Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-253g-qmmx-2x98 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThemeHu… | 2025-10-27T03:30:37Z | 2025-11-13T12:31:29Z |
| ghsa-xwpf-v396-vg25 | A vulnerability was found in dnsmasq up to 2.73rc6. Affected by this vulnerability is the function … | 2025-10-27T03:30:36Z | 2025-11-02T06:30:15Z |
| ghsa-x6p5-77x3-gc76 | A vulnerability was identified in ajayrandhawa User-Management-PHP-MYSQL up to fedcf58797bf27915916… | 2025-10-27T03:30:36Z | 2025-10-27T03:30:36Z |
| ghsa-f59q-vqh7-8j8m | A security flaw has been discovered in ajayrandhawa User-Management-PHP-MYSQL web up to fedcf58797b… | 2025-10-27T03:30:36Z | 2025-10-27T03:30:36Z |
| ghsa-cjmg-wxrv-37f6 | A vulnerability was determined in dnsmasq up to 2.73rc6. Affected by this issue is the function par… | 2025-10-27T03:30:36Z | 2025-11-02T06:30:15Z |
| ghsa-cg5x-75cf-2mvp | A vulnerability has been found in dnsmasq up to 2.73rc6. Affected is the function parse_hex of the … | 2025-10-27T03:30:36Z | 2025-11-01T21:30:25Z |
| ghsa-rcvw-fc36-wjhj | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.7 before 18.3.5, 18.4… | 2025-10-27T00:30:50Z | 2025-10-27T00:30:50Z |
| ghsa-jgp3-92wq-g4pq | GitLab has remediated an issue in GitLab EE affecting all versions from 10.6 before 18.3.5, 18.4 be… | 2025-10-27T00:30:50Z | 2025-10-27T00:30:50Z |
| ghsa-5qhc-78h9-5m5x | GitLab has remediated an issue in GitLab EE affecting all versions from 17.6.0 before 18.3.5, 18.4 … | 2025-10-27T00:30:50Z | 2025-10-27T00:30:50Z |
| ghsa-28w7-9227-5wcm | GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.4.3, and 18.… | 2025-10-27T00:30:50Z | 2025-10-27T00:30:50Z |
| ghsa-xgjv-46p6-hwgv | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.0 before 18.3.5, 18.4… | 2025-10-27T00:30:49Z | 2025-10-27T00:30:49Z |
| ghsa-w2m4-xx67-836j | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.3.5, 18.… | 2025-10-27T00:30:49Z | 2025-10-27T00:30:49Z |
| ghsa-fwwv-7q49-jm9f | Lack of Input Validation in the web UI might lead to potential exploitation.This issue affects BLU-… | 2025-10-26T18:30:16Z | 2025-11-10T15:31:03Z |
| ghsa-72pv-qvjj-jq58 | Logout Functionality not Working.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. | 2025-10-26T18:30:16Z | 2025-11-10T15:31:03Z |
| ghsa-5pvj-27wv-7mqc | Missing Initial Password Change.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. | 2025-10-26T18:30:16Z | 2025-11-10T15:31:03Z |
| ghsa-54cc-2jj5-99fc | Mail Configuration File Manipulation + Command Execution.This issue affects BLU-IC2: through 1.19.5… | 2025-10-26T18:30:16Z | 2025-11-07T03:30:24Z |
| ghsa-4h97-wpxp-3757 | LangGraph's SQLite store implementation has a SQL Injection Vulnerability | 2025-10-26T06:30:20Z | 2025-10-27T20:23:06Z |
| ghsa-hf3x-mcrv-x4f8 | A unauthenticated reflected XSS vulnerability in VirtueMart 1.0.0-4.4.10 for Joomla was discovered. | 2025-10-25T21:30:12Z | 2025-10-27T18:31:08Z |
| ghsa-7998-f3xj-xgh3 | Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4… | 2025-10-25T18:30:12Z | 2025-11-07T03:30:24Z |
| ghsa-q6pv-p83m-gwhp | Weak Default Credentials.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. | 2025-10-25T18:30:11Z | 2025-11-10T15:31:03Z |
| ghsa-pg65-5pm2-3j24 | Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4… | 2025-10-25T18:30:11Z | 2025-11-10T15:31:03Z |
| ghsa-985r-cgqx-57w2 | Vulnerable Components in Azure Access OS.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: throu… | 2025-10-25T18:30:11Z | 2025-11-10T15:31:03Z |
| ghsa-7hmv-fvpj-wq57 | SNMP Default Community String (public).This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through… | 2025-10-25T18:30:11Z | 2025-11-10T15:31:03Z |
| ghsa-6v8w-33wg-8gw2 | Malicious / Malformed App can be Installed but not Uninstalled/may lead to unavailability.This issu… | 2025-10-25T18:30:11Z | 2025-11-10T15:31:02Z |
