Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-cqjf-7fm2-33jx | The Product Filter by WBW plugin for WordPress is vulnerable to SQL Injection via the 'filtersDataB… | 2025-10-25T09:32:57Z | 2025-10-25T09:32:57Z |
| ghsa-8pqr-5qh3-4p2f | The Fast Velocity Minify plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admi… | 2025-10-25T09:32:57Z | 2025-10-25T09:32:57Z |
| ghsa-55h9-mwx6-3v4g | The The Discussion Board – WordPress Forum Plugin plugin for WordPress is vulnerable to arbitrary s… | 2025-10-25T09:32:57Z | 2025-10-25T09:32:57Z |
| ghsa-vhm6-r746-hvfg | The Password Policy Manager | Password Manager plugin for WordPress is vulnerable to unauthorized m… | 2025-10-25T09:32:56Z | 2025-10-25T09:32:56Z |
| ghsa-8qvv-f42r-q7xj | The Advanced Database Cleaner plugin for WordPress is vulnerable to Cross-Site Request Forgery in a… | 2025-10-25T09:32:56Z | 2025-10-25T09:32:56Z |
| ghsa-qgpm-h98p-6x9c | The Social Feed Gallery plugin for WordPress is vulnerable to Information Exposure in versions less… | 2025-10-25T09:32:55Z | 2025-10-25T09:32:55Z |
| ghsa-hcvw-63rp-82pv | The Widget Options – The #1 WordPress Widget & Block Control Plugin plugin for WordPress is vulnera… | 2025-10-25T09:32:55Z | 2025-10-25T09:32:55Z |
| ghsa-96rr-76h4-x8pf | The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordP… | 2025-10-25T09:32:55Z | 2025-10-25T09:32:55Z |
| ghsa-5gp2-m246-36vf | The Testimonial Carousel For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scri… | 2025-10-25T06:30:16Z | 2025-10-25T06:30:16Z |
| ghsa-xgcr-j3c3-gc3w | The GenerateBlocks plugin for WordPress is vulnerable to unauthorized access of data due to a missi… | 2025-10-25T06:30:15Z | 2025-10-25T06:30:15Z |
| ghsa-x36p-c4vv-wqxq | The Simple Registration for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Fo… | 2025-10-25T06:30:15Z | 2025-10-25T06:30:15Z |
| ghsa-qpv7-hgm5-vr7r | The Password Protected plugin for WordPress is vulnerable to authorization bypass via IP address sp… | 2025-10-25T06:30:15Z | 2025-10-25T06:30:15Z |
| ghsa-h447-h989-m72h | The ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution plugin for Wor… | 2025-10-25T06:30:15Z | 2025-10-25T06:30:15Z |
| ghsa-g6qv-c4m7-6r8w | The Product Filter by WBW plugin for WordPress is vulnerable to unauthorized modification of data d… | 2025-10-25T06:30:15Z | 2025-10-25T06:30:15Z |
| ghsa-f7jp-mqrr-mvmc | The Listeo theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `sound… | 2025-10-25T06:30:15Z | 2025-10-25T06:30:15Z |
| ghsa-cjjj-fr5j-j8ph | The WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress plugin for WordPress is vulner… | 2025-10-25T06:30:15Z | 2025-10-25T06:30:15Z |
| ghsa-c476-3hc8-7535 | The Gutenberg Blocks – PublishPress Blocks plugin for WordPress is vulnerable to Stored Cross-Site … | 2025-10-25T06:30:15Z | 2025-10-25T06:30:15Z |
| ghsa-6qx8-8q59-x2rm | The Tutor LMS Pro – eLearning and online course solution plugin for WordPress is vulnerable to Inse… | 2025-10-25T06:30:15Z | 2025-10-25T06:30:15Z |
| ghsa-6jg8-34rp-h5m9 | The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Sensitiv… | 2025-10-25T06:30:15Z | 2025-10-25T06:30:15Z |
| ghsa-67fw-53f6-gxf4 | The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthor… | 2025-10-25T06:30:15Z | 2025-10-25T06:30:15Z |
| ghsa-vq3q-xwqw-cc8c | The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized… | 2025-10-25T06:30:14Z | 2025-10-25T06:30:14Z |
| ghsa-rx6j-64vr-p2r7 | The Watu Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTTP Refere… | 2025-10-25T06:30:14Z | 2025-10-25T06:30:15Z |
| ghsa-q586-mxqv-2ppx | The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution pl… | 2025-10-25T06:30:14Z | 2025-10-25T06:30:14Z |
| ghsa-p8c6-hmcx-47j2 | The Open Source Genesis Framework theme for WordPress is vulnerable to Stored Cross-Site Scripting … | 2025-10-25T06:30:14Z | 2025-10-25T06:30:14Z |
