Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-62f9-vg37-v934 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:02Z | 2025-10-24T18:31:02Z |
| ghsa-5992-r8wx-j2j7 | PerfreeBlog v4.0.11 has a File Upload vulnerability in the installPlugin function | 2025-10-24T18:31:02Z | 2025-10-24T21:31:11Z |
| ghsa-3xfh-83xg-cw7w | jshERP up to commit fbda24da was discovered to contain an unauthenticated remote code execution (RC… | 2025-10-24T18:31:02Z | 2025-10-24T18:31:02Z |
| ghsa-wv77-j25f-fx6w | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:01Z | 2025-10-24T21:31:11Z |
| ghsa-q7rr-j8f2-vxh3 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:01Z | 2025-10-24T18:31:01Z |
| ghsa-jff8-fh6c-h7jp | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:01Z | 2025-10-24T21:31:10Z |
| ghsa-fvj3-wm3x-cvhj | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:01Z | 2025-10-24T21:31:11Z |
| ghsa-f3m9-f5qh-96pr | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:01Z | 2025-10-24T18:31:01Z |
| ghsa-9vrh-83qh-jx4q | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:01Z | 2025-10-24T21:31:11Z |
| ghsa-4r5w-76r7-ch99 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:01Z | 2025-10-24T21:31:11Z |
| ghsa-wjg8-4fph-wwvf | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:00Z | 2025-10-24T21:31:10Z |
| ghsa-rhvc-82qq-pmg8 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:00Z | 2025-10-24T21:31:10Z |
| ghsa-pj28-h6vh-g59w | Undocumented administrative accounts were getting created to facilitate access for applications run… | 2025-10-24T18:31:00Z | 2025-11-10T15:31:02Z |
| ghsa-g4r4-rw3r-mcpx | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:00Z | 2025-10-24T21:31:10Z |
| ghsa-g2gq-8xv6-m432 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the next_page paramete… | 2025-10-24T18:31:00Z | 2025-10-24T21:31:10Z |
| ghsa-6qrp-v549-2cxv | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:00Z | 2025-10-24T21:31:10Z |
| ghsa-4x32-m936-v3x7 | D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter … | 2025-10-24T18:31:00Z | 2025-10-24T18:31:00Z |
| ghsa-w33r-f5q6-967f | In the Linux kernel, the following vulnerability has been resolved: arm64: ftrace: consistently ha… | 2025-10-24T18:30:57Z | 2025-10-24T18:30:57Z |
| ghsa-v6fv-v2qw-3wr9 | In the Linux kernel, the following vulnerability has been resolved: dm mirror log: round up region… | 2025-10-24T18:30:57Z | 2025-10-24T18:30:57Z |
| ghsa-h43m-2hvj-4frc | In the Linux kernel, the following vulnerability has been resolved: ice: Fix memory corruption in … | 2025-10-24T18:30:57Z | 2025-10-24T18:30:57Z |
| ghsa-fv86-c5hh-rvpj | In the Linux kernel, the following vulnerability has been resolved: zonefs: fix zonefs_iomap_begin… | 2025-10-24T18:30:57Z | 2025-10-24T18:30:57Z |
| ghsa-67hq-69g7-2v5w | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on ext4_mb_use_i… | 2025-10-24T18:30:57Z | 2025-10-24T18:30:57Z |
| ghsa-vrmp-g995-qwm3 | In the Linux kernel, the following vulnerability has been resolved: tunnels: do not assume mac hea… | 2025-10-24T18:30:56Z | 2025-10-24T18:30:56Z |
| ghsa-vq7c-8j8c-5xqp | In the Linux kernel, the following vulnerability has been resolved: tick/nohz: unexport __init-ann… | 2025-10-24T18:30:56Z | 2025-10-24T18:30:56Z |
| ghsa-rqcf-mx7p-prjx | In the Linux kernel, the following vulnerability has been resolved: filemap: Handle sibling entrie… | 2025-10-24T18:30:56Z | 2025-10-24T18:30:56Z |
| ghsa-q593-ph6q-rmqf | In the Linux kernel, the following vulnerability has been resolved: dm raid: fix KASAN warning in … | 2025-10-24T18:30:56Z | 2025-10-24T18:30:56Z |
| ghsa-p67w-5h3h-82g5 | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: fix list dou… | 2025-10-24T18:30:56Z | 2025-10-24T18:30:56Z |
| ghsa-p47r-wjhf-x2fg | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix request_sock leak in … | 2025-10-24T18:30:56Z | 2025-10-24T18:30:56Z |
