Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-jv6h-4262-q663 | Bouncy Castle Vulnerable to Uncontrolled Resource Consumption | 2025-10-25T00:30:39Z | 2025-10-28T17:48:24Z |
| ghsa-4v5m-7xcr-cg68 | Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or in… | 2025-10-25T00:30:39Z | 2025-10-25T00:30:39Z |
| ghsa-3xvc-wfvf-2p2f | Deck Mate 2 lacks a verified secure-boot chain and runtime integrity validation for its controller … | 2025-10-25T00:30:39Z | 2025-10-25T00:30:39Z |
| ghsa-23g2-f757-4428 | An authenticated admin user with access to both the management WebUI and command line interface on … | 2025-10-25T00:30:39Z | 2025-10-25T00:30:39Z |
| ghsa-chjr-9v3v-pr2f | Integer Overflow vulnerability in SQLite SQLite3 v.3.50.0 allows a remote attacker to cause a denia… | 2025-10-24T21:31:11Z | 2025-10-24T21:31:11Z |
| ghsa-526h-6368-hcf5 | Microweber CMS 2.0 has Weak Password Requirements. The application does not enforce minimum passwor… | 2025-10-24T21:31:11Z | 2025-10-24T21:31:11Z |
| ghsa-4p4p-jwpf-wg9q | An issue was discovered in the NDIS Usermode IO driver (RtkIOAC60.sys, version 6.0.5600.16348) allo… | 2025-10-24T21:31:11Z | 2025-10-24T21:31:11Z |
| ghsa-rvx3-cxvh-j465 | In the Linux kernel, the following vulnerability has been resolved: sock: redo the psock vs ULP pr… | 2025-10-24T21:31:09Z | 2025-10-24T21:31:09Z |
| ghsa-f3hm-2q4w-7w9x | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix call trace in setup_… | 2025-10-24T21:31:09Z | 2025-10-24T21:31:09Z |
| ghsa-3pj9-hhgf-f53q | In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport… | 2025-10-24T21:31:09Z | 2025-10-24T21:31:09Z |
| ghsa-26pq-gvcv-rc9v | In the Linux kernel, the following vulnerability has been resolved: tty: goldfish: Fix free_irq() … | 2025-10-24T21:31:09Z | 2025-10-24T21:31:09Z |
| ghsa-crf3-5v2r-wq3r | In the Linux kernel, the following vulnerability has been resolved: netfilter: use get_random_u32 … | 2025-10-24T21:31:08Z | 2025-10-24T21:31:08Z |
| ghsa-4qfg-6f2x-wgf4 | In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix error_stat… | 2025-10-24T21:31:08Z | 2025-10-24T21:31:08Z |
| ghsa-q7jf-gf43-6x6p | Hono vulnerable to Vary Header Injection leading to potential CORS Bypass | 2025-10-24T19:15:13Z | 2025-10-24T19:15:13Z |
| ghsa-xx95-hcg5-8859 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:02Z | 2025-10-24T18:31:02Z |
| ghsa-rw5c-wp34-r2fj | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:02Z | 2025-10-24T18:31:02Z |
| ghsa-pv5m-gjc6-38wr | PerfreeBlog v4.0.11 has a File Upload vulnerability in the installTheme function | 2025-10-24T18:31:02Z | 2025-10-24T21:31:11Z |
| ghsa-m76j-8hw5-pqgj | PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function | 2025-10-24T18:31:02Z | 2025-10-24T21:31:11Z |
| ghsa-g97p-4hj8-59pv | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:02Z | 2025-10-24T18:31:02Z |
| ghsa-9f97-88rg-q6r3 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:02Z | 2025-10-24T18:31:02Z |
| ghsa-8782-2rpr-vv9r | Antabot White-Jotter up to commit 9bcadc was discovered to contain an unauthenticated remote code e… | 2025-10-24T18:31:02Z | 2025-10-24T18:31:02Z |
| ghsa-7x76-cmrq-q6j7 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:02Z | 2025-10-24T18:31:02Z |
| ghsa-6hqx-gr9h-q72c | PerfreeBlog v4.0.11 has an arbitrary file deletion vulnerability in the unInstallTheme function | 2025-10-24T18:31:02Z | 2025-10-24T21:31:11Z |
| ghsa-62f9-vg37-v934 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:02Z | 2025-10-24T18:31:02Z |
| ghsa-5992-r8wx-j2j7 | PerfreeBlog v4.0.11 has a File Upload vulnerability in the installPlugin function | 2025-10-24T18:31:02Z | 2025-10-24T21:31:11Z |
| ghsa-3xfh-83xg-cw7w | jshERP up to commit fbda24da was discovered to contain an unauthenticated remote code execution (RC… | 2025-10-24T18:31:02Z | 2025-10-24T18:31:02Z |