| ghsa-4x8f-8hf4-3rhx | The The7 — Website and eCommerce Builder for WordPress theme for WordPress is vulnerable to Stored … | 2025-10-25T15:31:22Z | 2025-10-25T15:31:22Z |
| ghsa-xwxm-298x-phpj | The wpForo Forum plugin for WordPress is vulnerable to error‐based or time-based SQL Injection via … | 2025-10-25T09:32:57Z | 2025-10-25T09:32:57Z |
| ghsa-x592-jf8c-q423 | The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin… | 2025-10-25T09:32:57Z | 2025-10-25T09:32:57Z |
| ghsa-vvjw-7mw8-mqg7 | The Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions pl… | 2025-10-25T09:32:57Z | 2025-10-25T09:32:57Z |
| ghsa-vpjj-mgwh-2r5x | The SpendeOnline.org plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plug… | 2025-10-25T09:32:57Z | 2025-10-25T09:32:57Z |
| ghsa-p4jw-m7hw-hjrg | The FuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant Contact,… | 2025-10-25T09:32:57Z | 2025-10-25T09:32:57Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-62881 | N/A | WordPress WP-Lister Lite for eBay plugin <= 3.8.3 - Br… |
WP Lab |
WP-Lister Lite for eBay |
2025-10-27T01:33:42.812Z | 2025-11-13T10:33:47.323Z |
| cve-2025-12202 | ajayrandhawa User-Management-PHP-MYSQL web cross-site … |
ajayrandhawa |
User-Management-PHP-MYSQL web |
2025-10-27T01:32:07.633Z | 2025-10-27T20:00:57.413Z | |
| cve-2025-12201 | ajayrandhawa User-Management-PHP-MYSQL User Management… |
ajayrandhawa |
User-Management-PHP-MYSQL |
2025-10-27T01:32:05.118Z | 2025-10-27T19:59:45.287Z | |
| cve-2025-12200 | N/A | {'providerMetadata': {'orgId': '1af790b2-7ee1-4545-860a-a788eba489b5', 'shortName': 'VulDB', 'dateUpdated': '2025-11-03T22:47:56.396Z'}, 'rejectedReasons': [{'lang': 'en', 'value': "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Based on the analysis by MITRE and review of community feedback, the reported conditions represent expected and intentional behavior within dnsmasq's documented design, rather than security vulnerabilities."}]} | N/A | N/A | 2025-10-27T01:07:44.551Z | 2025-11-03T22:47:56.396Z |
| cve-2025-12199 | N/A | {'providerMetadata': {'orgId': '1af790b2-7ee1-4545-860a-a788eba489b5', 'shortName': 'VulDB', 'dateUpdated': '2025-11-03T22:47:45.128Z'}, 'rejectedReasons': [{'lang': 'en', 'value': "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Based on the analysis by MITRE and review of community feedback, the reported conditions represent expected and intentional behavior within dnsmasq's documented design, rather than security vulnerabilities."}]} | N/A | N/A | 2025-10-27T01:02:09.029Z | 2025-11-03T22:47:45.128Z |
| cve-2025-12198 | N/A | {'providerMetadata': {'orgId': '1af790b2-7ee1-4545-860a-a788eba489b5', 'shortName': 'VulDB', 'dateUpdated': '2025-11-03T22:47:37.697Z'}, 'rejectedReasons': [{'lang': 'en', 'value': "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Based on the analysis by MITRE and review of community feedback, the reported conditions represent expected and intentional behavior within dnsmasq's documented design, rather than security vulnerabilities."}]} | N/A | N/A | 2025-10-27T00:58:12.511Z | 2025-11-03T22:47:37.697Z |
| cve-2025-6601 | 2.7 (v3.1) | Business Logic Errors in GitLab |
GitLab |
GitLab |
2025-10-27T00:06:04.304Z | 2025-10-28T15:18:04.225Z |
| cve-2025-10497 | 7.5 (v3.1) | Allocation of Resources Without Limits or Throttling i… |
GitLab |
GitLab |
2025-10-27T00:05:39.306Z | 2025-10-28T15:02:48.809Z |
| cve-2025-11971 | 6.5 (v3.1) | Incorrect Authorization in GitLab |
GitLab |
GitLab |
2025-10-27T00:05:34.305Z | 2025-10-28T15:00:45.588Z |
| cve-2025-11974 | 6.5 (v3.1) | Allocation of Resources Without Limits or Throttling i… |
GitLab |
GitLab |
2025-10-27T00:05:24.332Z | 2025-10-28T14:59:56.029Z |
| cve-2025-11447 | 7.5 (v3.1) | Allocation of Resources Without Limits or Throttling i… |
GitLab |
GitLab |
2025-10-27T00:05:19.810Z | 2025-10-28T14:58:37.798Z |