| ghsa-mwj5-hv79-wr7f | In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: re-fetch… | 2025-10-24T18:30:56Z | 2025-10-24T18:30:56Z |
| ghsa-gq92-c2vh-pqwx | In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr … | 2025-10-24T18:30:56Z | 2025-10-24T18:30:56Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-11879 | GenerateBlocks <= 2.1.1 - Improper Authorization to Au… |
edge22 |
GenerateBlocks |
2025-10-25T05:31:21.144Z | 2025-10-27T15:51:35.186Z | |
| cve-2025-8588 | Gutenberg Blocks – PublishPress Blocks Controls, Visib… |
publishpress |
Gutenberg Blocks – PublishPress Blocks Controls, Visibility, Reusable Blocks |
2025-10-25T05:31:20.754Z | 2025-10-27T15:51:04.138Z | |
| cve-2025-11244 | Password Protected <= 2.7.11 - Unauthenticated Authori… |
saadiqbal |
Password Protected — Lock Entire Site, Pages, Posts, Categories, and Partial Content |
2025-10-25T05:31:20.356Z | 2025-10-27T15:49:58.830Z | |
| cve-2025-11564 | Tutor LMS – eLearning and online course solution <= 3.… |
themeum |
Tutor LMS – eLearning and online course solution |
2025-10-25T05:31:19.940Z | 2025-10-27T15:49:09.061Z | |
| cve-2025-8666 | Testimonial Carousel For Elementor <= 11.6.2 - Authent… |
uapp |
Testimonial Carousel For Elementor |
2025-10-25T05:31:19.307Z | 2025-10-27T15:48:15.392Z | |
| cve-2025-6680 | Tutor LMS <= 3.8.3 - Missing Authorization to Sensitiv… |
themeum |
Tutor LMS – eLearning and online course solution |
2025-10-25T05:31:18.909Z | 2025-10-27T15:47:28.193Z | |
| cve-2025-8413 | Listeo <= 2.0.8 - Authenticated (Contributor+) Stored … |
purethemes |
Listeo - Directory & Listings With Booking - WordPress Theme |
2025-10-25T05:31:18.515Z | 2025-10-27T15:46:49.140Z | |
| cve-2025-11238 | Watu Quiz <= 3.4.4 - Unauthenticated Stored Cross-Site… |
prasunsen |
Watu Quiz |
2025-10-25T05:31:18.111Z | 2025-10-27T15:46:22.939Z | |
| cve-2025-11269 | Product Filter by WBW <= 3.0.0 - Missing Authorization… |
woobewoo |
Product Filter by WBW |
2025-10-25T05:31:17.552Z | 2025-10-27T15:57:12.856Z | |
| cve-2025-11823 | ShopLentor – WooCommerce Builder for Elementor & Guten… |
devitemsllc |
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution (formerly WooLentor) |
2025-10-25T04:22:44.973Z | 2025-10-27T15:57:18.537Z | |
| cve-2025-10579 | BackWPup <= 5.5.0 - Missing Authorization to Sensitive… |
wp_media |
BackWPup – WordPress Backup & Restore Plugin |
2025-10-25T04:22:44.402Z | 2025-10-27T15:57:24.084Z | |
| cve-2025-11760 | eRoom – Webinar & Meeting Plugin for Zoom, Google Meet… |
wpcenter |
eRoom – Webinar & Meeting Plugin for Zoom, Google Meet, Microsoft Teams |
2025-10-25T01:45:55.977Z | 2025-10-27T15:57:29.737Z | |
| cve-2025-34503 | 7 (v4.0) | Shuffle Master Deck Mate 1 Unauthenticated EEPROM Firm… |
Light & Wonder, Inc. / SHFL Entertainment, Inc. / Shuffle Master, Inc. |
Deck Mate 1 |
2025-10-24T23:04:43.922Z | 2025-10-27T15:57:36.604Z |
| cve-2025-34502 | 7 (v4.0) | Shuffle Master Deck Mate 2 Missing Secure Boot |
Light & Wonder, Inc. / SHFL Entertainment, Inc. / Shuffle Master, Inc. |
Deck Mate 2 |
2025-10-24T23:04:11.948Z | 2025-10-27T15:57:43.141Z |
| cve-2025-34500 | 7 (v4.0) | Shuffle Master Deck Mate 2 Insecure Update Chain |
Light & Wonder, Inc. / SHFL Entertainment, Inc. / Shuffle Master, Inc. |
Deck Mate 2 |
2025-10-24T23:02:29.851Z | 2025-10-27T15:21:02.916Z |
| cve-2025-12194 | 5.9 (v4.0) | Uncontrolled Resource Consumption vulnerability i… |
Legion of the Bouncy Castle Inc. |
Bouncy Castle for Java FIPS |
2025-10-24T22:51:36.942Z | 2025-10-27T15:21:41.167Z |
| cve-2025-62711 | Wasmtime vulnerable to segfault when using component r… |
bytecodealliance |
wasmtime |
2025-10-24T21:54:52.578Z | 2025-10-27T15:22:22.914Z | |
| cve-2025-4106 | 8.9 (v4.0) | WatchGuard Firebox leftover debug code vulnerability |
WatchGuard |
Fireware OS |