| ghsa-wv77-j25f-fx6w | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:01Z | 2025-10-24T21:31:11Z |
| ghsa-q7rr-j8f2-vxh3 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:01Z | 2025-10-24T18:31:01Z |
| ghsa-jff8-fh6c-h7jp | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:01Z | 2025-10-24T21:31:10Z |
| ghsa-fvj3-wm3x-cvhj | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:01Z | 2025-10-24T21:31:11Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-11875 | SpendeOnline.org <= 3.0.1 - Authenticated (Contributor… |
dr-thomas-fuessl |
SpendeOnline.org |
2025-10-25T06:49:25.924Z | 2025-10-27T15:30:39.194Z | |
| cve-2025-11976 | FuseWP – WordPress User Sync to Email List & Marketing… |
fusewp |
FuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.) |
2025-10-25T06:49:25.381Z | 2025-10-27T15:32:59.968Z | |
| cve-2025-8416 | Product Filter by WBW <= 2.9.7 - Unauthenticated SQL I… |
woobewoo |
Product Filter by WBW |
2025-10-25T06:49:24.974Z | 2025-10-27T15:35:36.633Z | |
| cve-2025-4203 | wpForo Forum <= 2.4.8 - Unauthenticated SQL Injection … |
tomdever |
wpForo Forum |
2025-10-25T06:49:24.551Z | 2025-10-27T15:37:26.760Z | |
| cve-2025-10637 | Social Feed Gallery <= 4.9.2 - Missing Authorization t… |
quadlayers |
Social Feed Gallery |
2025-10-25T06:49:24.127Z | 2025-10-27T15:38:46.458Z | |
| cve-2025-8483 | Discussion Board – WordPress Forum Plugin <= 2.5.5 - A… |
marketingfire |
Discussion Board – WordPress Forum Plugin |
2025-10-25T06:49:23.683Z | 2025-10-27T15:40:24.854Z | |
| cve-2025-9322 | Stripe Payment Forms <= 8.3.1 - Unauthenticated SQL In… |
themeisle |
Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions |
2025-10-25T06:49:23.256Z | 2025-10-27T15:44:23.530Z | |
| cve-2025-10580 | Widget Options – The #1 WordPress Widget & Block Contr… |
marketingfire |
Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets |
2025-10-25T06:49:22.861Z | 2025-10-27T15:45:22.899Z | |
| cve-2025-11255 | Password Policy Manager | Password Manager <= 2.0.5 - … |
cyberlord92 |
Password Policy Manager | Password Manager |
2025-10-25T06:49:22.427Z | 2025-10-27T15:52:24.137Z | |
| cve-2025-11497 | Advanced Database Cleaner <= 3.1.6 - Cross-Site Reques… |
symptote |
Advanced Database Cleaner |
2025-10-25T06:49:22.013Z | 2025-10-27T15:52:54.338Z | |
| cve-2025-11893 | Charitable – Donation Plugin for WordPress – Fundraisi… |
smub |
Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More |
2025-10-25T06:49:21.583Z | 2025-10-27T15:53:27.036Z | |
| cve-2025-10488 | Directorist: AI-Powered Business Directory Plugin with… |
wpwax |
Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings |
2025-10-25T06:49:21.186Z | 2025-10-27T15:54:15.168Z | |
| cve-2025-12034 | Fast Velocity Minify <= 3.5.1 - Authenticated (Admin+)… |
alignak |
Fast Velocity Minify |
2025-10-25T06:49:20.557Z | 2025-10-27T15:54:50.525Z | |
| cve-2025-12095 | Simple Registration for WooCommerce <= 1.5.8 - Cross-S… |
astoundify |
Simple Registration for WooCommerce |
2025-10-25T05:31:23.467Z | 2025-10-27T15:55:27.834Z | |
| cve-2025-12005 | WP VR – 360 Panorama and Free Virtual Tour Builder For… |
rextheme |
WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress |
2025-10-25T05:31:23.103Z | 2025-10-27T15:56:20.522Z | |
| cve-2025-10694 | User Feedback – Create Interactive Feedback Form, User… |
smub |
User Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds |
2025-10-25T05:31:22.739Z | 2025-10-27T15:57:39.705Z | |
| cve-2025-6639 | Tutor LMS Pro – eLearning and online course solution <… |
themeum |
Tutor LMS Pro |
2025-10-25T05:31:22.323Z | 2025-10-27T15:58:11.487Z | |
| cve-2025-11888 | ShopEngine Elementor WooCommerce Builder Addon – All i… |
roxnor |
ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution |
2025-10-25T05:31:21.952Z | 2025-10-27T16:00:31.674Z | |