| ghsa-43hr-8x4q-fv94 | The User Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds plugin for… | 2025-10-25T06:30:14Z | 2025-10-25T06:30:14Z |
| ghsa-hw4m-rcv3-9qvf | The eRoom – Webinar & Meeting Plugin for Zoom, Google Meet, Microsoft Teams plugin for WordPress is… | 2025-10-25T03:30:26Z | 2025-10-25T03:30:26Z |
| ghsa-x7wc-2853-87fv | GN4 Publishing System versions prior to 2.6 contain an insecure direct object reference (IDOR) vuln… | 2025-10-25T00:30:39Z | 2025-10-25T00:30:39Z |
| ghsa-rhx6-vj26-2frq | Deck Mate 2's firmware update mechanism accepts packages without cryptographic signature verificati… | 2025-10-25T00:30:39Z | 2025-10-25T00:30:39Z |
| ghsa-jv6h-4262-q663 | Bouncy Castle Vulnerable to Uncontrolled Resource Consumption | 2025-10-25T00:30:39Z | 2025-10-28T17:48:24Z |
| ghsa-4v5m-7xcr-cg68 | Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or in… | 2025-10-25T00:30:39Z | 2025-10-25T00:30:39Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-54965 | N/A | An XSS issue was discovered in BAE SOCET GXP befo… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-27T18:47:15.098Z |
| cve-2025-52268 | N/A | StarCharge Artemis AC Charger 7-22 kW v1.0.4 was … |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-27T19:46:32.511Z |
| cve-2025-52264 | N/A | StarCharge Artemis AC Charger 7-22 kW v1.0.4 was … |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-30T14:14:22.547Z |
| cve-2025-52263 | N/A | An issue in the Web Configuration module of Start… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-27T15:56:53.683Z |
| cve-2025-27225 | N/A | TRUfusion Enterprise through 7.10.4.0 exposes the… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-27T18:51:30.552Z |
| cve-2025-27224 | N/A | TRUfusion Enterprise through 7.10.4.0 uses the /t… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-28T13:38:42.792Z |
| cve-2025-27223 | N/A | TRUfusion Enterprise through 7.10.4.0 exposes the… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-28T13:43:04.209Z |
| cve-2025-27222 | N/A | TRUfusion Enterprise through 7.10.4.0 uses the /t… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-27T20:24:10.653Z |
| cve-2023-49440 | N/A | AhnLab EPP 1.0.15 is vulnerable to SQL Injection … |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-29T13:41:43.427Z |
| cve-2023-37749 | N/A | Incorrect access control in the REST API endpoint… |
n/a |
n/a |
2025-10-27T00:00:00.000Z | 2025-10-27T19:50:47.551Z |
| cve-2025-11989 | 3.7 (v3.1) | Missing Authorization in GitLab |
GitLab |
GitLab |
2025-10-26T23:33:50.230Z | 2025-10-28T14:44:46.810Z |
| cve-2025-12285 | 10 (v4.0) | Missing Initial Password Change |
Azure Access Technology |
BLU-IC2 |
2025-10-26T16:24:09.001Z | 2025-10-28T14:44:03.485Z |
| cve-2025-12284 | 6.9 (v4.0) | Lack of Input Validation |
Azure Access Technology |
BLU-IC2 |
2025-10-26T16:21:56.272Z | 2025-10-28T14:35:55.307Z |
| cve-2025-12275 | 10 (v4.0) | Mail Configuration File Manipulation + Command Execution |
Azure Access Technology |
BLU-IC2 |
2025-10-26T16:15:33.851Z | 2025-10-28T14:35:27.315Z |
| cve-2025-12278 | 6.9 (v4.0) | Logout Functionality not Working |
Azure Access Technology |
BLU-IC2 |
2025-10-26T16:14:33.383Z | 2025-10-28T14:34:56.546Z |
| cve-2025-8709 | SQL Injection in langchain-ai/langchain |
langchain-ai |
langchain-ai/langchain |
2025-10-26T05:38:55.335Z | 2025-10-28T14:32:39.540Z | |
| cve-2025-55757 | N/A | Extension - virtuemart.net - XSS in VirtueMart compone… |
virtuemart.net |
Virtuemart component for Joomla |
2025-10-25T18:34:46.909Z | 2025-10-28T04:35:21.702Z |
| cve-2025-12221 | 2.1 (v4.0) | CSRF Token not Properly Implemented |
Azure Access Technology |
BLU-IC2 |
2025-10-25T15:57:45.632Z | 2025-10-28T14:19:34.913Z |
| cve-2025-12220 | 10 (v4.0) | Busybox 1.31.1 - Multiple Known Vulnerabilities |
Azure Access Technology |
BLU-IC2 |
2025-10-25T15:53:03.558Z | 2025-10-28T14:18:06.558Z |
