Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-c5c6-fj3h-jwh2 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potentia… | 2025-12-30T15:30:31Z | 2025-12-30T15:30:31Z |
| ghsa-964v-hgf6-j872 | In the Linux kernel, the following vulnerability has been resolved: leds: led-core: Fix refcount l… | 2025-12-30T15:30:31Z | 2025-12-30T15:30:31Z |
| ghsa-92h7-9rvh-996h | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds … | 2025-12-30T15:30:31Z | 2025-12-30T15:30:31Z |
| ghsa-7cww-g38x-r47j | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fix using eswit… | 2025-12-30T15:30:31Z | 2025-12-30T15:30:31Z |
| ghsa-5gfv-jw63-2f46 | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix memory… | 2025-12-30T15:30:31Z | 2025-12-30T15:30:31Z |
| ghsa-58q4-73m8-4p8p | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Avoid use… | 2025-12-30T15:30:31Z | 2025-12-30T15:30:31Z |
| ghsa-39rg-6496-pf73 | In the Linux kernel, the following vulnerability has been resolved: tty: fix out-of-bounds access … | 2025-12-30T15:30:31Z | 2025-12-30T15:30:31Z |
| ghsa-2x24-vjrm-p9g2 | In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix race condition U… | 2025-12-30T15:30:31Z | 2025-12-30T15:30:31Z |
| ghsa-2vqh-h684-hcw9 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 2025-12-30T15:30:31Z | 2025-12-30T15:30:31Z |
| ghsa-25gx-7w99-7j35 | In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources … | 2025-12-30T15:30:31Z | 2025-12-30T15:30:31Z |
| ghsa-xhm8-cfh8-8hcp | In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Add check for kstr… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:31Z |
| ghsa-xgf9-7jgm-fgxp | In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displaypo… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-wxwm-5fjr-9g52 | In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix null pointer… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-w746-97c4-584x | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix memory leak in … | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-vvr9-4v54-jx9g | In the Linux kernel, the following vulnerability has been resolved: dmaengine: apple-admac: Fix 'c… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-vhgh-3prp-mw4q | In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: xiic_xfer(): Fix ru… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-rpwv-q8h7-6mvf | In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-rgpm-wqmc-fmj4 | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak of it… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-r3pm-w3wq-c59c | In the Linux kernel, the following vulnerability has been resolved: keys: Fix linking a duplicate … | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-px78-h2pc-q658 | In the Linux kernel, the following vulnerability has been resolved: btrfs: remove BUG_ON()'s in ad… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-p5cq-xjmm-63wj | In the Linux kernel, the following vulnerability has been resolved: vfio: Fix NULL pointer derefer… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-p246-5fr5-qxpv | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to check readonly co… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-mhc4-7fcr-wrj3 | In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Free cmd… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-m7mj-mw9m-293g | In the Linux kernel, the following vulnerability has been resolved: m68k: mm: Move initrd phys_to_… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-m688-w5rr-prwm | In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpf… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-f7wq-xf7h-wrxp | In the Linux kernel, the following vulnerability has been resolved: quota: fix warning in dqgrab()… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-6985-fmpm-h392 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix issue in verifying al… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-54vr-v43g-gq47 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Prevent shift wrapp… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-526g-75xw-f5hp | In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ghsa-3jcf-h7p4-qqm8 | In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potent… | 2025-12-30T15:30:30Z | 2025-12-30T15:30:30Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2023-54215 | N/A | virtio-vdpa: Fix cpumask memory leak in virtio_vdpa_fi… |
Linux |
Linux |
2025-12-30T12:11:12.063Z | 2025-12-30T12:11:12.063Z |
| cve-2023-54214 | N/A | Bluetooth: L2CAP: Fix potential user-after-free |
Linux |
Linux |
2025-12-30T12:11:11.383Z | 2025-12-30T12:11:11.383Z |
| cve-2023-54213 | N/A | USB: sisusbvga: Add endpoint checks |
Linux |
Linux |
2025-12-30T12:11:10.702Z | 2025-12-30T12:11:10.702Z |
| cve-2023-54212 | N/A | {'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'providerMetadata': {'orgId': '416baaa9-dc9f-4396-8d5f-8c081fb06d67', 'shortName': 'Linux', 'dateUpdated': '2025-12-30T13:50:44.441Z'}} | N/A | N/A | 2025-12-30T12:11:10.031Z | 2025-12-30T13:50:44.441Z |
| cve-2023-54211 | N/A | tracing: Fix warning in trace_buffered_event_disable() |
Linux |
Linux |
2025-12-30T12:11:09.356Z | 2025-12-30T12:11:09.356Z |
| cve-2023-54210 | N/A | Bluetooth: hci_sync: Avoid use-after-free in dbg for h… |
Linux |
Linux |
2025-12-30T12:11:08.682Z | 2025-12-30T12:11:08.682Z |
| cve-2023-54209 | N/A | block: fix blktrace debugfs entries leakage |
Linux |
Linux |
2025-12-30T12:11:08.027Z | 2025-12-30T12:11:08.027Z |
| cve-2023-54208 | N/A | media: ov5675: Fix memleak in ov5675_init_controls() |
Linux |
Linux |
2025-12-30T12:11:07.336Z | 2025-12-30T12:11:07.336Z |
| cve-2023-54207 | N/A | HID: uclogic: Correct devm device reference for hidinp… |
Linux |
Linux |
2025-12-30T12:11:06.643Z | 2025-12-30T12:11:06.643Z |
| cve-2023-54206 | N/A | net/sched: flower: fix filter idr initialization |
Linux |
Linux |
2025-12-30T12:11:05.945Z | 2025-12-30T12:11:05.945Z |
| cve-2023-54205 | N/A | pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_i… |
Linux |
Linux |
2025-12-30T12:11:05.295Z | 2025-12-30T12:11:05.295Z |
| cve-2023-54204 | N/A | mmc: sunplus: fix return value check of mmc_add_host() |
Linux |
Linux |
2025-12-30T12:11:04.622Z | 2025-12-30T12:11:04.622Z |
| cve-2022-50847 | N/A | drm/bridge: it6505: Initialize AUX channel in it6505_i… |
Linux |
Linux |
2025-12-30T12:11:03.949Z | 2025-12-30T12:11:03.949Z |
| cve-2022-50846 | N/A | mmc: via-sdmmc: fix return value check of mmc_add_host() |
Linux |
Linux |
2025-12-30T12:11:03.286Z | 2025-12-30T12:11:03.286Z |
| cve-2022-50845 | N/A | ext4: fix inode leak in ext4_xattr_inode_create() on a… |
Linux |
Linux |
2025-12-30T12:11:02.615Z | 2025-12-30T12:11:02.615Z |
| cve-2022-50844 | N/A | drm/amdgpu: Fix type of second parameter in odn_edit_d… |
Linux |
Linux |
2025-12-30T12:11:01.928Z | 2025-12-30T12:11:01.928Z |
| cve-2022-50843 | N/A | dm clone: Fix UAF in clone_dtr() |
Linux |
Linux |
2025-12-30T12:11:01.130Z | 2025-12-30T12:11:01.130Z |
| cve-2022-50842 | N/A | drm/virtio: Check whether transferred 2D BO is shmem |
Linux |
Linux |
2025-12-30T12:11:00.439Z | 2025-12-30T12:11:00.439Z |