2025-10-24T21:32:30.165Z | 2025-10-28T03:55:59.720Z |
| cve-2025-34293 | 8.6 (v4.0) | GN4 Publishing System Insecure Direct Object Reference… |
Naviga Global / Miles 33 |
GN4 Publishing System |
2025-10-24T21:16:13.672Z | 2025-10-27T15:23:13.831Z |
| cve-2025-62723 | FlashMQ does not release memory of queued QoS messages |
halfgaar |
FlashMQ |
2025-10-24T20:16:34.047Z | 2025-10-24T20:32:00.596Z | |
| cve-2025-62717 | Emlog Pro session verification code error due to clear… |
emlog |
emlog |
2025-10-24T20:13:47.407Z | 2025-10-24T20:34:16.932Z | |
| cve-2025-62716 | Plane Vulnerable to Cross-Site Scripting via Open Redi… |
makeplane |
plane |
2025-10-24T20:06:18.446Z | 2025-10-24T20:28:13.981Z | |
| cve-2025-12176 | 10 (v4.0) | Undocumented Administrative Accounts |
Azure Access Technology |
BLU-IC2 |
2025-10-24T15:56:07.959Z | 2025-10-24T19:56:09.959Z |
| cve-2025-62714 | Karmada Dashboard API Unauthorized Access Vulnerability |
karmada-io |
dashboard |
2025-10-24T15:41:59.899Z | 2025-10-24T17:29:39.462Z | |
| cve-2025-11145 | 7.5 (v3.1) | User Enumeration in CBK Soft's enVision |
CBK Soft Software Hardware Electronic Computer Systems Industry and Trade Inc. |
enVision |
2025-10-24T14:25:37.498Z | 2025-10-28T14:05:07.301Z |
| cve-2025-8536 | 9.3 (v4.0) | SQL Injection in DobryCMS |
Studio Fabryka |
DobryCMS |
2025-10-24T14:18:20.189Z | 2025-10-24T14:40:35.098Z |
| cve-2025-43994 | 8.6 (v3.1) | Dell Storage Center - Dell Storage Manager, versi… |
Dell |
Dell Storage Manager |
2025-10-24T14:14:41.021Z | 2025-10-24T14:44:14.598Z |
| cve-2025-43995 | 9.8 (v3.1) | Dell Storage Center - Dell Storage Manager, versi… |
Dell |
Dell Storage Manager |
2025-10-24T14:09:55.238Z | 2025-10-25T03:56:07.748Z |
| cve-2025-46425 | 6.5 (v3.1) | Dell Storage Center - Dell Storage Manager, versi… |
Dell |
Dell Storage Manager |
2025-10-24T14:04:03.635Z | 2025-10-25T03:56:08.661Z |
| cve-2025-11576 | AI Chatbot Free Models – Customer Support, Live Chat, … |
newcodebyte |
AI Chatbot Free Models – Customer Support, Live Chat, Virtual Assistant |
2025-10-24T12:29:56.573Z | 2025-10-24T12:48:31.982Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-62881 | N/A | WordPress WP-Lister Lite for eBay plugin <= 3.8.3 - Br… |
WP Lab |
WP-Lister Lite for eBay |
2025-10-27T01:33:42.812Z | 2025-11-13T10:33:47.323Z |
| cve-2025-12202 | ajayrandhawa User-Management-PHP-MYSQL web cross-site … |
ajayrandhawa |
User-Management-PHP-MYSQL web |
2025-10-27T01:32:07.633Z | 2025-10-27T20:00:57.413Z | |
| cve-2025-12201 | ajayrandhawa User-Management-PHP-MYSQL User Management… |
ajayrandhawa |
User-Management-PHP-MYSQL |
2025-10-27T01:32:05.118Z | 2025-10-27T19:59:45.287Z | |
| cve-2025-12200 | N/A | {'providerMetadata': {'orgId': '1af790b2-7ee1-4545-860a-a788eba489b5', 'shortName': 'VulDB', 'dateUpdated': '2025-11-03T22:47:56.396Z'}, 'rejectedReasons': [{'lang': 'en', 'value': "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Based on the analysis by MITRE and review of community feedback, the reported conditions represent expected and intentional behavior within dnsmasq's documented design, rather than security vulnerabilities."}]} | N/A | N/A | 2025-10-27T01:07:44.551Z | 2025-11-03T22:47:56.396Z |
| cve-2025-12199 | N/A | {'providerMetadata': {'orgId': '1af790b2-7ee1-4545-860a-a788eba489b5', 'shortName': 'VulDB', 'dateUpdated': '2025-11-03T22:47:45.128Z'}, 'rejectedReasons': [{'lang': 'en', 'value': "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Based on the analysis by MITRE and review of community feedback, the reported conditions represent expected and intentional behavior within dnsmasq's documented design, rather than security vulnerabilities."}]} | N/A | N/A | 2025-10-27T01:02:09.029Z | 2025-11-03T22:47:45.128Z |
