:00 |
| rhsa-2025:1132 | Red Hat Security Advisory: firefox security update | 2025-02-06T11:37:50+00:00 | 2025-11-06T23:23:47+00:00 |
| rhsa-2025:1136 | Red Hat Security Advisory: firefox security update | 2025-02-06T11:31:54+00:00 | 2025-11-06T23:23:47+00:00 |
| rhsa-2025:1138 | Red Hat Security Advisory: firefox security update | 2025-02-06T11:30:04+00:00 | 2025-11-06T23:23:48+00:00 |
| rhsa-2025:1135 | Red Hat Security Advisory: firefox security update | 2025-02-06T11:24:24+00:00 | 2025-11-06T23:23:47+00:00 |
| rhsa-2025:1133 | Red Hat Security Advisory: firefox security update | 2025-02-06T11:20:14+00:00 | 2025-11-06T23:23:47+00:00 |
| rhsa-2025:0840 | Red Hat Security Advisory: OpenShift Container Platform 4.14.46 security update | 2025-02-06T05:05:41+00:00 | 2025-11-14T11:38:54+00:00 |
| rhsa-2025:1109 | Red Hat Security Advisory: python-jinja2 security update | 2025-02-06T05:02:43+00:00 | 2025-11-06T22:35:15+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2024-48957 | execute_filter_audio in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst. | 2024-10-01T07:00:00.000Z | 2024-10-30T00:00:00.000Z |
| msrc_cve-2024-48949 | The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits "sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()" validation. | 2024-10-01T07:00:00.000Z | 2024-12-03T00:00:00.000Z |
| msrc_cve-2024-47850 | CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. (The request is meant to probe the new printer but can be used to create DDoS amplification attacks.) | 2024-10-01T07:00:00.000Z | 2025-09-03T20:34:03.000Z |
| msrc_cve-2024-47814 | use-after-free when closing buffers in Vim | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47764 | cookie accepts cookie name path and domain with out of bounds characters | 2024-10-01T07:00:00.000Z | 2024-12-03T00:00:00.000Z |
| msrc_cve-2024-47757 | nilfs2: fix potential oob read in nilfs_btree_check_delete() | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47756 | PCI: keystone: Fix if-statement expression in ks_pcie_quirk() | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47755 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47754 | media: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47753 | media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47752 | media: mediatek: vcodec: Fix H264 stateless decoder smatch warning | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47751 | PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47750 | RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47749 | RDMA/cxgb4: Added NULL check for lookup_atid | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47748 | vhost_vdpa: assign irq bypass producer token correctly | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47747 | net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47745 | mm: call the security_mmap_file() LSM hook in remap_file_pages() | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47744 | KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47743 | KEYS: prevent NULL pointer dereference in find_asymmetric_key() | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47742 | firmware_loader: Block path traversal | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47741 | btrfs: fix race setting file private on concurrent lseek using same fd | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47739 | padata: use integer wrap around to prevent deadlock on seq_nr overflow | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47738 | wifi: mac80211: don't use rate mask for offchannel TX either | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47737 | nfsd: call cache_put if xdr_reserve_space returns NULL | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47736 | erofs: handle overlapped pclusters out of crafted images properly | 2024-10-01T07:00:00.000Z | 2025-09-03T21:43:14.000Z |
| msrc_cve-2024-47735 | RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47734 | bonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave() | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47731 | drivers/perf: Fix ali_drw_pmu driver interrupt status clearing | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47730 | crypto: hisilicon/qm - inject error before stopping queue | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47728 | bpf: Zero former ARG_PTR_TO_{LONGINT} args in case of error | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2008-000083 | Predictable session ID vulnerability in Access Analyzer CGI by futomi's CGI Cafe | 2008-12-17T15:30+09:00 | 2008-12-17T15:30+09:00 |