| cve-2022-50841 | N/A | fs/ntfs3: Add overflow check for attribute size |
Linux |
Linux |
2025-12-30T12:10:59.743Z | 2025-12-30T12:10:59.743Z |
| cve-2022-50840 | N/A | scsi: snic: Fix possible UAF in snic_tgt_create() |
Linux |
Linux |
2025-12-30T12:10:59.066Z | 2025-12-30T12:10:59.066Z |
| cve-2022-50839 | N/A | jbd2: fix potential buffer head reference count leak |
Linux |
Linux |
2025-12-30T12:10:58.406Z | 2025-12-30T12:10:58.406Z |
| cve-2022-50838 | N/A | net: stream: purge sk_error_queue in sk_stream_kill_queues() |
Linux |
Linux |
2025-12-30T12:10:57.721Z | 2025-12-30T12:10:57.721Z |
| cve-2022-50837 | N/A | net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021… |
Linux |
Linux |
2025-12-30T12:10:57.049Z | 2025-12-30T12:10:57.049Z |
| cve-2022-50836 | N/A | remoteproc: sysmon: fix memory leak in qcom_add_sysmon… |
Linux |
Linux |
2025-12-30T12:10:56.394Z | 2025-12-30T12:10:56.394Z |
| cve-2022-50835 | N/A | jbd2: add miss release buffer head in fc_do_one_pass() |
Linux |
Linux |
2025-12-30T12:10:55.715Z | 2025-12-30T12:10:55.715Z |
| cve-2022-50834 | N/A | nfc: Fix potential resource leaks |
Linux |
Linux |
2025-12-30T12:10:55.025Z | 2025-12-30T12:10:55.025Z |
| cve-2022-50833 | N/A | Bluetooth: use hdev->workqueue when queuing hdev->{cmd… |
Linux |
Linux |
2025-12-30T12:10:54.342Z | 2025-12-30T12:10:54.342Z |
| cve-2022-50832 | N/A | wifi: wilc1000: fix potential memory leak in wilc_mac_xmit() |
Linux |
Linux |
2025-12-30T12:10:53.601Z | 2025-12-30T12:10:53.601Z |
| cve-2022-50831 | N/A | {'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'providerMetadata': {'orgId': '416baaa9-dc9f-4396-8d5f-8c081fb06d67', 'shortName': 'Linux', 'dateUpdated': '2025-12-30T13:52:29.775Z'}} | N/A | N/A | 2025-12-30T12:10:52.754Z | 2025-12-30T13:52:29.775Z |
| cve-2022-50830 | N/A | auxdisplay: hd44780: Fix potential memory leak in hd44… |
Linux |
Linux |
2025-12-30T12:10:52.099Z | 2025-12-30T12:10:52.099Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2023-54217 | N/A | Revert "drm/msm: Add missing check and destroy for all… |
Linux |
Linux |
2025-12-30T12:11:13.390Z | 2025-12-30T12:11:13.390Z |
| cve-2023-54216 | N/A | net/mlx5e: TC, Fix using eswitch mapping in nic mode |
Linux |
Linux |
2025-12-30T12:11:12.730Z | 2025-12-30T12:11:12.730Z |
| cve-2023-54215 | N/A | virtio-vdpa: Fix cpumask memory leak in virtio_vdpa_fi… |
Linux |
Linux |
2025-12-30T12:11:12.063Z | 2025-12-30T12:11:12.063Z |
| cve-2023-54214 | N/A | Bluetooth: L2CAP: Fix potential user-after-free |
Linux |
Linux |
2025-12-30T12:11:11.383Z | 2025-12-30T12:11:11.383Z |
| cve-2023-54213 | N/A | USB: sisusbvga: Add endpoint checks |
Linux |
Linux |
2025-12-30T12:11:10.702Z | 2025-12-30T12:11:10.702Z |
| cve-2023-54212 | N/A | {'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'providerMetadata': {'orgId': '416baaa9-dc9f-4396-8d5f-8c081fb06d67', 'shortName': 'Linux', 'dateUpdated': '2025-12-30T13:50:44.441Z'}} | N/A | N/A | 2025-12-30T12:11:10.031Z | 2025-12-30T13:50:44.441Z |
| cve-2023-54211 | N/A | tracing: Fix warning in trace_buffered_event_disable() |
Linux |
Linux |
2025-12-30T12:11:09.356Z | 2025-12-30T12:11:09.356Z |
| cve-2023-54210 | N/A | Bluetooth: hci_sync: Avoid use-after-free in dbg for h… |
Linux |
Linux |
2025-12-30T12:11:08.682Z | 2025-12-30T12:11:08.682Z |
| cve-2023-54209 | N/A | block: fix blktrace debugfs entries leakage |
Linux |
Linux |
2025-12-30T12:11:08.027Z | 2025-12-30T12:11:08.027Z |
| cve-2023-54208 | N/A | media: ov5675: Fix memleak in ov5675_init_controls() |
Linux |
Linux |