| cve-2025-12198 | N/A | {'providerMetadata': {'orgId': '1af790b2-7ee1-4545-860a-a788eba489b5', 'shortName': 'VulDB', 'dateUpdated': '2025-11-03T22:47:37.697Z'}, 'rejectedReasons': [{'lang': 'en', 'value': "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Based on the analysis by MITRE and review of community feedback, the reported conditions represent expected and intentional behavior within dnsmasq's documented design, rather than security vulnerabilities."}]} | N/A | N/A | 2025-10-27T00:58:12.511Z | 2025-11-03T22:47:37.697Z |
| cve-2025-6601 | 2.7 (v3.1) | Business Logic Errors in GitLab |
GitLab |
GitLab |
2025-10-27T00:06:04.304Z | 2025-10-28T15:18:04.225Z |
| cve-2025-11989 | 3.7 (v3.1) | Missing Authorization in GitLab |
GitLab |
GitLab |
2025-10-26T23:33:50.230Z | 2025-10-28T14:44:46.810Z |
| cve-2025-11974 | 6.5 (v3.1) | Allocation of Resources Without Limits or Throttling i… |
GitLab |
GitLab |
2025-10-27T00:05:24.332Z | 2025-10-28T14:59:56.029Z |
| cve-2025-11971 | 6.5 (v3.1) | Incorrect Authorization in GitLab |
GitLab |
GitLab |
2025-10-27T00:05:34.305Z | 2025-10-28T15:00:45.588Z |
| cve-2025-11447 | 7.5 (v3.1) | Allocation of Resources Without Limits or Throttling i… |
GitLab |
GitLab |
2025-10-27T00:05:19.810Z | 2025-10-28T14:58:37.798Z |
| cve-2025-10497 | 7.5 (v3.1) | Allocation of Resources Without Limits or Throttling i… |
GitLab |
GitLab |
2025-10-27T00:05:39.306Z | 2025-10-28T15:02:48.809Z |
| cve-2025-12285 | 10 (v4.0) | Missing Initial Password Change |
Azure Access Technology |
BLU-IC2 |
2025-10-26T16:24:09.001Z | 2025-10-28T14:44:03.485Z |
| cve-2025-12284 | 6.9 (v4.0) | Lack of Input Validation |
Azure Access Technology |
BLU-IC2 |
2025-10-26T16:21:56.272Z | 2025-10-28T14:35:55.307Z |
| cve-2025-12278 | 6.9 (v4.0) | Logout Functionality not Working |
Azure Access Technology |
BLU-IC2 |
2025-10-26T16:14:33.383Z | 2025-10-28T14:34:56.546Z |
| cve-2025-12275 | 10 (v4.0) | Mail Configuration File Manipulation + Command Execution |
Azure Access Technology |
BLU-IC2 |
2025-10-26T16:15:33.851Z | 2025-10-28T14:35:27.315Z |
| cve-2025-8709 | SQL Injection in langchain-ai/langchain |
langchain-ai |
langchain-ai/langchain |
2025-10-26T05:38:55.335Z | 2025-10-28T14:32:39.540Z | |
| cve-2025-55757 | N/A | Extension - virtuemart.net - XSS in VirtueMart compone… |
virtuemart.net |
Virtuemart component for Joomla |
2025-10-25T18:34:46.909Z | 2025-10-28T04:35:21.702Z |
| cve-2025-12221 | 2.1 (v4.0) | CSRF Token not Properly Implemented |
Azure Access Technology |
BLU-IC2 |
2025-10-25T15:57:45.632Z | 2025-10-28T14:19:34.913Z |
| cve-2025-12220 | 10 (v4.0) | Busybox 1.31.1 - Multiple Known Vulnerabilities |
Azure Access Technology |
BLU-IC2 |
2025-10-25T15:53:03.558Z | 2025-10-28T14:18:06.558Z |
| cve-2025-12219 | 10 (v4.0) | Vulnerable Components in Azure Access OS |
Azure Access Technology |
BLU-IC2 |
2025-10-25T15:51:58.319Z | 2025-10-28T14:17:14.372Z |
| cve-2025-12218 | 10 (v4.0) | Weak Default Credentials |
Azure Access Technology |
BLU-IC2 |
2025-10-25T15:47:36.582Z | 2025-10-28T14:16:38.559Z |
| cve-2025-12217 | 6.9 (v4.0) | SNMP Default Community String (public) |
Azure Access Technology |
BLU-IC2 |
2025-10-25T15:39:52.671Z | 2025-10-28T14:15:52.139Z |
| cve-2025-12216 | 10 (v4.0) | Malicious / Malformed App can be Installed but not Uni… |
Azure Access Technology |
BLU-IC2 |
2025-10-25T15:33:18.476Z | 2025-10-28T14:07:11.115Z |
| cve-2025-11897 | The7 — Ultimate WordPress & WooCommerce Theme <= 12.9.… |
Dream-Theme |
The7 — Website and eCommerce Builder for WordPress |
2025-10-25T12:26:28.878Z | 2025-10-27T15:29:28.780Z | |
| cve-2025-9322 | Stripe Payment Forms <= 8.3.1 - Unauthenticated SQL In… |
themeisle |
Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions |
2025-10-25T06:49:23.256Z | 2025-10-27T15:44:23.530Z | |
| cve-2025-8483 | Discussion Board – WordPress Forum Plugin <= 2.5.5 - A… |
marketingfire |
Discussion Board – WordPress Forum Plugin |
2025-10-25T06:49:23.683Z | 2025-10-27T15:40:24.854Z | |