| cve-2025-61482 | N/A | Improper handling of OTP/TOTP/HOTP values in NetK… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-27T17:36:03.062Z |
| cve-2025-61481 | N/A | An issue in MikroTik RouterOS v.7.14.2 and SwOS v… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-30T17:24:08.770Z |
| cve-2025-61385 | N/A | SQL injection vulnerability in tlocke pg8000 1.31… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-28T15:19:57.759Z |
| cve-2025-61247 | N/A | indieka900 online-shopping-system-php 1.0 is vuln… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-27T19:48:51.540Z |
| cve-2025-61105 | N/A | FRRouting/frr from v4.0 through v10.4.1 was disco… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-28T17:07:38.582Z |
| cve-2025-61102 | N/A | FRRouting/frr from v4.0 through v10.4.1 was disco… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-28T17:05:18.373Z |
| cve-2025-61101 | N/A | FRRouting/frr from v4.0 through v10.4.1 was disco… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-28T17:06:21.400Z |
| cve-2025-61100 | N/A | FRRouting/frr from v2.0 through v10.4.1 was disco… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-28T17:08:10.960Z |
| cve-2025-61099 | N/A | FRRouting/frr from v2.0 through v10.4.1 was disco… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-28T17:08:55.901Z |
| cve-2025-60983 | N/A | Reflected Cross Site Scripting vulnerability in R… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-27T18:41:02.652Z |
| cve-2025-60982 | N/A | IDOR vulnerability in Educare ERP 1.0 (2025-04-22… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-27T18:43:28.468Z |
| cve-2025-60791 | N/A | Easywork Enterprise 2.1.3.354 is vulnerable to Cl… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-27T19:56:13.426Z |
| cve-2025-60425 | N/A | Nagios Fusion v2024R1.2 and v2024R2 does not inva… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-27T19:52:37.137Z |
| cve-2025-60424 | N/A | A lack of rate limiting in the OTP verification c… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-27T15:48:28.679Z |
| cve-2025-60291 | N/A | An issue was discovered in eTimeTrackLite Web thr… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-27T15:57:06.701Z |
| cve-2025-54970 | N/A | An issue was discovered in BAE SOCET GXP before 4… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-28T13:35:46.325Z |
| cve-2025-54969 | N/A | An issue was discovered in BAE SOCET GXP before 4… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-27T18:49:53.421Z |
| cve-2025-54968 | N/A | An issue was discovered in BAE SOCET GXP before 4… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-28T13:33:49.684Z |
| cve-2025-54967 | N/A | An issue was discovered in BAE SOCET GXP before 4… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-28T13:40:46.429Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-62965 | N/A | WordPress Admin Management Xtended plugin <= 2.5.1 - … |
wpseek |
Admin Management Xtended |
2025-10-27T01:34:13.305Z | 2025-11-13T10:33:48.406Z |
| cve-2025-62964 | N/A | WordPress MDTF plugin <= 1.3.4 - Broken Access Control… |
RealMag777 |
MDTF |
2025-10-27T01:34:12.925Z | 2025-11-13T10:33:48.432Z |
| cve-2025-62963 | N/A | WordPress Estatik plugin <= 4.1.13 - Cross Site Script… |
Estatik |
Estatik |
2025-10-27T01:34:12.534Z | 2025-11-13T10:33:48.543Z |
| cve-2025-62962 | N/A | WordPress CloudSearch plugin <= 3.0.0 - Cross Site Req… |
Andrea Landonio |
CloudSearch |
2025-10-27T01:34:12.156Z | 2025-11-13T10:33:48.658Z |
| cve-2025-62959 | N/A | WordPress Paid Videochat Turnkey Site plugin <= 7.3.22… |
videowhisper |
Paid Videochat Turnkey Site |
2025-10-27T01:34:11.771Z | 2025-11-13T10:33:48.572Z |
| cve-2025-62958 | N/A | WordPress Simple Content Templates for Blog Posts & Pa… |
Clifton Griffin |
Simple Content Templates for Blog Posts & Pages |
2025-10-27T01:34:11.386Z | 2025-11-13T10:33:48.467Z |