| cve-2025-12219 | 10 (v4.0) | Vulnerable Components in Azure Access OS |
Azure Access Technology |
BLU-IC2 |
2025-10-25T15:51:58.319Z | 2025-10-28T14:17:14.372Z |
| cve-2025-12218 | 10 (v4.0) | Weak Default Credentials |
Azure Access Technology |
BLU-IC2 |
2025-10-25T15:47:36.582Z | 2025-10-28T14:16:38.559Z |
| cve-2025-12217 | 6.9 (v4.0) | SNMP Default Community String (public) |
Azure Access Technology |
BLU-IC2 |
2025-10-25T15:39:52.671Z | 2025-10-28T14:15:52.139Z |
| cve-2025-12216 | 10 (v4.0) | Malicious / Malformed App can be Installed but not Uni… |
Azure Access Technology |
BLU-IC2 |
2025-10-25T15:33:18.476Z | 2025-10-28T14:07:11.115Z |
| cve-2025-11897 | The7 — Ultimate WordPress & WooCommerce Theme <= 12.9.… |
Dream-Theme |
The7 — Website and eCommerce Builder for WordPress |
2025-10-25T12:26:28.878Z | 2025-10-27T15:29:28.780Z | |
| cve-2025-11875 | SpendeOnline.org <= 3.0.1 - Authenticated (Contributor… |
dr-thomas-fuessl |
SpendeOnline.org |
2025-10-25T06:49:25.924Z | 2025-10-27T15:30:39.194Z | |
| cve-2025-11976 | FuseWP – WordPress User Sync to Email List & Marketing… |
fusewp |
FuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.) |
2025-10-25T06:49:25.381Z | 2025-10-27T15:32:59.968Z | |
| cve-2025-8416 | Product Filter by WBW <= 2.9.7 - Unauthenticated SQL I… |
woobewoo |
Product Filter by WBW |
2025-10-25T06:49:24.974Z | 2025-10-27T15:35:36.633Z | |
| cve-2025-4203 | wpForo Forum <= 2.4.8 - Unauthenticated SQL Injection … |
tomdever |
wpForo Forum |
2025-10-25T06:49:24.551Z | 2025-10-27T15:37:26.760Z | |
| cve-2025-10637 | Social Feed Gallery <= 4.9.2 - Missing Authorization t… |
quadlayers |
Social Feed Gallery |
2025-10-25T06:49:24.127Z | 2025-10-27T15:38:46.458Z | |
| cve-2025-8483 | Discussion Board – WordPress Forum Plugin <= 2.5.5 - A… |
marketingfire |
Discussion Board – WordPress Forum Plugin |
2025-10-25T06:49:23.683Z | 2025-10-27T15:40:24.854Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-62931 | N/A | WordPress MSN Partner Hub plugin <= 2.8.7 - Broken Acc… |
microsoftstart |
MSN Partner Hub |
2025-10-27T01:34:01.473Z | 2025-11-13T10:33:47.917Z |
| cve-2025-62930 | N/A | WordPress MapSVG plugin <= 8.7.15 - Cross Site Scripti… |
RomanCode |
MapSVG |
2025-10-27T01:34:01.039Z | 2025-11-13T10:33:47.888Z |
| cve-2025-62929 | N/A | WordPress Testimonial Slider plugin <= 2.0.15 - Broken… |
PickPlugins |
Testimonial Slider |
2025-10-27T01:34:00.648Z | 2025-11-13T10:33:47.853Z |
| cve-2025-62928 | N/A | WordPress SEO Meta Description Updater plugin <= 1.2.0… |
Joby Joseph |
SEO Meta Description Updater |
2025-10-27T01:34:00.000Z | 2025-11-13T10:33:47.860Z |
| cve-2025-62927 | N/A | WordPress Nelio Content plugin <= 4.0.5 - Broken Acces… |
Nelio Software |
Nelio Content |
2025-10-27T01:33:59.620Z | 2025-11-13T10:33:47.829Z |
| cve-2025-62925 | N/A | WordPress Conversios.io plugin <= 7.2.10 - Broken Acce… |
Conversios |
Conversios.io |
2025-10-27T01:33:59.236Z | 2025-11-13T10:33:47.839Z |
| cve-2025-62924 | N/A | WordPress Post Grid and Gutenberg Blocks plugin <= 2.3… |
PickPlugins |
Post Grid and Gutenberg Blocks |
2025-10-27T01:33:58.866Z | 2025-11-13T10:33:47.811Z |
| cve-2025-62923 | N/A | WordPress Marquee Addons for Elementor plugin <= 3.7.1… |
Debuggers Studio |
Marquee Addons for Elementor |
2025-10-27T01:33:58.486Z | 2025-11-13T10:33:47.796Z |
| cve-2025-62922 | N/A | WordPress Export Categories plugin <= 1.0 - Broken Acc… |
Shambhu Patnaik |
Export Categories |
2025-10-27T01:33:58.086Z | 2025-11-13T10:33:47.816Z |
| cve-2025-62921 | N/A | WordPress Bulk Auto Image Title Attribute plugin <= 2.… |
Pagup |
Bulk Auto Image Title Attribute |
2025-10-27T01:33:57.675Z | 2025-11-13T10:33:47.774Z |
| cve-2025-62920 | N/A | WordPress USERCENTRICS CMP plugin <= 1.0.9 - Cross Sit… |
webnique |
USERCENTRICS CMP |
2025-10-27T01:33:57.278Z | 2025-11-13T10:33:47.770Z |