| cve-2025-10737 | Open Source Genesis Framework <= 3.6.0 - Authenticated… |
StudioPress |
Open Source Genesis Framework |
2025-10-25T05:31:21.568Z | 2025-10-27T16:01:09.804Z | |
| cve-2025-11879 | GenerateBlocks <= 2.1.1 - Improper Authorization to Au… |
edge22 |
GenerateBlocks |
2025-10-25T05:31:21.144Z | 2025-10-27T15:51:35.186Z | |
| cve-2025-8588 | Gutenberg Blocks – PublishPress Blocks Controls, Visib… |
publishpress |
Gutenberg Blocks – PublishPress Blocks Controls, Visibility, Reusable Blocks |
2025-10-25T05:31:20.754Z | 2025-10-27T15:51:04.138Z | |
| cve-2025-11244 | Password Protected <= 2.7.11 - Unauthenticated Authori… |
saadiqbal |
Password Protected — Lock Entire Site, Pages, Posts, Categories, and Partial Content |
2025-10-25T05:31:20.356Z | 2025-10-27T15:49:58.830Z | |
| cve-2025-11564 | Tutor LMS – eLearning and online course solution <= 3.… |
themeum |
Tutor LMS – eLearning and online course solution |
2025-10-25T05:31:19.940Z | 2025-10-27T15:49:09.061Z | |
| cve-2025-8666 | Testimonial Carousel For Elementor <= 11.6.2 - Authent… |
uapp |
Testimonial Carousel For Elementor |
2025-10-25T05:31:19.307Z | 2025-10-27T15:48:15.392Z | |
| cve-2025-6680 | Tutor LMS <= 3.8.3 - Missing Authorization to Sensitiv… |
themeum |
Tutor LMS – eLearning and online course solution |
2025-10-25T05:31:18.909Z | 2025-10-27T15:47:28.193Z | |
| cve-2025-8413 | Listeo <= 2.0.8 - Authenticated (Contributor+) Stored … |
purethemes |
Listeo - Directory & Listings With Booking - WordPress Theme |
2025-10-25T05:31:18.515Z | 2025-10-27T15:46:49.140Z | |
| cve-2025-11238 | Watu Quiz <= 3.4.4 - Unauthenticated Stored Cross-Site… |
prasunsen |
Watu Quiz |
2025-10-25T05:31:18.111Z | 2025-10-27T15:46:22.939Z | |
| cve-2025-11269 | Product Filter by WBW <= 3.0.0 - Missing Authorization… |
woobewoo |
Product Filter by WBW |
2025-10-25T05:31:17.552Z | 2025-10-27T15:57:12.856Z | |
| cve-2025-11823 | ShopLentor – WooCommerce Builder for Elementor & Guten… |
devitemsllc |
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution (formerly WooLentor) |
2025-10-25T04:22:44.973Z | 2025-10-27T15:57:18.537Z | |
| cve-2025-10579 | BackWPup <= 5.5.0 - Missing Authorization to Sensitive… |
wp_media |
BackWPup – WordPress Backup & Restore Plugin |
2025-10-25T04:22:44.402Z | 2025-10-27T15:57:24.084Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-62904 | N/A | WordPress WP Geo plugin <= 3.5.1 - Cross Site Scriptin… |
Ben Huson |
WP Geo |
2025-10-27T01:33:51.339Z | 2025-11-13T10:33:47.648Z |
| cve-2025-62903 | N/A | WordPress WPC Smart Messages for WooCommerce plugin <=… |
WPClever |
WPC Smart Messages for WooCommerce |
2025-10-27T01:33:50.952Z | 2025-11-13T10:33:47.607Z |
| cve-2025-62902 | N/A | WordPress WP Popup Builder plugin <= 1.3.6 - Sensitive… |
ThemeHunk |
WP Popup Builder |
2025-10-27T01:33:50.531Z | 2025-11-13T10:33:47.599Z |
| cve-2025-62900 | N/A | WordPress Popular Posts by Webline plugin <= 1.1.1 - C… |
WeblineIndia |
Popular Posts by Webline |
2025-10-27T01:33:50.140Z | 2025-11-13T10:33:47.605Z |
| cve-2025-62899 | N/A | WordPress Photospace Responsive plugin <= 2.2.0 - Cros… |
THRIVE - Web Design Gold Coast |
Photospace Responsive |
2025-10-27T01:33:49.758Z | 2025-11-13T10:33:47.602Z |
| cve-2025-62898 | N/A | WordPress Links shortcode plugin <= 1.8.3 - Cross Site… |
Maarten |
Links shortcode |
2025-10-27T01:33:49.376Z | 2025-11-13T10:33:47.622Z |
| cve-2025-62897 | N/A | WordPress WP Recipe Maker plugin <= 10.1.1 - Content I… |
Brecht |
WP Recipe Maker |
2025-10-27T01:33:49.016Z | 2025-11-13T10:33:47.627Z |
| cve-2025-62896 | N/A | WordPress Multilang Contact Form plugin <= 1.5 - Cross… |
digitaldonkey |
Multilang Contact Form |
2025-10-27T01:33:48.644Z | 2025-11-13T10:33:47.595Z |
| cve-2025-62895 | N/A | WordPress Atarim plugin <= 4.2 - Sensitive Data Exposu… |