| cve-2025-62957 | N/A | WordPress NikanWP WooCommerce Reporting plugin <= 1.0.… |
NikanWP |
NikanWP WooCommerce Reporting |
2025-10-27T01:34:10.997Z | 2025-11-13T10:33:48.217Z |
| cve-2025-62956 | N/A | WordPress Reloadly plugin <= 2.0.1 - Cross Site Reques… |
iseremet |
Reloadly |
2025-10-27T01:34:10.627Z | 2025-11-13T10:33:48.494Z |
| cve-2025-62954 | N/A | WordPress Revive Old Posts plugin <= 9.3.3 - Broken Ac… |
Codeinwp |
Revive Old Posts |
2025-10-27T01:34:10.251Z | 2025-11-13T10:33:48.601Z |
| cve-2025-62953 | N/A | WordPress Welcart e-Commerce plugin <= 2.11.24 - Broke… |
nanbu |
Welcart e-Commerce |
2025-10-27T01:34:09.846Z | 2025-11-13T10:33:48.461Z |
| cve-2025-62952 | N/A | WordPress ChatBot plugin <= 7.3.0 - Broken Access Cont… |
QuantumCloud |
ChatBot |
2025-10-27T01:34:09.465Z | 2025-11-13T10:33:48.416Z |
| cve-2025-62951 | N/A | WordPress Interactive Content – H5P plugin <= 1.16.0 -… |
icc0rz |
Interactive Content – H5P |
2025-10-27T01:34:09.049Z | 2025-11-13T10:33:48.186Z |
| cve-2025-62949 | N/A | WordPress Activity Plus Reloaded for BuddyPress plugin… |
BuddyDev |
Activity Plus Reloaded for BuddyPress |
2025-10-27T01:34:08.667Z | 2025-11-13T10:33:48.570Z |
| cve-2025-62948 | N/A | WordPress Date counter plugin <= 2.0.3 - Cross Site Sc… |
Konstantin Pankratov |
Date counter |
2025-10-27T01:34:08.293Z | 2025-11-13T10:33:48.354Z |
| cve-2025-62947 | N/A | WordPress Publitio plugin <= 2.2.3 - Sensitive Data Ex… |
publitio |
Publitio |
2025-10-27T01:34:07.905Z | 2025-11-13T10:33:48.367Z |
| cve-2025-62946 | N/A | WordPress Everest Backup plugin <= 2.3.8 - Broken Acce… |
everestthemes |
Everest Backup |
2025-10-27T01:34:07.532Z | 2025-11-13T10:33:48.278Z |
| cve-2025-62945 | N/A | WordPress Did Prestashop Display plugin <= 1.0.30 - Cr… |
Eduard Pinuaga Linares |
Did Prestashop Display |
2025-10-27T01:34:07.137Z | 2025-11-13T10:33:48.588Z |
| cve-2025-62944 | N/A | WordPress MSTW CSV EXPORTER plugin <= 1.4 - Broken Acc… |
Mark O'Donnell |
MSTW CSV EXPORTER |
2025-10-27T01:34:06.759Z | 2025-11-13T10:33:48.393Z |
| cve-2025-62943 | N/A | WordPress Next Page, Not Next Post plugin <= 0.3.0 - C… |
Matt McInvale |
Next Page, Not Next Post |
2025-10-27T01:34:06.378Z | 2025-11-13T10:33:48.706Z |
| cve-2025-62942 | N/A | WordPress WP Mapbox GL JS Maps plugin <= 3.0.1 - Cross… |
tempranova |
WP Mapbox GL JS Maps |
2025-10-27T01:34:05.970Z | 2025-11-13T10:33:48.351Z |
| cve-2025-62941 | N/A | WordPress Events Maker by dFactory plugin <= 1.6.14 - … |
dFactory |
Events Maker by dFactory |
2025-10-27T01:34:05.575Z | 2025-11-13T10:33:48.624Z |
| cve-2025-62940 | N/A | WordPress Blox Lite plugin <= 1.2.8 - Cross Site Scrip… |
Nick Diego |
Blox Lite |
2025-10-27T01:34:05.124Z | 2025-11-13T10:33:48.335Z |
| cve-2025-62939 | N/A | WordPress Open Currency Converter plugin <= 1.5.0 - Cr… |
Joe |
Open Currency Converter |
2025-10-27T01:34:04.735Z | 2025-11-13T10:33:48.160Z |
| cve-2025-62938 | N/A | WordPress Reoon Email Verifier plugin <= 2.0.1 - Broke… |
Reoon Technology |
Reoon Email Verifier |
2025-10-27T01:34:04.368Z | 2025-11-13T10:33:48.315Z |
| cve-2025-62937 | N/A | WordPress Post List Featured Image plugin <= 0.5.9 - C… |
Johnny |
Post List Featured Image |
2025-10-27T01:34:03.973Z | 2025-11-13T10:33:48.308Z |
| cve-2025-62936 | N/A | WordPress xSmart theme <= 1.2.9.4 - Content Injection … |
Jthemes |
xSmart |
2025-10-27T01:34:03.605Z | 2025-11-13T10:33:47.954Z |
| cve-2025-62935 | N/A | WordPress Open Close WooCommerce Store plugin <= 4.9.8… |
ilmosys |
Open Close WooCommerce Store |
2025-10-27T01:34:03.234Z | 2025-11-13T10:33:47.938Z |
| cve-2025-62934 | N/A | WordPress WP Business Hours plugin <= 1.4 - Cross Site… |
Mejar |
WP Business Hours |
2025-10-27T01:34:02.856Z | 2025-11-13T10:33:47.932Z |
| cve-2025-62933 | N/A | WordPress Awesome Testimonials plugin <= 2.2.1 - Cross… |
Prakash |
Awesome Testimonials |