| cve-2025-62919 | N/A | WordPress TS Demo Importer plugin <= 0.1.2 - Broken Ac… |
themeshopy |
TS Demo Importer |
2025-10-27T01:33:56.876Z | 2025-11-13T10:33:47.770Z |
| cve-2025-62918 | N/A | WordPress IgnitionDeck plugin <= 2.0.10 - Broken Acces… |
ignitionwp |
IgnitionDeck |
2025-10-27T01:33:56.477Z | 2025-11-13T10:33:47.771Z |
| cve-2025-62917 | N/A | WordPress Tooltipy plugin <= 5.5.9 - Cross Site Script… |
Jamel.Z |
Tooltipy |
2025-10-27T01:33:56.091Z | 2025-11-13T10:33:47.768Z |
| cve-2025-62916 | N/A | WordPress Flights & Hotels Booking WP Plugin plugin <=… |
adivaha® |
Flights & Hotels Booking WP Plugin |
2025-10-27T01:33:55.688Z | 2025-11-13T10:33:47.727Z |
| cve-2025-62915 | N/A | WordPress SMS Contact Form 7 Notifications by ClickSen… |
clicksend |
SMS Contact Form 7 Notifications by ClickSend |
2025-10-27T01:33:55.284Z | 2025-11-13T10:33:47.735Z |
| cve-2025-62913 | N/A | WordPress Opal Service plugin <= 1.9.1 - Cross Site Sc… |
wpopal |
Opal Service |
2025-10-27T01:33:54.900Z | 2025-11-13T10:33:47.693Z |
| cve-2025-62912 | N/A | WordPress SiteGround Email Marketing plugin <= 1.7.1 -… |
SiteGround |
SiteGround Email Marketing |
2025-10-27T01:33:54.526Z | 2025-11-13T10:33:47.671Z |
| cve-2025-62911 | N/A | WordPress Rock Convert plugin <= 3.0.1 - Cross Site Sc… |
Rock Content |
Rock Convert |
2025-10-27T01:33:54.127Z | 2025-11-13T10:33:47.676Z |
| cve-2025-62910 | N/A | WordPress Video Gallery by Huzzaz plugin <= 10.5 - Cro… |
deshine |
Video Gallery by Huzzaz |
2025-10-27T01:33:53.748Z | 2025-11-13T10:33:47.648Z |
| cve-2025-62909 | N/A | WordPress Smart WeTransfer plugin <= 1.3 - Broken Acce… |
mrityunjay |
Smart WeTransfer |
2025-10-27T01:33:53.355Z | 2025-11-13T10:33:47.658Z |
| cve-2025-62908 | N/A | WordPress Podlove Web Player plugin <= 5.9.1 - Broken … |
gerritvanaaken |
Podlove Web Player |
2025-10-27T01:33:52.965Z | 2025-11-13T10:33:47.659Z |
| cve-2025-62907 | N/A | WordPress Custom Post Type Attachment plugin <= 3.4.6 … |
aviplugins.com |
Custom Post Type Attachment |
2025-10-27T01:33:52.564Z | 2025-11-13T10:33:47.661Z |
| cve-2025-62906 | N/A | WordPress Referral Link Tracker plugin <= 1.1.4 - Brok… |
epiphanyit321 |
Referral Link Tracker |
2025-10-27T01:33:52.110Z | 2025-11-13T10:33:47.637Z |
| cve-2025-62905 | N/A | WordPress Query Posts plugin <= 0.3.2 - Cross Site Scr… |
Justin Tadlock |
Query Posts |
2025-10-27T01:33:51.717Z | 2025-11-13T10:33:47.633Z |
| cve-2025-62904 | N/A | WordPress WP Geo plugin <= 3.5.1 - Cross Site Scriptin… |
Ben Huson |
WP Geo |
2025-10-27T01:33:51.339Z | 2025-11-13T10:33:47.648Z |
| cve-2025-62903 | N/A | WordPress WPC Smart Messages for WooCommerce plugin <=… |
WPClever |
WPC Smart Messages for WooCommerce |
2025-10-27T01:33:50.952Z | 2025-11-13T10:33:47.607Z |
| cve-2025-62902 | N/A | WordPress WP Popup Builder plugin <= 1.3.6 - Sensitive… |
ThemeHunk |
WP Popup Builder |
2025-10-27T01:33:50.531Z | 2025-11-13T10:33:47.599Z |
| cve-2025-62900 | N/A | WordPress Popular Posts by Webline plugin <= 1.1.1 - C… |
WeblineIndia |
Popular Posts by Webline |
2025-10-27T01:33:50.140Z | 2025-11-13T10:33:47.605Z |
| cve-2025-62899 | N/A | WordPress Photospace Responsive plugin <= 2.2.0 - Cros… |
THRIVE - Web Design Gold Coast |
Photospace Responsive |
2025-10-27T01:33:49.758Z | 2025-11-13T10:33:47.602Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-187743 | Malicious code in lepton-pyxis-aldebaran-dotenv-parse-variables (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187742 | Malicious code in lepton-husky-phenomic-hermes (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187741 | Malicious code in lepton-cache-soap-hexo (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187740 | Malicious code in lepton-async-archaeogenetics-exoplanet (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187739 | Malicious code in leda-pm2-lacerta-speleology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187738 | Malicious code in leda-pegasus-magnetosphere-sagitta (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187737 | Malicious code in leda-morgan-xanthus-ophiuchus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187736 | Malicious code in leda-loopback-markdown-pdf-quasar (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187735 | Malicious code in leda-kaus-bellatrix-leda (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187734 | Malicious code in leda-jsonp-dependencies-eslint-config (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187733 | Malicious code in leda-hercules-restart-upgrade (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187732 | Malicious code in leda-gemini-saturnology-jovian (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187731 | Malicious code in leda-epigenetics-redshift-geochronology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187730 | Malicious code in leda-electron-builder-chromedriver-nodemon (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187729 | Malicious code in leda-command-aquarius-leda (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187728 | Malicious code in leda-cassini-dactyl-mongodb (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187727 | Malicious code in lambda-transpile-gamma-omicron-resolve (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187726 | Malicious code in lambda-quick-monitor-optimize-book (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187725 | Malicious code in lambda-daemon-cron-delta-link (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187724 | Malicious code in lambda-cloud-class-public-meta (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187723 | Malicious code in lambda-byte-sigma-static-reject (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187722 | Malicious code in lacerta-style-loader-mini-css-extract-plugin-less (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187721 | Malicious code in lacerta-polaris-tool-resolvers (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187720 | Malicious code in lacerta-paleobotany-convict-babel (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187719 | Malicious code in lacerta-chalk-ini-neptune (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187718 | Malicious code in lacerta-ceres-jwt-stream (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187717 | Malicious code in lacerta-blackhole-juno-capella (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187716 | Malicious code in lacerta-betelgeuse-xanthus-upgrade (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187715 | Malicious code in lacerta-auth0-callisto-dorado (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187714 | Malicious code in kuiperbelt-yakutsk-bioinformatics-express (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:0903 | Red Hat Security Advisory: libsoup security update | 2025-02-03T16:21:16+00:00 | 2025-11-06T22:35:13+00:00 |
| rhsa-2025:0889 | Red Hat Security Advisory: libsoup security update | 2025-02-03T10:34:36+00:00 | 2025-11-06T22:35:09+00:00 |
| rhsa-2025:0883 | Red Hat Security Advisory: python-jinja2 security update | 2025-02-03T01:14:39+00:00 | 2025-11-06T22:35:09+00:00 |
| rhsa-2025:0885 | Red Hat Security Advisory: rsync security update | 2025-02-03T01:10:39+00:00 | 2025-11-06T22:02:06+00:00 |
| rhsa-2025:0884 | Red Hat Security Advisory: rsync security update | 2025-02-03T01:05:44+00:00 | 2025-11-06T22:02:06+00:00 |
| rhsa-2025:0882 | Red Hat Security Advisory: libsoup security update | 2025-02-03T01:05:04+00:00 | 2025-11-06T22:35:09+00:00 |
| rhsa-2025:0881 | Red Hat Security Advisory: tuned security update | 2025-02-03T00:09:45+00:00 | 2025-11-08T07:16:48+00:00 |
| rhsa-2025:0880 | Red Hat Security Advisory: tuned security update | 2025-02-03T00:09:45+00:00 | 2025-11-08T07:16:48+00:00 |