Vito Peleg |
Atarim |
2025-10-27T01:33:48.249Z | 2025-11-13T10:33:47.596Z |
| cve-2025-62894 | N/A | WordPress ACF Recent Posts Widget plugin <= 5.9.3 - Cr… |
magicoders |
ACF Recent Posts Widget |
2025-10-27T01:33:47.856Z | 2025-11-13T10:33:47.529Z |
| cve-2025-62893 | N/A | WordPress Create by Mediavine plugin <= 1.9.14 - Insec… |
mediavine |
Create by Mediavine |
2025-10-27T01:33:47.484Z | 2025-11-13T10:33:47.483Z |
| cve-2025-62892 | N/A | WordPress Sunshine Photo Cart plugin <= 3.5.3 - Broken… |
sunshinephotocart |
Sunshine Photo Cart |
2025-10-27T01:33:47.085Z | 2025-11-13T10:33:47.490Z |
| cve-2025-62891 | N/A | WordPress Off-Canvas Sidebars & Menus (Slidebars) plug… |
Jory Hogeveen |
Off-Canvas Sidebars & Menus (Slidebars) |
2025-10-27T01:33:46.691Z | 2025-11-13T10:33:47.451Z |
| cve-2025-62890 | N/A | WordPress Premmerce Brands for WooCommerce plugin <= 1… |
Premmerce |
Premmerce Brands for WooCommerce |
2025-10-27T01:33:46.308Z | 2025-11-13T10:33:47.456Z |
| cve-2025-62889 | N/A | WordPress King Addons for Elementor plugin <= 51.1.37 … |
KingAddons.com |
King Addons for Elementor |
2025-10-27T01:33:45.909Z | 2025-11-13T10:33:47.452Z |
| cve-2025-62887 | N/A | WordPress King Addons for Elementor plugin <= 51.1.37 … |
KingAddons.com |
King Addons for Elementor |
2025-10-27T01:33:45.420Z | 2025-11-13T10:33:47.462Z |
| cve-2025-62886 | N/A | WordPress Pricing Table builder plugin <= 1.5.1 - Cros… |
wpdevart |
Pricing Table builder |
2025-10-27T01:33:44.741Z | 2025-11-13T10:33:47.425Z |
| cve-2025-62885 | N/A | WordPress WP VR plugin <= 8.5.42 - Cross Site Scriptin… |
RexTheme |
WP VR |
2025-10-27T01:33:44.357Z | 2025-11-13T10:33:47.375Z |
| cve-2025-62884 | N/A | WordPress Coupon Affiliates plugin <= 7.0.3 - Broken A… |
Elliot Sowersby / RelyWP |
Coupon Affiliates |
2025-10-27T01:33:43.969Z | 2025-11-13T10:33:47.423Z |
| cve-2025-62883 | N/A | WordPress Premmerce User Roles plugin <= 1.0.13 - Brok… |
Premmerce |
Premmerce User Roles |
2025-10-27T01:33:43.581Z | 2025-11-13T10:33:47.380Z |
| cve-2025-62882 | N/A | WordPress Seriously Simple Podcasting plugin <= 3.13.0… |
Craig Hewitt |
Seriously Simple Podcasting |
2025-10-27T01:33:43.191Z | 2025-11-13T10:33:47.353Z |
| cve-2025-62881 | N/A | WordPress WP-Lister Lite for eBay plugin <= 3.8.3 - Br… |
WP Lab |
WP-Lister Lite for eBay |
2025-10-27T01:33:42.812Z | 2025-11-13T10:33:47.323Z |
| cve-2025-12202 | ajayrandhawa User-Management-PHP-MYSQL web cross-site … |
ajayrandhawa |
User-Management-PHP-MYSQL web |
2025-10-27T01:32:07.633Z | 2025-10-27T20:00:57.413Z | |
| cve-2025-12201 | ajayrandhawa User-Management-PHP-MYSQL User Management… |
ajayrandhawa |
User-Management-PHP-MYSQL |
2025-10-27T01:32:05.118Z | 2025-10-27T19:59:45.287Z | |
| cve-2025-12200 | N/A | {'providerMetadata': {'orgId': '1af790b2-7ee1-4545-860a-a788eba489b5', 'shortName': 'VulDB', 'dateUpdated': '2025-11-03T22:47:56.396Z'}, 'rejectedReasons': [{'lang': 'en', 'value': "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Based on the analysis by MITRE and review of community feedback, the reported conditions represent expected and intentional behavior within dnsmasq's documented design, rather than security vulnerabilities."}]} | N/A | N/A | 2025-10-27T01:07:44.551Z | 2025-11-03T22:47:56.396Z |
| cve-2025-12199 | N/A | {'providerMetadata': {'orgId': '1af790b2-7ee1-4545-860a-a788eba489b5', 'shortName': 'VulDB', 'dateUpdated': '2025-11-03T22:47:45.128Z'}, 'rejectedReasons': [{'lang': 'en', 'value': "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Based on the analysis by MITRE and review of community feedback, the reported conditions represent expected and intentional behavior within dnsmasq's documented design, rather than security vulnerabilities."}]} | N/A | N/A | 2025-10-27T01:02:09.029Z | 2025-11-03T22:47:45.128Z |