2025-10-27T01:34:02.471Z | 2025-11-13T10:33:47.896Z |
| cve-2025-62932 | N/A | WordPress Table Block by RioVizual plugin <= 2.3.2 - B… |
wprio |
Table Block by RioVizual |
2025-10-27T01:34:02.004Z | 2025-11-13T10:33:47.905Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-187773 | Malicious code in library-babel-meteor-kronos (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187772 | Malicious code in library-archaeoastronomy-winston-spica (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187771 | Malicious code in library-alphard-nova-planetology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187770 | Malicious code in levels-paleoecology-blackhole-abiogenesis (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187769 | Malicious code in levels-lacerta-entanglement-entanglement (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187768 | Malicious code in levels-jsonp-iota-abiogenesis (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187767 | Malicious code in levels-event-bionics-nodejs (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187766 | Malicious code in levels-eris-ora-hydra (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187765 | Malicious code in levels-convict-json-dynamo (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187764 | Malicious code in levels-await-postcss-comet (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187763 | Malicious code in less-radiometric-hydra-xml (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187762 | Malicious code in less-prettier-stylelint-warp-telesto (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187761 | Malicious code in less-pavo-restart-start (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187760 | Malicious code in less-mineralogy-airbnb-tardigrade (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187759 | Malicious code in less-loader-sedna-blaze-commitizen (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187758 | Malicious code in less-loader-rocket-adonis-kronos (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187757 | Malicious code in less-loader-react-bootstrap-cosmicray-spectroscopy (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187756 | Malicious code in less-loader-orbit-outercore-graphql (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187755 | Malicious code in less-loader-gulp-yaml-crust (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187754 | Malicious code in less-loader-grus-void-biosignature (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187753 | Malicious code in less-less-phenomic-paleoclimatology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187752 | Malicious code in less-geckodriver-mongodb-nodejs (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187751 | Malicious code in less-eigenstate-eris-mineralogy (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187750 | Malicious code in less-cluster-soap-firebase (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187749 | Malicious code in less-bioinformatics-ganymede-virtualreality (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187748 | Malicious code in less-astrochemistry-ceres-halley (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187747 | Malicious code in less-antimatter-slides-phoebe (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187746 | Malicious code in lepton-xanthus-paleoanthropology-abiogenesis (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187745 | Malicious code in lepton-weywot-mira-pino-pretty (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187744 | Malicious code in lepton-sociobiology-duplex-nestjs (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:0839 | Red Hat Security Advisory: OpenShift Container Platform 4.14.46 security update | 2025-02-06T01:36:17+00:00 | 2025-11-15T08:44:10+00:00 |