| rhsa-2025:0879 | Red Hat Security Advisory: tuned security update | 2025-02-03T00:09:34+00:00 | 2025-11-08T07:16:48+00:00 |
| rhsa-2025:0851 | Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.12.2 security and bug fix updates | 2025-01-30T21:30:22+00:00 | 2025-11-15T08:44:11+00:00 |
| rhsa-2025:0850 | Red Hat Security Advisory: python-jinja2 security update | 2025-01-30T18:06:01+00:00 | 2025-11-06T22:35:08+00:00 |
| rhsa-2025:0849 | Red Hat Security Advisory: rsync security update | 2025-01-30T17:00:56+00:00 | 2025-11-06T22:02:05+00:00 |
| rhsa-2025:0847 | Red Hat Security Advisory: libsoup security update | 2025-01-30T16:24:02+00:00 | 2025-11-06T22:35:12+00:00 |
| rhsa-2025:0848 | Red Hat Security Advisory: libsoup security update | 2025-01-30T16:24:01+00:00 | 2025-11-06T22:35:07+00:00 |
| rhsa-2025:0838 | Red Hat Security Advisory: libsoup security update | 2025-01-30T13:30:41+00:00 | 2025-11-06T22:35:07+00:00 |
| rhsa-2025:0837 | Red Hat Security Advisory: unbound security update | 2025-01-30T13:00:00+00:00 | 2025-11-11T16:08:10+00:00 |
| rhsa-2025:0821 | Red Hat Security Advisory: RHSA: Submariner 0.17.5 - bug and security fixes | 2025-01-29T20:29:11+00:00 | 2025-11-14T11:38:53+00:00 |
| rhsa-2025:0648 | Red Hat Security Advisory: OpenShift Container Platform 4.15.44 security update | 2025-01-29T19:23:34+00:00 | 2025-11-14T01:34:11+00:00 |
| rhsa-2025:0646 | Red Hat Security Advisory: OpenShift Container Platform 4.15.44 security update | 2025-01-29T19:06:58+00:00 | 2025-11-14T11:38:47+00:00 |
| rhsa-2025:0645 | Red Hat Security Advisory: OpenShift Container Platform 4.15.44 security update | 2025-01-29T16:41:46+00:00 | 2025-11-15T08:44:03+00:00 |
| rhsa-2025:0791 | Red Hat Security Advisory: libsoup security update | 2025-01-29T11:48:18+00:00 | 2025-11-06T22:35:05+00:00 |
| rhsa-2025:0790 | Red Hat Security Advisory: rsync security update | 2025-01-29T11:00:43+00:00 | 2025-11-06T22:02:04+00:00 |
| rhsa-2025:0787 | Red Hat Security Advisory: rsync security update | 2025-01-29T08:07:33+00:00 | 2025-11-06T22:02:03+00:00 |
| rhsa-2025:0650 | Red Hat Security Advisory: OpenShift Container Platform 4.16.32 bug fix and security update | 2025-01-29T00:56:20+00:00 | 2025-11-15T08:44:04+00:00 |
| rhsa-2025:0649 | Red Hat Security Advisory: OpenShift Container Platform 4.16.32 security and extras update | 2025-01-29T00:29:19+00:00 | 2025-11-15T08:44:04+00:00 |
| rhsa-2025:0785 | Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.11.5 bug fixes and container updates | 2025-01-28T23:59:02+00:00 | 2025-11-15T08:44:09+00:00 |
| rhsa-2025:0782 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Container Release Update | 2025-01-28T22:38:24+00:00 | 2025-11-14T11:18:44+00:00 |
| rhsa-2025:0778 | Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.6.5 security updates and bug fixes | 2025-01-28T20:56:08+00:00 | 2025-11-15T08:44:09+00:00 |
| rhsa-2025:0783 | Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.6 Bug fix update | 2025-01-28T20:26:27+00:00 | 2025-11-15T08:44:11+00:00 |
| rhsa-2025:0777 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update | 2025-01-28T19:20:06+00:00 | 2025-11-16T17:00:43+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2024-47688 | driver core: Fix a potential null-ptr-deref in module_add_driver() | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47686 | ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47685 | netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47684 | tcp: check skb is non-NULL in tcp_rto_delta_us() | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47683 | drm/amd/display: Skip Recompute DSC Params if no Stream on Link | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47682 | scsi: sd: Fix off-by-one error in sd_read_block_characteristics() | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47681 | wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47679 | vfs: fix race between evice_inodes() and find_inode()&iput() | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47678 | icmp: change the order of rate limits | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47675 | bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47674 | mm: avoid leaving partial pfn mappings around in error case | 2024-10-01T07:00:00.000Z | 2024-12-12T00:00:00.000Z |