2025-12-30T12:11:07.336Z | 2025-12-30T12:11:07.336Z |
| cve-2023-54207 | N/A | HID: uclogic: Correct devm device reference for hidinp… |
Linux |
Linux |
2025-12-30T12:11:06.643Z | 2025-12-30T12:11:06.643Z |
| cve-2023-54206 | N/A | net/sched: flower: fix filter idr initialization |
Linux |
Linux |
2025-12-30T12:11:05.945Z | 2025-12-30T12:11:05.945Z |
| cve-2023-54205 | N/A | pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_i… |
Linux |
Linux |
2025-12-30T12:11:05.295Z | 2025-12-30T12:11:05.295Z |
| cve-2023-54204 | N/A | mmc: sunplus: fix return value check of mmc_add_host() |
Linux |
Linux |
2025-12-30T12:11:04.622Z | 2025-12-30T12:11:04.622Z |
| cve-2023-54203 | N/A | ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr |
Linux |
Linux |
2025-12-30T12:09:07.538Z | 2025-12-30T12:09:07.538Z |
| cve-2023-54202 | N/A | drm/i915: fix race condition UAF in i915_perf_add_conf… |
Linux |
Linux |
2025-12-30T12:09:06.872Z | 2025-12-30T12:09:06.872Z |
| cve-2023-54201 | N/A | RDMA/efa: Fix wrong resources deallocation order |
Linux |
Linux |
2025-12-30T12:09:06.211Z | 2025-12-30T12:09:06.211Z |
| cve-2023-54200 | N/A | netfilter: nf_tables: always release netdev hooks from… |
Linux |
Linux |
2025-12-30T12:09:05.538Z | 2025-12-30T12:09:05.538Z |
| cve-2023-54199 | N/A | drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup() |
Linux |
Linux |
2025-12-30T12:09:04.886Z | 2025-12-30T12:09:04.886Z |
| cve-2023-54198 | N/A | tty: fix out-of-bounds access in tty_driver_lookup_tty() |
Linux |
Linux |
2025-12-30T12:09:04.229Z | 2025-12-30T12:09:04.229Z |
| cve-2023-54197 | N/A | Revert "Bluetooth: btsdio: fix use after free bug in b… |
Linux |
Linux |
2025-12-30T12:09:03.472Z | 2025-12-30T12:09:03.472Z |
| cve-2023-54196 | N/A | fs/ntfs3: Fix NULL pointer dereference in 'ni_write_inode' |
Linux |
Linux |
2025-12-30T12:09:02.801Z | 2025-12-30T12:09:02.801Z |
| cve-2023-54195 | N/A | rxrpc: Fix timeout of a call that hasn't yet been gran… |
Linux |
Linux |
2025-12-30T12:09:02.123Z | 2025-12-30T12:09:02.123Z |
| cve-2023-54194 | N/A | exfat: use kvmalloc_array/kvfree instead of kmalloc_ar… |
Linux |
Linux |
2025-12-30T12:09:01.436Z | 2025-12-30T12:09:01.436Z |
| cve-2023-54193 | N/A | net/sched: cls_api: remove block_cb from driver_list b… |
Linux |
Linux |
2025-12-30T12:09:00.738Z | 2025-12-30T12:09:00.738Z |
| cve-2023-54192 | N/A | f2fs: fix null pointer panic in tracepoint in __replac… |
Linux |
Linux |
2025-12-30T12:08:59.989Z | 2025-12-30T12:08:59.989Z |
| cve-2023-54191 | N/A | wifi: mt76: mt7996: fix memory leak in mt7996_mcu_exit |
Linux |
Linux |
2025-12-30T12:08:59.304Z | 2025-12-30T12:08:59.304Z |
| cve-2023-54190 | N/A | leds: led-core: Fix refcount leak in of_led_get() |
Linux |
Linux |
2025-12-30T12:08:58.605Z | 2025-12-30T12:08:58.605Z |
| cve-2023-54189 | N/A | pstore/ram: Add check for kstrdup |
Linux |
Linux |
2025-12-30T12:08:57.915Z | 2025-12-30T12:08:57.915Z |
| cve-2023-54188 | N/A | dmaengine: apple-admac: Fix 'current_tx' not getting freed |
Linux |
Linux |
2025-12-30T12:08:57.226Z | 2025-12-30T12:08:57.226Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192560 | Malicious code in kashif-mallah-fca (npm) | 2025-12-12T06:36:00Z | 2025-12-22T21:38:11Z |
| mal-2025-192559 | Malicious code in iraza2-fca (npm) | 2025-12-12T06:35:59Z | 2025-12-22T21:38:11Z |
| mal-2025-192567 | Malicious code in uba-plugins (npm) | 2025-12-12T06:34:06Z | 2025-12-22T21:38:14Z |
| mal-2025-192563 | Malicious code in sd-pay-ts (npm) | 2025-12-12T06:34:06Z | 2025-12-24T10:09:30Z |
| mal-2025-192562 | Malicious code in sd-pay (npm) | 2025-12-12T06:34:06Z | 2025-12-24T10:09:30Z |