| cve-2025-8416 | Product Filter by WBW <= 2.9.7 - Unauthenticated SQL I… |
woobewoo |
Product Filter by WBW |
2025-10-25T06:49:24.974Z | 2025-10-27T15:35:36.633Z | |
| cve-2025-4203 | wpForo Forum <= 2.4.8 - Unauthenticated SQL Injection … |
tomdever |
wpForo Forum |
2025-10-25T06:49:24.551Z | 2025-10-27T15:37:26.760Z | |
| cve-2025-12034 | Fast Velocity Minify <= 3.5.1 - Authenticated (Admin+)… |
alignak |
Fast Velocity Minify |
2025-10-25T06:49:20.557Z | 2025-10-27T15:54:50.525Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-187695 | Malicious code in kinetic-redshift-pino-pretty-prettier-plugin-markdown (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187694 | Malicious code in kinetic-paleoclimatology-holography-tailwindcss (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187693 | Malicious code in kinetic-ora-bootstrap-redshift (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187692 | Malicious code in kinetic-module-apollo-pm2 (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187691 | Malicious code in kinetic-jovian-auth-cache (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187690 | Malicious code in kinetic-iota-lint-palynology (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187689 | Malicious code in kinetic-configstore-nuxtjs-colors (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187688 | Malicious code in kinetic-backend-technocracy-archaeometry (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187687 | Malicious code in key-tree-cron-serialize-process (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187686 | Malicious code in key-static-authorize-authenticate-quick (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187685 | Malicious code in key-refactor-finally-optimize-pipe (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187684 | Malicious code in key-orchestrate-promise-mu-bad (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187683 | Malicious code in key-notify-stack-water-module (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187682 | Malicious code in key-kernel-transpile-test-yaml (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187681 | Malicious code in key-encrypt-bad-class-kernel (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187680 | Malicious code in key-class-optimize-notify-fire (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187679 | Malicious code in kernel-visualize-meta-import-transpile (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187678 | Malicious code in kernel-stack-grep-zero-table (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187677 | Malicious code in kernel-promise-proxy-xml-pipe (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187676 | Malicious code in kernel-encode-benchmark-interface-virtualize (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187675 | Malicious code in kaus-triton-sadr-aurora (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187674 | Malicious code in kaus-atlas-aurora-promise (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187673 | Malicious code in kaus-antares-update-neptune (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187672 | Malicious code in kastra-perseus-comet-deimos (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187671 | Malicious code in kastra-oberon-spectroscopy-mocha (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187670 | Malicious code in karma-update-slidev-websockets (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187669 | Malicious code in karma-spectron-parcel-aether (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187668 | Malicious code in karma-remark-meissa-quasarjet (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187667 | Malicious code in karma-install-spectron-bootes (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| mal-2025-187666 | Malicious code in karma-cross-env-mocha-grus (npm) | 2025-11-13T03:23:14Z | 2025-11-13T03:23:14Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:0689 | Red Hat Security Advisory: redis:6 security update | 2025-01-27T01:43:02+00:00 | 2025-11-06T23:59:10+00:00 |