| rhsa-2025:0827 | Red Hat Security Advisory: OpenShift Container Platform 4.16.33 security and extras update | 2025-02-06T01:28:28+00:00 | 2025-11-14T11:38:53+00:00 |
| rhsa-2025:0834 | Red Hat Security Advisory: OpenShift Container Platform 4.12.72 packages and security update | 2025-02-06T01:16:18+00:00 | 2025-11-16T17:00:44+00:00 |
| rhsa-2025:0832 | Red Hat Security Advisory: OpenShift Container Platform 4.12.72 bug fix and security update | 2025-02-06T00:45:40+00:00 | 2025-11-16T14:39:25+00:00 |
| rhsa-2025:0831 | Red Hat Security Advisory: OpenShift Container Platform 4.12.72 security and extras update | 2025-02-06T00:36:22+00:00 | 2025-11-14T11:38:53+00:00 |
| rhsa-2025:1101 | Red Hat Security Advisory: Red Hat Ansible Automation Platform Execution Environments Container Release Update | 2025-02-05T20:23:57+00:00 | 2025-11-16T17:00:45+00:00 |
| rhsa-2025:1078 | Red Hat Security Advisory: Red Hat Build of Apache Camel 4.8.3 for Spring Boot security update. | 2025-02-05T13:53:20+00:00 | 2025-11-11T16:10:26+00:00 |
| rhsa-2025:0876 | Red Hat Security Advisory: OpenShift Container Platform 4.17.15 bug fix and security update | 2025-02-05T13:37:42+00:00 | 2025-11-15T08:44:14+00:00 |
| rhsa-2025:1075 | Red Hat Security Advisory: libsoup security update | 2025-02-05T13:27:51+00:00 | 2025-11-06T22:35:12+00:00 |
| rhsa-2025:0900 | Red Hat Security Advisory: Red Hat build of Quarkus 3.15.3 release and security update | 2025-02-05T12:21:00+00:00 | 2025-11-11T16:11:16+00:00 |
| rhsa-2025:1070 | Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (python-django20) security update | 2025-02-05T11:52:56+00:00 | 2025-11-06T23:53:53+00:00 |
| rhsa-2025:1068 | Red Hat Security Advisory: kernel security update | 2025-02-05T11:41:31+00:00 | 2025-11-08T06:51:43+00:00 |
| rhsa-2025:1066 | Red Hat Security Advisory: firefox security update | 2025-02-05T11:36:16+00:00 | 2025-11-06T23:23:47+00:00 |
| rhsa-2025:1067 | Red Hat Security Advisory: kernel-rt security update | 2025-02-05T11:21:41+00:00 | 2025-11-08T06:51:42+00:00 |
| rhsa-2025:0875 | Red Hat Security Advisory: OpenShift Container Platform 4.17.15 security and extras update | 2025-02-05T10:48:52+00:00 | 2025-11-16T17:00:44+00:00 |
| rhsa-2025:1053 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.5 | 2025-02-05T09:04:18+00:00 | 2025-11-14T11:38:58+00:00 |
| rhsa-2025:1051 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.8 | 2025-02-05T08:58:11+00:00 | 2025-11-15T08:44:20+00:00 |
| rhsa-2025:1050 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.14 | 2025-02-05T08:56:35+00:00 | 2025-11-14T11:39:01+00:00 |
| rhsa-2025:1047 | Red Hat Security Advisory: libsoup security update | 2025-02-05T05:51:16+00:00 | 2025-11-06T22:35:11+00:00 |
| rhsa-2025:1013 | Red Hat Security Advisory: RHSA: Submariner 0.19.2 - bug fix and enhancement update | 2025-02-04T18:36:21+00:00 | 2025-11-14T11:38:56+00:00 |
| rhsa-2025:1019 | Red Hat Security Advisory: Satellite 6.16.2 Async Update | 2025-02-04T16:17:19+00:00 | 2025-11-06T23:59:15+00:00 |
| rhsa-2025:0978 | Red Hat Security Advisory: python-jinja2 security update | 2025-02-04T12:23:14+00:00 | 2025-11-06T22:35:11+00:00 |
| rhsa-2025:0914 | Red Hat Security Advisory: galera and mariadb security update | 2025-02-04T09:20:28+00:00 | 2025-11-08T06:42:41+00:00 |
| rhsa-2025:0912 | Red Hat Security Advisory: mariadb:10.11 security update | 2025-02-04T09:18:18+00:00 | 2025-10-28T01:53:24+00:00 |
| rhsa-2025:0951 | Red Hat Security Advisory: python-jinja2 security update | 2025-02-04T08:57:58+00:00 | 2025-11-06T22:35:10+00:00 |
| rhsa-2025:0950 | Red Hat Security Advisory: python-jinja2 security update | 2025-02-04T08:39:43+00:00 | 2025-11-06T22:35:10+00:00 |
| rhsa-2025:0949 | Red Hat Security Advisory: libsoup security update | 2025-02-04T06:38:28+00:00 | 2025-11-06T22:35:10+00:00 |
| rhsa-2025:0907 | Red Hat Security Advisory: ACS 4.6.2 enhancement and security update | 2025-02-03T22:40:53+00:00 | 2025-11-14T11:38:56+00:00 |