| mal-2025-192561 | Malicious code in pp-js-lib (npm) | 2025-12-12T06:34:06Z | 2025-12-22T21:38:13Z |
| mal-2025-192558 | Malicious code in eslint-config-zoo (npm) | 2025-12-12T06:34:06Z | 2025-12-22T21:38:10Z |
| mal-2025-192556 | Malicious code in cms_comp_static (npm) | 2025-12-12T06:34:06Z | 2025-12-22T21:38:10Z |
| mal-2025-192555 | Malicious code in cms_comp (npm) | 2025-12-12T06:34:06Z | 2025-12-23T16:10:05Z |
| mal-2025-192554 | Malicious code in camscanner-seo (npm) | 2025-12-12T06:34:06Z | 2025-12-23T16:10:05Z |
| mal-2025-192565 | Malicious code in sdbao-content-sems (npm) | 2025-12-12T06:34:05Z | 2025-12-24T10:09:30Z |
| mal-2025-192564 | Malicious code in sdbao-content-report (npm) | 2025-12-12T06:34:05Z | 2025-12-24T10:09:30Z |
| mal-2025-192557 | Malicious code in cos-js-sdk-v6 (npm) | 2025-12-12T06:34:05Z | 2025-12-23T16:45:00Z |
| mal-2025-192553 | Malicious code in abrhide (npm) | 2025-12-12T06:31:55Z | 2025-12-23T15:41:17Z |
| mal-2025-192566 | Malicious code in shopify-monorail (npm) | 2025-12-12T06:31:00Z | 2025-12-24T10:09:30Z |
| mal-2025-192552 | Malicious code in hfruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-22T21:38:11Z |
| mal-2025-192551 | Malicious code in gfruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-22T21:38:11Z |
| mal-2025-192550 | Malicious code in fruit-malicious-xml-parser (npm) | 2025-12-12T02:25:26Z | 2025-12-22T21:38:11Z |
| mal-2025-192549 | Malicious code in ffruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-22T21:38:11Z |
| mal-2025-192548 | Malicious code in efruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-22T21:38:10Z |
| mal-2025-192547 | Malicious code in dfruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-22T21:38:10Z |
| mal-2025-192546 | Malicious code in cfruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-22T21:38:10Z |
| mal-2025-192545 | Malicious code in bfruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-22T21:38:09Z |
| mal-2025-192544 | Malicious code in afruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-22T21:38:09Z |
| mal-2025-192540 | Malicious code in elf-stats-twinkling-wishlist-283 (npm) | 2025-12-11T19:46:09Z | 2025-12-23T22:09:11Z |
| mal-2025-192539 | Malicious code in elf-stats-twinkling-bell-867 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192538 | Malicious code in elf-stats-tinsel-sleigh-669 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192537 | Malicious code in elf-stats-tinsel-cookiejar-315 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192536 | Malicious code in elf-stats-sugarplum-wishlist-141 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192535 | Malicious code in elf-stats-sugarplum-toolkit-176 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:18183 | Red Hat Security Advisory: libsoup3 security update | 2025-10-15T20:35:08+00:00 | 2025-11-27T17:36:57+00:00 |
| rhsa-2025:18151 | Red Hat Security Advisory: .NET 9.0 security update | 2025-10-15T16:57:02+00:00 | 2025-11-27T11:15:32+00:00 |
| rhsa-2025:18155 | Red Hat Security Advisory: firefox security update | 2025-10-15T16:41:57+00:00 | 2025-11-21T19:29:04+00:00 |
| rhsa-2025:18150 | Red Hat Security Advisory: .NET 9.0 security update | 2025-10-15T16:34:50+00:00 | 2025-11-27T11:15:30+00:00 |
| rhsa-2025:18153 | Red Hat Security Advisory: .NET 9.0 security update | 2025-10-15T16:33:56+00:00 | 2025-11-27T11:15:33+00:00 |
| rhsa-2025:18152 | Red Hat Security Advisory: .NET 8.0 security update | 2025-10-15T16:18:27+00:00 | 2025-11-27T11:15:32+00:00 |