| rhsa-2025:0693 | Red Hat Security Advisory: redis security update | 2025-01-27T01:43:01+00:00 | 2025-11-13T05:53:04+00:00 |
| rhsa-2025:0685 | Red Hat Security Advisory: redis:6 security update | 2025-01-27T01:43:01+00:00 | 2025-11-06T23:59:09+00:00 |
| rhsa-2025:0688 | Red Hat Security Advisory: rsync security update | 2025-01-27T01:42:59+00:00 | 2025-11-15T00:13:57+00:00 |
| rhsa-2025:0679 | Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.10.7 bug fixes and container updates | 2025-01-23T23:30:43+00:00 | 2025-11-15T08:44:06+00:00 |
| rhsa-2025:0678 | Red Hat Security Advisory: RHSA: Submariner 0.16.8 - bug and security fixes | 2025-01-23T20:25:51+00:00 | 2025-11-14T11:38:49+00:00 |
| rhsa-2025:0676 | Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.5.8 security updates and bug fixes | 2025-01-23T20:15:51+00:00 | 2025-11-15T08:44:06+00:00 |
| rhsa-2025:0667 | Red Hat Security Advisory: python-jinja2 security update | 2025-01-23T16:02:09+00:00 | 2025-11-06T22:35:03+00:00 |
| rhsa-2025:0664 | Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.35.0 security update & enhancements | 2025-01-23T13:02:37+00:00 | 2025-11-15T08:44:06+00:00 |
| rhsa-2025:0662 | Red Hat Security Advisory: grafana security update | 2025-01-23T09:34:23+00:00 | 2025-11-13T10:44:13+00:00 |
| rhsa-2025:0640 | Red Hat Security Advisory: redis:6 security update | 2025-01-23T02:24:27+00:00 | 2025-11-06T23:59:08+00:00 |
| rhsa-2025:0637 | Red Hat Security Advisory: rsync security update | 2025-01-22T23:52:12+00:00 | 2025-11-15T00:13:57+00:00 |
| rhsa-2025:0426 | Red Hat Security Advisory: java-21-openjdk security update for RHEL 8.10, 9.4 and 9.5 | 2025-01-22T21:12:37+00:00 | 2025-11-08T07:16:47+00:00 |
| rhsa-2025:0428 | Red Hat Security Advisory: OpenJDK 21.0.6 Security Update for Windows Builds | 2025-01-22T20:44:48+00:00 | 2025-11-08T07:16:47+00:00 |
| rhsa-2025:0427 | Red Hat Security Advisory: OpenJDK 21.0.6 Security Update for Portable Linux Builds | 2025-01-22T20:44:28+00:00 | 2025-11-08T07:16:47+00:00 |
| rhsa-2025:0424 | Red Hat Security Advisory: OpenJDK 17.0.14 Security Update for Portable Linux Builds | 2025-01-22T11:24:15+00:00 | 2025-11-08T07:16:46+00:00 |
| rhsa-2025:0425 | Red Hat Security Advisory: OpenJDK 17.0.14 Security Update for Windows Builds | 2025-01-22T11:24:10+00:00 | 2025-11-08T07:16:46+00:00 |
| rhsa-2025:0422 | Red Hat Security Advisory: java-17-openjdk security update for RHEL 8.6, 8.8, 8.10, 9.4 and 9.5 | 2025-01-22T11:19:05+00:00 | 2025-11-08T07:16:46+00:00 |
| rhsa-2025:0595 | Red Hat Security Advisory: redis:6 security update | 2025-01-22T10:42:40+00:00 | 2025-11-14T11:13:52+00:00 |
| rhsa-2025:0421 | Red Hat Security Advisory: java-17-openjdk security update for RHEL 8.4 | 2025-01-22T09:20:15+00:00 | 2025-11-08T07:16:46+00:00 |
| rhsa-2025:0423 | Red Hat Security Advisory: java-17-openjdk security update for RHEL 9.0 and 9.2 | 2025-01-22T09:14:15+00:00 | 2025-11-08T07:16:46+00:00 |
| rhsa-2025:0429 | Red Hat Security Advisory: java-11-openjdk ELS security update | 2025-01-22T09:07:10+00:00 | 2025-11-08T07:16:49+00:00 |
| rhsa-2025:0576 | Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.9.6 bug fixes and container updates | 2025-01-22T03:22:29+00:00 | 2025-11-15T08:44:02+00:00 |
| rhsa-2025:0364 | Red Hat Security Advisory: OpenShift Container Platform 4.14.45 bug fix and security update | 2025-01-22T03:22:29+00:00 | 2025-11-14T11:38:40+00:00 |
| rhsa-2025:0578 | Red Hat Security Advisory: kernel security update | 2025-01-22T02:15:54+00:00 | 2025-11-07T15:55:27+00:00 |