| cve-2025-12198 | N/A | {'providerMetadata': {'orgId': '1af790b2-7ee1-4545-860a-a788eba489b5', 'shortName': 'VulDB', 'dateUpdated': '2025-11-03T22:47:37.697Z'}, 'rejectedReasons': [{'lang': 'en', 'value': "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Based on the analysis by MITRE and review of community feedback, the reported conditions represent expected and intentional behavior within dnsmasq's documented design, rather than security vulnerabilities."}]} | N/A | N/A | 2025-10-27T00:58:12.511Z | 2025-11-03T22:47:37.697Z |
| cve-2025-6601 | 2.7 (v3.1) | Business Logic Errors in GitLab |
GitLab |
GitLab |
2025-10-27T00:06:04.304Z | 2025-10-28T15:18:04.225Z |
| cve-2025-11989 | 3.7 (v3.1) | Missing Authorization in GitLab |
GitLab |
GitLab |
2025-10-26T23:33:50.230Z | 2025-10-28T14:44:46.810Z |
| cve-2025-11974 | 6.5 (v3.1) | Allocation of Resources Without Limits or Throttling i… |
GitLab |
GitLab |
2025-10-27T00:05:24.332Z | 2025-10-28T14:59:56.029Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-187724 | Malicious code in lambda-cloud-class-public-meta (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187723 | Malicious code in lambda-byte-sigma-static-reject (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187722 | Malicious code in lacerta-style-loader-mini-css-extract-plugin-less (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187721 | Malicious code in lacerta-polaris-tool-resolvers (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187720 | Malicious code in lacerta-paleobotany-convict-babel (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187719 | Malicious code in lacerta-chalk-ini-neptune (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187718 | Malicious code in lacerta-ceres-jwt-stream (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187717 | Malicious code in lacerta-blackhole-juno-capella (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187716 | Malicious code in lacerta-betelgeuse-xanthus-upgrade (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187715 | Malicious code in lacerta-auth0-callisto-dorado (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187714 | Malicious code in kuiperbelt-yakutsk-bioinformatics-express (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187713 | Malicious code in kuiperbelt-taurus-csv-ceres (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187712 | Malicious code in kuiperbelt-protractor-epigenetics-kardashevscale (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187711 | Malicious code in kuiperbelt-phoebe-native-abiogenesis (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187710 | Malicious code in kuiperbelt-nova-parsec-helios (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187709 | Malicious code in kronos-pipe-delphinus-centauri (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187708 | Malicious code in kronos-phoebe-kronos-elektra (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187707 | Malicious code in kronos-lynx-brane-venus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187706 | Malicious code in kronos-inquirer-promise-dactyl (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187705 | Malicious code in kronos-ichnology-dotenv-safe-seismology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187704 | Malicious code in kronos-buffer-titan-zephyr (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187703 | Malicious code in koa-version-scorpius-ceres (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187702 | Malicious code in koa-vega-zenith-canopus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187701 | Malicious code in koa-prettier-stylelint-link-google (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187700 | Malicious code in koa-higgs-jasmine-wezen (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187699 | Malicious code in koa-eslint-plugin-corvus-dotenv-parse-variables (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187698 | Malicious code in koa-callback-postcss-loader-webdriver-manager (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187697 | Malicious code in koa-betelgeuse-luna-cassini (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187696 | Malicious code in kinetic-upgrade-pino-sagitta (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187695 | Malicious code in kinetic-redshift-pino-pretty-prettier-plugin-markdown (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:0782 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Container Release Update | 2025-01-28T22:38:24+00:00 | 2025-11-14T11:18:44+00:00 |
| rhsa-2025:0778 | Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.6.5 security updates and bug fixes | 2025-01-28T20:56:08+00:00 | 2025-11-15T08:44:09+00:00 |
| rhsa-2025:0783 | Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.6 Bug fix update | 2025-01-28T20:26:27+00:00 | 2025-11-15T08:44:11+00:00 |
| rhsa-2025:0777 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update | 2025-01-28T19:20:06+00:00 | 2025-11-16T17:00:43+00:00 |
| rhsa-2025:0775 | Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.3 Bug Fix Update | 2025-01-28T19:16:43+00:00 | 2025-11-15T08:44:07+00:00 |
| rhsa-2025:0774 | Red Hat Security Advisory: rsync security update | 2025-01-28T18:53:41+00:00 | 2025-11-15T00:13:57+00:00 |
| rhsa-2025:0771 | Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.4.2 security and bug fix update | 2025-01-28T15:50:58+00:00 | 2025-11-14T11:17:43+00:00 |
| rhsa-2025:0754 | Red Hat Security Advisory: Red Hat OpenShift Builds 1.2 | 2025-01-28T06:43:08+00:00 | 2025-11-14T11:38:50+00:00 |
| rhsa-2025:0656 | Red Hat Security Advisory: OpenShift Container Platform 4.17.14 packages and security update | 2025-01-28T04:59:21+00:00 | 2025-11-16T17:00:41+00:00 |
| rhsa-2025:0654 | Red Hat Security Advisory: OpenShift Container Platform 4.17.14 bug fix and security update | 2025-01-28T04:28:50+00:00 | 2025-11-15T08:44:06+00:00 |
| rhsa-2025:0737 | Red Hat Security Advisory: mariadb:10.11 security update | 2025-01-28T02:13:19+00:00 | 2025-10-28T01:53:24+00:00 |
| rhsa-2025:0739 | Red Hat Security Advisory: mariadb:10.5 security update | 2025-01-28T02:12:19+00:00 | 2025-11-08T06:42:41+00:00 |
| rhsa-2025:0746 | Red Hat Security Advisory: gimp:2.8 security update | 2025-01-28T02:07:24+00:00 | 2025-11-06T23:05:38+00:00 |
| rhsa-2025:0753 | Red Hat Security Advisory: Red Hat Ansible Automation Platform Execution Environments Container Release Update | 2025-01-28T01:03:48+00:00 | 2025-11-16T17:00:42+00:00 |
| rhsa-2025:0653 | Red Hat Security Advisory: OpenShift Container Platform 4.17.14 security and extras update | 2025-01-28T00:55:21+00:00 | 2025-11-15T08:44:04+00:00 |
| rhba-2025:0725 | Red Hat Bug Fix Advisory: kernel bug fix update | 2025-01-28T00:21:14+00:00 | 2025-11-07T13:08:11+00:00 |
| rhsa-2025:0722 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Container Release Update | 2025-01-27T22:39:15+00:00 | 2025-11-16T17:00:42+00:00 |
| rhsa-2025:0723 | Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.7.3 security updates and bug fixes | 2025-01-27T21:50:16+00:00 | 2025-11-15T08:44:09+00:00 |
| rhsa-2025:0721 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update | 2025-01-27T19:32:54+00:00 | 2025-11-16T17:00:42+00:00 |
| rhsa-2025:0715 | Red Hat Security Advisory: Red Hat OpenShift Builds 1.1 | 2025-01-27T17:03:08+00:00 | 2025-11-14T11:38:52+00:00 |
| rhsa-2025:0714 | Red Hat Security Advisory: rsync security update | 2025-01-27T16:43:28+00:00 | 2025-11-06T22:02:02+00:00 |
| rhsa-2025:0711 | Red Hat Security Advisory: python-jinja2 security update | 2025-01-27T13:33:03+00:00 | 2025-11-06T22:35:03+00:00 |