| rhsa-2025:18149 | Red Hat Security Advisory: .NET 8.0 security update | 2025-10-15T16:16:39+00:00 | 2025-11-27T11:15:29+00:00 |
| rhsa-2025:18154 | Red Hat Security Advisory: firefox security update | 2025-10-15T16:00:06+00:00 | 2025-11-21T19:29:03+00:00 |
| rhsa-2025:18148 | Red Hat Security Advisory: .NET 8.0 security update | 2025-10-15T15:58:41+00:00 | 2025-11-27T11:15:28+00:00 |
| rhsa-2025:18070 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-10-15T14:16:26+00:00 | 2025-11-21T19:28:58+00:00 |
| rhsa-2025:17657 | Red Hat Security Advisory: OpenShift Container Platform 4.18.26 bug fix and security update | 2025-10-15T14:07:50+00:00 | 2025-11-29T06:53:14+00:00 |
| rhsa-2025:18097 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-10-15T11:46:25+00:00 | 2025-11-21T19:28:59+00:00 |
| rhsa-2025:18098 | Red Hat Security Advisory: kernel-rt security update | 2025-10-15T11:39:50+00:00 | 2025-11-21T19:29:01+00:00 |
| rhsa-2025:18093 | Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.1 security update | 2025-10-15T10:27:05+00:00 | 2025-11-21T19:38:46+00:00 |
| rhsa-2025:18076 | Red Hat Security Advisory: Red Hat Build of Apache Camel 4.10 for Quarkus 3.20 update is now available (RHBQ 3.20.3.GA) | 2025-10-15T09:14:18+00:00 | 2025-11-25T03:03:02+00:00 |
| rhsa-2025:17690 | Red Hat Security Advisory: OpenShift Container Platform 4.16.50 bug fix and security update | 2025-10-15T07:45:25+00:00 | 2025-11-29T06:53:17+00:00 |
| rhsa-2025:18054 | Red Hat Security Advisory: kernel security update | 2025-10-15T07:08:30+00:00 | 2025-11-21T19:28:57+00:00 |
| rhsa-2025:18043 | Red Hat Security Advisory: kernel security update | 2025-10-15T00:31:48+00:00 | 2025-11-21T19:28:57+00:00 |
| rhsa-2025:18028 | Red Hat Security Advisory: Red Hat Build of Apache Camel 4.10.7 for Spring Boot release. | 2025-10-14T17:59:03+00:00 | 2025-11-26T21:26:15+00:00 |
| rhsa-2025:17563 | Red Hat Security Advisory: Red Hat build of Quarkus 3.20.3 release and security update | 2025-10-14T13:01:32+00:00 | 2025-11-25T03:03:52+00:00 |
| rhsa-2025:17958 | Red Hat Security Advisory: kernel security update | 2025-10-14T08:39:21+00:00 | 2025-11-26T18:17:24+00:00 |
| rhsa-2025:17913 | Red Hat Security Advisory: vim security update | 2025-10-14T05:32:21+00:00 | 2025-11-24T21:04:18+00:00 |
| rhsa-2025:17896 | Red Hat Security Advisory: kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_134_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 security update | 2025-10-14T00:35:21+00:00 | 2025-11-21T19:28:56+00:00 |
| rhsa-2025:17807 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-10-13T18:21:40+00:00 | 2025-11-21T19:28:53+00:00 |
| rhsa-2025:17812 | Red Hat Security Advisory: kernel-rt security update | 2025-10-13T18:15:30+00:00 | 2025-11-21T19:28:53+00:00 |
| rhsa-2025:17802 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-10-13T13:24:14+00:00 | 2025-11-21T19:28:52+00:00 |
| rhsa-2025:17797 | Red Hat Security Advisory: kernel security update | 2025-10-13T11:51:59+00:00 | 2025-11-21T19:28:51+00:00 |
| rhsa-2025:17776 | Red Hat Security Advisory: kernel security update | 2025-10-13T09:10:44+00:00 | 2025-11-26T16:45:12+00:00 |
| rhsa-2025:17760 | Red Hat Security Advisory: kernel security update | 2025-10-13T04:28:03+00:00 | 2025-11-25T21:27:20+00:00 |
| rhsa-2025:17742 | Red Hat Security Advisory: vim security update | 2025-10-13T02:18:48+00:00 | 2025-11-24T21:04:17+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-8677 | Resource exhaustion via malformed DNSKEY handling | 2025-10-02T00:00:00.000Z | 2025-11-25T01:38:30.000Z |