| rhsa-2025:0577 | Red Hat Security Advisory: Red Hat multicluster global hub 1.3.2 enhancements and container updates | 2025-01-22T01:32:21+00:00 | 2025-11-15T08:44:03+00:00 |
| rhsa-2025:0552 | Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.4.7 security updates and bug fixes | 2025-01-21T23:12:13+00:00 | 2025-11-15T08:44:02+00:00 |
| rhsa-2025:0570 | Red Hat Security Advisory: iperf3 security update | 2025-01-21T22:51:14+00:00 | 2025-11-06T22:35:02+00:00 |
| rhsa-2025:0560 | Red Hat Security Advisory: Red Hat Multicluster GlobalHub 1.2.1 bug fixes and container updates | 2025-01-21T21:22:09+00:00 | 2025-11-15T08:44:02+00:00 |
| rhsa-2025:0566 | Red Hat Security Advisory: redis:7 security update | 2025-01-21T21:19:19+00:00 | 2025-11-06T23:59:08+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2024-8354 | Qemu-kvm: usb: assertion failure in usb_ep_get() | 2024-09-01T07:00:00.000Z | 2025-09-04T03:32:24.000Z |
| msrc_cve-2024-8096 | OCSP stapling bypass with GnuTLS | 2024-09-01T07:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2024-6232 | Regular-expression DoS when parsing TarFile headers | 2024-09-01T07:00:00.000Z | 2024-10-15T00:00:00.000Z |
| msrc_cve-2024-6119 | Possible denial of service in X.509 name checks | 2024-09-01T07:00:00.000Z | 2025-06-03T00:00:00.000Z |
| msrc_cve-2024-46864 | x86/hyperv: fix kexec crash due to VP assist page corruption | 2024-09-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-46863 | ASoC: Intel: soc-acpi-intel-lnl-match: add missing empty item | 2024-09-01T07:00:00.000Z | 2024-12-03T00:00:00.000Z |
| msrc_cve-2024-46861 | usbnet: ipheth: do not stop RX on failing RX callback | 2024-09-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-46860 | wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change | 2024-09-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-46859 | platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses | 2024-09-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-46858 | mptcp: pm: Fix uaf in __timer_delete_sync | 2024-09-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-46857 | net/mlx5: Fix bridge mode operations when there are no VFs | 2024-09-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-46855 | netfilter: nft_socket: fix sk refcount leaks | 2024-09-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-46854 | net: dpaa: Pad packets to ETH_ZLEN | 2024-09-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-46853 | spi: nxp-fspi: fix the KASAN report out-of-bounds bug | 2024-09-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-46852 | dma-buf: heaps: Fix off-by-one in CMA heap fault handler | 2024-09-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-46849 | ASoC: meson: axg-card: fix 'use-after-free' | 2024-09-01T07:00:00.000Z | 2024-11-09T00:00:00.000Z |
| msrc_cve-2024-46848 | perf/x86/intel: Limit the period on Haswell | 2024-09-01T07:00:00.000Z | 2024-10-16T00:00:00.000Z |
| msrc_cve-2024-46847 | mm: vmalloc: ensure vmap_block is initialised before adding to queue | 2024-09-01T07:00:00.000Z | 2024-10-16T00:00:00.000Z |
| msrc_cve-2024-46846 | spi: rockchip: Resolve unbalanced runtime PM / system PM handling | 2024-09-01T07:00:00.000Z | 2024-10-16T00:00:00.000Z |
| msrc_cve-2024-46845 | tracing/timerlat: Only clear timer if a kthread exists | 2024-09-01T07:00:00.000Z | 2024-10-16T00:00:00.000Z |
| msrc_cve-2024-46844 | um: line: always fill *error_out in setup_one_line() | 2024-09-01T07:00:00.000Z | 2024-10-16T00:00:00.000Z |
| msrc_cve-2024-46843 | scsi: ufs: core: Remove SCSI host only if added | 2024-09-01T07:00:00.000Z | 2024-10-16T00:00:00.000Z |
| msrc_cve-2024-46841 | btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() | 2024-09-01T07:00:00.000Z | 2025-09-03T21:12:49.000Z |
| msrc_cve-2024-46840 | btrfs: clean up our handling of refs == 0 in snapshot delete | 2024-09-01T07:00:00.000Z | 2024-10-16T00:00:00.000Z |