| msrc_cve-2024-47673 | wifi: iwlwifi: mvm: pause TCM when the firmware is stopped | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47672 | wifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47671 | USB: usbtmc: prevent kernel-usb-infoleak | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47670 | ocfs2: add bounds checking to ocfs2_xattr_find_entry() | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-47666 | scsi: pm80xx: Set phy->enable_completion only when we wait for it | 2024-10-01T07:00:00.000Z | 2025-09-03T21:37:45.000Z |
| msrc_cve-2024-47664 | spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware | 2024-10-01T07:00:00.000Z | 2025-09-03T23:39:40.000Z |
| msrc_cve-2024-47662 | drm/amd/display: Remove register from DCN35 DMCUB diagnostic collection | 2024-10-01T07:00:00.000Z | 2025-09-03T21:27:00.000Z |
| msrc_cve-2024-47661 | drm/amd/display: Avoid overflow from uint32_t to uint8_t | 2024-10-01T07:00:00.000Z | 2025-09-03T22:38:41.000Z |
| msrc_cve-2024-47554 | Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader | 2024-10-01T07:00:00.000Z | 2024-12-07T00:00:00.000Z |
| msrc_cve-2024-47191 | pam_oath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because in the context of PAM code running as root it mishandles usersfile access such as by calling fchown in the presence of a symlink. | 2024-10-01T07:00:00.000Z | 2024-10-28T00:00:00.000Z |
| msrc_cve-2024-46871 | drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX | 2024-10-01T07:00:00.000Z | 2025-09-03T21:23:35.000Z |
| msrc_cve-2024-46870 | drm/amd/display: Disable DMCUB timeout for DCN35 | 2024-10-01T07:00:00.000Z | 2025-09-03T22:11:55.000Z |
| msrc_cve-2024-45720 | Apache Subversion: Command line argument injection on Windows platforms | 2024-10-01T07:00:00.000Z | 2025-09-03T21:48:03.000Z |
| msrc_cve-2024-44337 | The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `v0.0.0-20240729232818-a2a9c4f`, which corresponds with commit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252`, there was a logical problem in the paragraph function of the parser/block.go file, which allowed a remote attacker to cause a denial of service (DoS) condition by providing a tailor-made input that caused an infinite loop, causing the program to hang and consume resources indefinitely. Submit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252` contains fixes to this problem. | 2024-10-01T07:00:00.000Z | 2025-09-03T20:31:17.000Z |
| msrc_cve-2024-42934 | OpenIPMI before 2.0.36 has an out-of-bounds array access (for authentication type) in the ipmi_sim simulator resulting in denial of service or (with very low probability) authentication bypass or code execution. | 2024-10-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-31449 | Lua library commands may lead to stack overflow and RCE in Redis | 2024-10-01T07:00:00.000Z | 2024-12-03T00:00:00.000Z |
| msrc_cve-2024-31228 | Denial-of-service due to unbounded pattern matching in Redis | 2024-10-01T07:00:00.000Z | 2024-11-14T00:00:00.000Z |
| msrc_cve-2024-31227 | Denial-of-service due to malformed ACL selectors in Redis | 2024-10-01T07:00:00.000Z | 2024-11-14T00:00:00.000Z |
| msrc_cve-2024-21247 | Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of MySQL Client accessible data as well as unauthorized read access to a subset of MySQL Client accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2008-000035 | Cybozu Garoon vulnerable to arbitrary script execution | 2008-07-08T12:14+09:00 | 2008-07-08T12:14+09:00 |