| msrc_cve-2025-8291 | ZIP64 End of Central Directory (EOCD) Locator record offset not checked | 2025-10-02T00:00:00.000Z | 2025-10-10T01:02:05.000Z |
| msrc_cve-2025-62813 | LZ4 through 1.10.0 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact when the application processes untrusted LZ4 frames. For example, LZ4F_createCDict_advanced in lib/lz4frame.c mishandles NULL checks. | 2025-10-02T00:00:00.000Z | 2025-10-24T01:02:42.000Z |
| msrc_cve-2025-62518 | astral-tokio-tar Vulnerable to PAX Header Desynchronization | 2025-10-02T00:00:00.000Z | 2025-10-25T14:01:53.000Z |
| msrc_cve-2025-62231 | Xorg: xmayland: value overflow in xkbsetcompatmap() | 2025-10-02T00:00:00.000Z | 2025-12-24T01:02:28.000Z |
| msrc_cve-2025-62230 | Xorg: xwayland: use-after-free in xkb client resource removal | 2025-10-02T00:00:00.000Z | 2025-12-24T01:02:33.000Z |
| msrc_cve-2025-62229 | Xorg: xmayland: use-after-free in xpresentnotify structure creation | 2025-10-02T00:00:00.000Z | 2025-12-24T01:02:23.000Z |
| msrc_cve-2025-62168 | Squid vulnerable to information disclosure via authentication credential leakage in error handling | 2025-10-02T00:00:00.000Z | 2025-10-19T01:01:13.000Z |
| msrc_cve-2025-61985 | ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used. | 2025-10-02T00:00:00.000Z | 2025-10-08T01:02:00.000Z |
| msrc_cve-2025-61984 | ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.) | 2025-10-02T00:00:00.000Z | 2025-10-08T01:02:05.000Z |
| msrc_cve-2025-61725 | Excessive CPU consumption in ParseAddress in net/mail | 2025-10-02T00:00:00.000Z | 2025-12-13T01:37:56.000Z |
| msrc_cve-2025-61724 | Excessive CPU consumption in Reader.ReadResponse in net/textproto | 2025-10-02T00:00:00.000Z | 2025-12-13T01:37:27.000Z |
| msrc_cve-2025-61723 | Quadratic complexity when parsing some invalid inputs in encoding/pem | 2025-10-02T00:00:00.000Z | 2025-12-13T01:37:37.000Z |
| msrc_cve-2025-61107 | FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LSA Update packet. | 2025-10-02T00:00:00.000Z | 2025-10-31T01:11:07.000Z |
| msrc_cve-2025-61106 | FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. | 2025-10-02T00:00:00.000Z | 2025-10-31T01:10:59.000Z |
| msrc_cve-2025-61105 | FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_link_info function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. | 2025-10-02T00:00:00.000Z | 2025-10-31T01:11:21.000Z |
| msrc_cve-2025-61104 | FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_unknown_tlv function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. | 2025-10-02T00:00:00.000Z | 2025-11-02T01:02:44.000Z |
| msrc_cve-2025-61103 | FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_lan_adj_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. | 2025-10-02T00:00:00.000Z | 2025-10-31T01:10:51.000Z |
| msrc_cve-2025-61102 | FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_adj_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. | 2025-10-02T00:00:00.000Z | 2025-10-31T01:11:15.000Z |
| msrc_cve-2025-61101 | FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_rmt_itf_addr function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. | 2025-10-02T00:00:00.000Z | 2025-11-02T01:02:28.000Z |
| msrc_cve-2025-61100 | FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospf_opaque_lsa_dump function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) under specific malformed LSA conditions. | 2025-10-02T00:00:00.000Z | 2025-11-02T01:02:36.000Z |
| msrc_cve-2025-61099 | FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaque_info_detail function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LS Update packet. | 2025-10-02T00:00:00.000Z | 2025-11-05T01:01:58.000Z |