| rhsa-2025:0905 | Red Hat Security Advisory: RHOAI 2.16.0 - Red Hat OpenShift AI | 2025-02-03T17:17:02+00:00 | 2025-11-14T11:38:56+00:00 |
| rhsa-2025:0892 | Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.18.0 release | 2025-02-03T16:38:18+00:00 | 2025-11-15T08:44:14+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2024-47727 | x86/tdx: Fix "in-kernel MMIO" check | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47726 | f2fs: fix to wait dio completion | 2024-10-01T07:00:00.000Z | 2025-09-03T20:21:18.000Z |
| msrc_cve-2024-47723 | jfs: fix out-of-bounds in dbNextAG() and diAlloc() | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47720 | drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47719 | iommufd: Protect against overflow of ALIGN() during iova allocation | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47718 | wifi: rtw88: always wait for both firmware loading attempts | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47716 | ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47715 | wifi: mt76: mt7915: fix oops on non-dbdc mt7986 | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47714 | wifi: mt76: mt7996: use hweight16 to get correct tx antenna | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47713 | wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47712 | wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47710 | sock_map: Add a cond_resched() in sock_hash_free() | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47709 | can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47707 | ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47706 | block bfq: fix possible UAF for bfqq->bic with merge chain | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47705 | block: fix potential invalid pointer dereference in blk_add_partition | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47704 | drm/amd/display: Check link_res->hpo_dp_link_enc before using it | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47702 | bpf: Fail verification for sign-extension of packet data/data_end/data_meta | 2024-10-01T07:00:00.000Z | 2025-09-03T21:20:38.000Z |
| msrc_cve-2024-47701 | ext4: avoid OOB when system.data xattr changes underneath the filesystem | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47700 | ext4: check stripe size compatibility on remount as well | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47699 | nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47698 | drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47697 | drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47696 | RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47695 | RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47693 | IB/core: Fix ib_cache_setup_one error flow cleanup | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47692 | nfsd: return -EINVAL when namelen is 0 | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47691 | f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread() | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47690 | f2fs: get rid of online repaire on corrupted directory | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47689 | f2fs: fix to don't set SB_RDONLY in f2fs_handle_critical_error() | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2008-000058 | Multiple Tor World CGI scripts vulnerable to arbitrary script execution | 2008-09-18T11:48+09:00 | 2008-09-18T11:48+09:00 |
| jvndb-2008-000057 | Sound Master 2nd from High Norm vulnerable to cross-site scripting | 2008-09-10T11:28+09:00 | 2008-09-10T11:28+09:00 |
| jvndb-2008-000056 | Movable Type vulnerable to cross-site scripting | 2008-09-10T11:28+09:00 | 2008-09-10T11:28+09:00 |
| jvndb-2008-001614 | JP1/NETM/DM SubManager and JP1/NETM/DM Client Process Termination Vulnerability | 2008-09-09T16:21+09:00 | 2008-09-09T16:21+09:00 |