| jvndb-2008-000034 | Cybozu Garoon session fixation vulnerability | 2008-07-08T12:14+09:00 | 2008-07-08T12:14+09:00 |
| jvndb-2008-000033 | Multiple Cybozu products vulnerable to cross-site request forgery | 2008-07-08T12:14+09:00 | 2008-07-08T12:14+09:00 |
| jvndb-2008-001417 | Vulnerability in Sample Code in Hitachi uCosminexus Portal Framework Manuals | 2008-07-07T10:38+09:00 | 2008-07-07T10:38+09:00 |
| jvndb-2008-000032 | nProtect : Netizen denial of service (DoS) vulnerability | 2008-07-07T10:24+09:00 | 2008-07-07T10:24+09:00 |
| jvndb-2008-000031 | CGIWrap error page cross-site scripting vulnerability | 2008-06-20T13:46+09:00 | 2008-06-20T13:46+09:00 |
| jvndb-2008-000030 | BlognPlus SQL injection vulnerability | 2008-06-20T13:45+09:00 | 2008-06-20T13:45+09:00 |
| jvndb-2008-001043 | X.Org Foundation X server buffer overflow vulnerability | 2008-06-13T17:11+09:00 | 2008-11-21T12:19+09:00 |
| jvndb-2008-000029 | Sleipnir and Grani vulnerable to arbitrary script execution when Bookmark search results are restored from history | 2008-06-10T13:59+09:00 | 2008-06-10T13:59+09:00 |
| jvndb-2006-000639 | Pixelpost cross-site scripting vulnerability | 2008-06-10T13:57+09:00 | 2008-06-10T13:57+09:00 |
| jvndb-2008-000028 | WEB MART from KENT WEB vulnerable to cross-site scripting | 2008-06-06T12:01+09:00 | 2008-06-06T12:01+09:00 |
| jvndb-2008-001350 | Hitachi Groupmax Collaboration Products Cross-Site Scripting Vulnerability | 2008-06-06T12:00+09:00 | 2008-06-06T12:00+09:00 |
| jvndb-2008-001349 | XMAP3 Denial of Service (DoS) Vulneability | 2008-06-06T12:00+09:00 | 2008-06-06T12:00+09:00 |
| jvndb-2008-001348 | Groupmax World Wide Web Desktop/BUNSHOKANRI(=DocumentManagement) Cross-Site Scripting Vulnerability | 2008-06-06T12:00+09:00 | 2008-06-06T12:00+09:00 |
| jvndb-2008-001347 | JP1/Cm2/Network Node Manager Web Coordinated Function Multiple Vulnerabilities | 2008-06-06T12:00+09:00 | 2008-06-06T12:00+09:00 |
| jvndb-2008-001313 | JP1/Cm2/Network Node Manager Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T11:34+09:00 |
| jvndb-2008-001312 | Symantec Backup Exec for Windows Server ActiveX Control Multiple Vulnerabilities | 2008-05-21T00:00+09:00 | 2008-11-21T12:20+09:00 |
| jvndb-2008-001311 | Symantec Backup Exec for Windows Server ActiveX Control Multiple Buffer Overflow Vulnerabilities | 2008-05-21T00:00+09:00 | 2008-11-21T12:20+09:00 |
| jvndb-2008-001150 | JP1/HIBUN Encryption/Decryption and Removable Media Control Malfunction Problems | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2008-001097 | SEWB3/PLATFORM Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2008-001096 | EUR Print Manager Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2008-000027 | Cross-site scripting vulnerabilities in multiple Bluemoon Inc. XOOPS modules | 2008-05-21T00:00+09:00 | 2008-05-21T11:34+09:00 |
| jvndb-2008-000023 | Sony mylo COM-2 does not verify server SSL certificate | 2008-05-21T00:00+09:00 | 2008-05-21T11:34+09:00 |
| jvndb-2008-000022 | Lhaplus buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T11:33+09:00 |
| jvndb-2008-000021 | Mozilla Firefox cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-07-29T14:54+09:00 |
| jvndb-2008-000020 | DesignForm cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T11:33+09:00 |
| jvndb-2008-000019 | PerlMailer cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T11:33+09:00 |
| jvndb-2008-000018 | Namazu cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2009-10-27T13:43+09:00 |
| jvndb-2008-000017 | Multiple I-O DATA DEVICE wireless LAN routers default configuration does not set authentication | 2008-05-21T00:00+09:00 | 2008-05-21T11:32+09:00 |
| jvndb-2008-000016 | Sun Java Runtime Environment (JRE) contains a vulnerability in processing XSLT transformations | 2008-05-21T00:00+09:00 | 2008-10-09T13:35+09:00 |
| ID | Description | Updated |
|---|