| msrc_cve-2024-46838 | userfaultfd: don't BUG_ON() if khugepaged yanks our page table | 2024-09-01T07:00:00.000Z | 2024-10-16T00:00:00.000Z |
| msrc_cve-2024-46836 | usb: gadget: aspeed_udc: validate endpoint index for ast udc | 2024-09-01T07:00:00.000Z | 2024-10-16T00:00:00.000Z |
| msrc_cve-2024-46835 | drm/amdgpu: Fix smatch static checker warning | 2024-09-01T07:00:00.000Z | 2024-10-16T00:00:00.000Z |
| msrc_cve-2024-46834 | ethtool: fail closed if we can't get max channel used in indirection tables | 2024-09-01T07:00:00.000Z | 2025-09-03T21:40:43.000Z |
| msrc_cve-2024-46832 | MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed | 2024-09-01T07:00:00.000Z | 2024-10-16T00:00:00.000Z |
| msrc_cve-2024-46831 | net: microchip: vcap: Fix use-after-free error in kunit test | 2024-09-01T07:00:00.000Z | 2024-10-16T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2007-000818 | Flash Player allows to send arbitrary HTTP headers | 2008-05-21T00:00+09:00 | 2008-06-20T13:34+09:00 |
| jvndb-2007-000817 | Flash Player vulnerable in handling cross-domain policy files | 2008-05-21T00:00+09:00 | 2009-02-10T11:32+09:00 |
| jvndb-2007-000816 | Rainboard cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000815 | Multiple Cybozu products vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000814 | Multiple Cybozu products vulnerable to HTTP header injection | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000813 | Multiple Cybozu products vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000812 | Cybozu Office denial of service (DoS) vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000811 | HttpLogger vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000810 | JP1/Cm2/Network Node Manager vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000809 | SonicStage CP buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000808 | Lhaplus buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000807 | FileMaker cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000806 | Feed2JS cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000805 | RoundCube Webmail cross-site request forgery vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000804 | Sleipnir and Grani Bookmark Search vulnerable to arbitrary script execution | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000803 | Cross-site scripting vulnerability in updir.php in UPDIR.NET | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000802 | Lotus Domino cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000801 | NetCommons cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000779 | MouseoverDictionary vulnerable to arbitrary script execution | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000773 | Hitachi Web Server Cross-Site Scripting Vulnerability with Server-Status Page | 2008-05-21T00:00+09:00 | 2014-05-21T18:27+09:00 |
| jvndb-2007-000772 | Hitachi Web Server SSL Client Authentication Vulnerability | 2008-05-21T00:00+09:00 | 2014-05-23T18:32+09:00 |
| jvndb-2007-000745 | PowerArchiver buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000730 | Webmin OS command injection vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000729 | Aipo session fixation vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000727 | Safari allows access from HTTP to HTTPS | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000712 | Cosminexus Agent Process Crash Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000711 | TPBroker Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000710 | Cosminexus Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000702 | Cosminexus Developer's Kit for Java Buffer Overflow and Denial of Service Vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000701 | Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java Buffer Overflow Vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|