| rhsa-2025:0692 | Red Hat Security Advisory: redis:7 security update | 2025-01-27T01:43:02+00:00 | 2025-11-06T23:59:10+00:00 |
| rhsa-2025:0689 | Red Hat Security Advisory: redis:6 security update | 2025-01-27T01:43:02+00:00 | 2025-11-06T23:59:10+00:00 |
| rhsa-2025:0693 | Red Hat Security Advisory: redis security update | 2025-01-27T01:43:01+00:00 | 2025-11-13T05:53:04+00:00 |
| rhsa-2025:0685 | Red Hat Security Advisory: redis:6 security update | 2025-01-27T01:43:01+00:00 | 2025-11-06T23:59:09+00:00 |
| rhsa-2025:0688 | Red Hat Security Advisory: rsync security update | 2025-01-27T01:42:59+00:00 | 2025-11-15T00:13:57+00:00 |
| rhsa-2025:0679 | Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.10.7 bug fixes and container updates | 2025-01-23T23:30:43+00:00 | 2025-11-15T08:44:06+00:00 |
| rhsa-2025:0678 | Red Hat Security Advisory: RHSA: Submariner 0.16.8 - bug and security fixes | 2025-01-23T20:25:51+00:00 | 2025-11-14T11:38:49+00:00 |
| rhsa-2025:0676 | Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.5.8 security updates and bug fixes | 2025-01-23T20:15:51+00:00 | 2025-11-15T08:44:06+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2024-21241 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21239 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21238 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.39 and prior 8.4.1 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21237 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21236 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21231 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21230 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21219 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21218 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21213 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21212 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Health Monitor). Supported versions that are affected are 8.0.39 and prior and 8.4.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21207 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.38 and prior 8.4.1 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21203 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21201 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21199 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21198 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21197 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21196 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21194 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-21193 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | 2024-10-01T07:00:00.000Z | 2024-12-04T00:00:00.000Z |
| msrc_cve-2024-10041 | Pam: libpam: libpam vulnerable to read hashed password | 2024-10-01T07:00:00.000Z | 2025-04-05T00:00:00.000Z |
| msrc_cve-2023-52917 | ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() | 2024-10-01T07:00:00.000Z | 2025-03-04T00:00:00.000Z |
| msrc_cve-2022-48990 | drm/amdgpu: fix use-after-free during gpu recovery | 2024-10-01T07:00:00.000Z | 2025-09-03T21:46:43.000Z |
| msrc_cve-2022-48979 | drm/amd/display: fix array index out of bound error in DCN32 DML | 2024-10-01T07:00:00.000Z | 2025-09-03T22:14:34.000Z |
| msrc_cve-2022-48976 | netfilter: flowtable_offload: fix using __this_cpu_add in preemptible | 2024-10-01T07:00:00.000Z | 2025-09-03T21:28:59.000Z |
| msrc_cve-2019-25219 | Asio C++ Library lacks a fallback error code in the case of SSL_ERROR_SYSCALL | 2024-10-01T07:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2024-8775 | Ansible-core: exposure of sensitive information in ansible vault files due to improper logging | 2024-09-01T07:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2024-8645 | Access of Uninitialized Pointer in Wireshark | 2024-09-01T07:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2024-8612 | Qemu-kvm: information leak in virtio devices | 2024-09-01T07:00:00.000Z | 2025-09-04T05:21:33.000Z |