| jvndb-2008-001613 | Fujitsu Interstage Application Server Access Control Update Problem | 2008-09-09T16:21+09:00 | 2008-09-09T16:21+09:00 |
| jvndb-2008-000052 | Webservice-DIC shop_v50 and shop_v52 vulnerable to cross-site scripting | 2008-09-08T17:01+09:00 | 2008-09-08T17:01+09:00 |
| jvndb-2008-001585 | Hitachi JP1/File Transmission Server/FTP Unauthorized File Permission Change Vulnerability | 2008-09-05T12:24+09:00 | 2008-09-05T12:24+09:00 |
| jvndb-2008-001584 | Hitachi JP1/File Transmission Server/FTP Transmission Failure Problem | 2008-09-05T12:23+09:00 | 2008-09-05T12:23+09:00 |
| jvndb-2008-001576 | Fujitsu Interstage Application Server Interstage Management Console Arbitrary File Read/Delete Vulnerability | 2008-09-03T12:34+09:00 | 2012-02-15T18:13+09:00 |
| jvndb-2008-001575 | Fujitsu Interstage Application Server Single Sign-On Buffer Overflow Vulnerability | 2008-09-03T12:33+09:00 | 2008-09-03T12:33+09:00 |
| jvndb-2008-000055 | Blogn vulnerable to cross-site scripting | 2008-09-02T17:22+09:00 | 2008-09-02T17:22+09:00 |
| jvndb-2008-000054 | Blogn vulnerable to cross-site request forgery | 2008-09-02T17:22+09:00 | 2008-09-02T17:22+09:00 |
| jvndb-2008-000053 | mysql-lists from AquaGardenSoft Co.,Ltd. vulnerable to cross-site scripting | 2008-09-02T17:05+09:00 | 2008-09-02T17:05+09:00 |
| jvndb-2008-000049 | Vulnerability in La!cooda WIZ and LacoodaST allowing an arbitrary PHP script execution | 2008-09-02T17:03+09:00 | 2008-09-02T17:03+09:00 |
| jvndb-2008-000048 | La!cooda WIZ and LacoodaST vulnerable to cross-site scripting | 2008-09-02T17:02+09:00 | 2008-09-02T17:02+09:00 |
| jvndb-2008-000047 | LacoodaST from SpaceTag, Inc. session fixation vulnerability | 2008-09-02T17:01+09:00 | 2008-09-02T17:01+09:00 |
| jvndb-2008-000046 | La!cooda WIZ and LacoodaST vulnerable to cross-site request forgery | 2008-09-02T16:58+09:00 | 2008-09-02T16:58+09:00 |
| jvndb-2008-000050 | Virus Security and Virus Security ZERO denial of service (DoS) vulnerability | 2008-08-14T18:15+09:00 | 2008-08-14T18:15+09:00 |
| jvndb-2008-000037 | Multiple Panasonic Communications Co., Ltd. network cameras vulnerable to cross-site scripting | 2008-08-04T14:34+09:00 | 2008-08-04T14:34+09:00 |
| jvndb-2008-001514 | Cross-Site Scripting Vulnerability in Hitachi Collaboration - Online Community Management | 2008-07-30T13:46+09:00 | 2008-07-30T13:46+09:00 |
| jvndb-2008-001513 | Cross-Site Scripting Vulnerability in Hitachi Web Server Status Information Display Function | 2008-07-30T13:45+09:00 | 2014-05-21T18:19+09:00 |
| jvndb-2008-000045 | Geeklog Forum Plugin vulnerable to cross-site scripting | 2008-07-29T14:57+09:00 | 2008-07-29T14:57+09:00 |
| jvndb-2008-000044 | K's CGI Access Log Kaiseki (Jcode.pm) vulnerable to cross-site scripting | 2008-07-29T14:56+09:00 | 2008-07-29T14:56+09:00 |
| jvndb-2008-000043 | K's CGI Access Log Kaiseki (jcode.pl) vulnerable to cross-site scripting | 2008-07-29T14:56+09:00 | 2008-07-29T14:56+09:00 |
| jvndb-2008-000042 | Multiple Century Systems routers vulnerable to cross-site request forgery | 2008-07-24T14:23+09:00 | 2008-07-24T14:23+09:00 |
| jvndb-2008-000041 | WebProxy from LunarNight Laboratory vulnerable to cross-site scripting | 2008-07-24T14:23+09:00 | 2008-07-24T14:23+09:00 |
| jvndb-2008-000040 | Directory traversal vulnerability in WebLogic Server and WebLogic Express plug-ins | 2008-07-24T14:22+09:00 | 2008-07-24T14:22+09:00 |
| jvndb-2008-000039 | Safari installed in iPod touch and iPhone vulnerable in handling server certificates | 2008-07-16T12:27+09:00 | 2008-07-16T12:27+09:00 |
| jvndb-2008-000038 | Redmine vulnerable to cross-site scripting | 2008-07-08T12:15+09:00 | 2008-07-08T12:15+09:00 |
| jvndb-2008-000036 | FreeStyleWiki cross-site scripting vulnerability | 2008-07-08T12:14+09:00 | 2008-07-08T12:14+09:00 |
| ID | Description | Updated |
|---|