| jvndb-2008-001911 | Groupmax Workflow - Development Kit for Active Server Pages Cross-Site Scripting Vulnerability | 2008-12-05T11:35+09:00 | 2008-12-05T11:35+09:00 |
| jvndb-2008-001910 | Groupmax Collaboration - Schedule Mis-scheduling Problem: Unintended Members Included When Reservations are Made by Secretary | 2008-12-05T11:34+09:00 | 2008-12-05T11:34+09:00 |
| jvndb-2008-000067 | Movable Type Enterprise cross-site scripting vulnerability | 2008-12-04T14:52+09:00 | 2008-12-04T14:52+09:00 |
| jvndb-2008-000079 | I-O DATA DEVICE HDL-F series cross-site request forgery vulnerability | 2008-12-02T15:50+09:00 | 2008-12-02T15:50+09:00 |
| jvndb-2008-001895 | JP1/VERITAS NetBackup JAVA Administration GUI Privilege Escalation Vulnerability | 2008-12-01T11:10+09:00 | 2008-12-01T11:10+09:00 |
| jvndb-2008-000078 | CGI RESCUE MiniBBS2000 directory traversal vulnerability | 2008-11-26T17:50+09:00 | 2009-04-30T15:35+09:00 |
| jvndb-2008-001877 | JP1/Integrated Management Service Support Cross-Site Scripting Vulnerability | 2008-11-21T10:16+09:00 | 2008-11-21T10:16+09:00 |
| jvndb-2008-000077 | GungHo LoadPrgAx vulnerable to arbitrary Java program execution | 2008-11-19T15:50+09:00 | 2008-11-19T15:50+09:00 |
| jvndb-2008-000076 | sISAPILocation vulnerability bypasses HTTP header rewrite function | 2008-11-10T13:29+09:00 | 2008-11-10T13:29+09:00 |
| jvndb-2008-000075 | EC-CUBE vulnerable to SQL injection | 2008-11-06T16:04+09:00 | 2009-06-25T15:44+09:00 |
| jvndb-2008-001779 | CA ARCserver Backup and CA ARCserve Backup Client Agent Denial of Service (DoS) Vulnerability | 2008-10-30T12:20+09:00 | 2008-10-30T12:20+09:00 |
| jvndb-2008-001778 | BrightStor ARCserve and eTrust Antivirus Arbitrary Code Execution Vulnerability | 2008-10-30T12:19+09:00 | 2008-10-30T12:19+09:00 |
| jvndb-2008-000074 | Snoopy command injection vulnerability | 2008-10-28T15:34+09:00 | 2008-11-28T13:54+09:00 |
| jvndb-2008-000071 | MyNETS cross-site scripting vulnerability | 2008-10-22T17:49+09:00 | 2008-10-22T17:49+09:00 |
| jvndb-2008-000070 | Internet Explorer vulnerable in handling CDO protocol | 2008-10-22T17:49+09:00 | 2008-10-22T17:49+09:00 |
| jvndb-2008-000072 | Movable Type cross-site scripting vulnerability | 2008-10-21T19:25+09:00 | 2011-05-31T10:57+09:00 |
| jvndb-2008-000068 | hisa_cart information disclosure vulnerability | 2008-10-21T19:25+09:00 | 2008-10-21T19:25+09:00 |
| jvndb-2008-000073 | Blosxom vulnerable to cross-site scripting | 2008-10-20T17:30+09:00 | 2008-10-20T17:30+09:00 |
| jvndb-2008-000069 | Apache Tomcat allows access from a non-permitted IP address | 2008-10-10T15:44+09:00 | 2009-07-08T11:38+09:00 |
| jvndb-2008-000066 | Nucleus EUC-JP Japanese Edition vulnerable to cross-site scripting | 2008-10-06T15:24+09:00 | 2008-10-06T15:24+09:00 |
| jvndb-2008-000063 | EC-CUBE cross-site scripting vulnerability | 2008-10-01T16:32+09:00 | 2008-10-01T16:32+09:00 |
| jvndb-2008-000062 | EC-CUBE cross-site scripting vulnerability | 2008-10-01T16:32+09:00 | 2008-10-01T16:32+09:00 |
| jvndb-2008-000065 | EC-CUBE vulnerable to SQL injection | 2008-10-01T16:31+09:00 | 2008-10-01T16:31+09:00 |
| jvndb-2008-000064 | EC-CUBE cross-site scripting vulnerability | 2008-10-01T16:31+09:00 | 2008-10-01T16:31+09:00 |
| jvndb-2008-000061 | phpMyAdmin cross-site scripting vulnerability | 2008-09-26T16:37+09:00 | 2008-09-26T16:37+09:00 |
| jvndb-2008-001665 | Data Transfer Control Process Cessation Issue in XFIT/S/JCA and XFIT/S/ZGN | 2008-09-24T12:03+09:00 | 2008-09-24T12:03+09:00 |
| jvndb-2008-000060 | Kantan WEB Server cross-site scripting vulnerability | 2008-09-22T12:26+09:00 | 2008-09-22T12:26+09:00 |
| jvndb-2008-000059 | Kantan WEB Server directory traversal vulnerability | 2008-09-22T12:26+09:00 | 2008-09-22T12:26+09:00 |
| jvndb-2008-001647 | Jasmine WebLink Template Multiple Vulnerabilities | 2008-09-18T11:48+09:00 | 2009-03-30T14:29+09:00 |
| ID | Description | Updated |
|---|