| msrc_cve-2024-8443 | Libopensc: heap buffer overflow in openpgp driver when generating key | 2024-09-01T07:00:00.000Z | 2025-09-03T23:30:13.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2008-000015 | BFup ActiveX Control buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T11:32+09:00 |
| jvndb-2008-000014 | Nagios cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2008-000013 | FTP bounce vulnerability in multiple Canon digital multifunction copiers and laser beam printers | 2008-05-21T00:00+09:00 | 2008-05-21T11:31+09:00 |
| jvndb-2008-000012 | Cross-site scripting vulnerability in multiple Tor World CGI scripts | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2008-000011 | Internet Scanner reporting engine vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2008-000010 | Google Desktop cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T11:31+09:00 |
| jvndb-2008-000009 | Apache Tomcat fails to properly handle cookie value | 2008-05-21T00:00+09:00 | 2010-01-05T12:14+09:00 |
| jvndb-2008-000008 | PC2M cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2008-000007 | RaidenHTTPD cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2008-000006 | Cross-site scripting vulnerabilities in multiple Hal Networks shopping cart products | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2008-000005 | Multiple Yamaha routers vulnerable to cross-site request forgery | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2008-000004 | Zimbra Collaboration Suite script execution vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T11:30+09:00 |
| jvndb-2008-000003 | MTCMS WYSIWYG Editor cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T11:30+09:00 |
| jvndb-2008-000001 | Multiple JustSystems products vulnerable to buffer overflow | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-001133 | Cosminexus Component Container Session Handling Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-001092 | JP1/Cm2/Network Node Manager Arbitrary Code Execution Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-001091 | Cosminexus Application Server Incorrect Group Permission Handling Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-001022 | Apache UTF-7 Encoding Cross-Site Scripting Vulnerability | 2008-05-21T00:00+09:00 | 2009-11-16T11:52+09:00 |
| jvndb-2007-001000 | Hitachi JP1/File Transmission Server/FTP Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000999 | Hitachi JP1/File Transmission Server/FTP Authentication Bypass Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000921 | Groupmax Collaboration Schedule Information Disclosure Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000878 | Ichitaro series buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000877 | Ichitaro series buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000876 | Ichitaro series buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000875 | AirStation series and BroadStation series vulnerable to cross-site request forgery | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000824 | GreaseKit and Creammonkey allows execution of userscript functions | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000823 | Cross-site scripting in Sun Java System Web Server and Sun Java System Web Proxy Server | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000822 | WinAce buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000820 | Google Web Toolkit vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000819 | Cross-site scripting vulnerability in Apache HTTP Server "mod_imap" and "mod_imagemap" | 2008-05-21T00:00+09:00 | 2013-07-18T18:58+09:00 |
| ID | Description | Updated |
|---|