| msrc_cve-2025-6075 | Quadratic complexity in os.path.expandvars() with user-controlled template | 2025-10-02T00:00:00.000Z | 2025-12-07T01:46:03.000Z |
| msrc_cve-2025-59530 | quic-go has Client Crash Due to Premature HANDSHAKE_DONE Frame | 2025-10-02T00:00:00.000Z | 2025-10-25T14:01:47.000Z |
| msrc_cve-2025-58189 | ALPN negotiation error contains attacker controlled information in crypto/tls | 2025-10-02T00:00:00.000Z | 2025-10-31T01:09:20.000Z |
| msrc_cve-2025-58188 | Panic when validating certificates with DSA public keys in crypto/x509 | 2025-10-02T00:00:00.000Z | 2025-12-13T01:37:47.000Z |
| msrc_cve-2025-58187 | Quadratic complexity when checking name constraints in crypto/x509 | 2025-10-02T00:00:00.000Z | 2025-12-13T01:37:32.000Z |
| msrc_cve-2025-58186 | Lack of limit when parsing cookies can cause memory exhaustion in net/http | 2025-10-02T00:00:00.000Z | 2025-12-13T01:37:22.000Z |
| msrc_cve-2025-58185 | Parsing DER payload can cause memory exhaustion in encoding/asn1 | 2025-10-02T00:00:00.000Z | 2025-12-13T01:37:42.000Z |
| msrc_cve-2025-58183 | Unbounded allocation when parsing GNU sparse map in archive/tar | 2025-10-02T00:00:00.000Z | 2025-12-13T01:37:17.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2023-002002 | Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS) | 2023-06-01T13:48+09:00 | 2024-03-19T18:13+09:00 |
| jvndb-2023-000058 | Pleasanter vulnerable to cross-site scripting | 2023-05-31T15:34+09:00 | 2024-03-19T18:17+09:00 |
| jvndb-2023-000052 | DataSpider Servista uses a hard-coded cryptographic key | 2023-05-31T15:34+09:00 | 2024-03-19T17:44+09:00 |
| jvndb-2023-000056 | Starlette vulnerable to directory traversal | 2023-05-30T13:34+09:00 | 2024-03-19T18:08+09:00 |
| jvndb-2023-000055 | ESS REC Agent Server Edition for Linux etc. vulnerable to directory traversal | 2023-05-26T13:58+09:00 | 2024-03-21T17:15+09:00 |
| jvndb-2023-000054 | Wacom Tablet Driver installer for macOS vulnerable to improper link resolution before file access | 2023-05-25T13:40+09:00 | 2023-05-25T13:40+09:00 |
| jvndb-2023-001926 | Cross-site Scripting Vulnerability in Hitachi Ops Center Analyzer | 2023-05-24T11:40+09:00 | 2024-05-24T17:01+09:00 |
| jvndb-2023-000053 | Tornado vulnerable to open redirect | 2023-05-22T13:30+09:00 | 2024-03-21T17:05+09:00 |
| jvndb-2023-001894 | Android App "Brother iPrint&Scan" vulnerable to improper access control | 2023-05-19T15:40+09:00 | 2023-05-19T15:40+09:00 |
| jvndb-2023-000051 | Multiple vulnerabilities in T&D and ESPEC MIC data logger products | 2023-05-19T15:21+09:00 | 2024-05-23T17:03+09:00 |
| jvndb-2023-000026 | Qrio Smart Lock Q-SL2 vulnerable to authentication bypass by capture-replay | 2023-05-18T14:13+09:00 | 2024-05-23T17:18+09:00 |
| jvndb-2023-001852 | OS command injection vulnerability in Inaba Denki Sangyo Wi-Fi AP UNIT | 2023-05-17T15:09+09:00 | 2023-05-17T15:09+09:00 |
| jvndb-2023-000050 | Multiple vulnerabilities in WordPress Plugin "MW WP Form" and "Snow Monkey Forms" | 2023-05-15T14:29+09:00 | 2024-05-29T16:27+09:00 |
| jvndb-2023-000049 | Multiple vulnerabilities in Cybozu Garoon | 2023-05-15T14:29+09:00 | 2024-05-24T15:26+09:00 |
| jvndb-2023-000047 | Beekeeper Studio vulnerable to code injection | 2023-05-12T16:42+09:00 | 2024-05-24T16:17+09:00 |
| jvndb-2023-000043 | Multiple vulnerabilities in MicroEngine Mailform | 2023-05-10T13:57+09:00 | 2024-05-24T17:07+09:00 |
| jvndb-2023-001774 | Multiple vulnerabilities in SolarView Compact | 2023-05-09T16:09+09:00 | 2024-06-27T13:30+09:00 |
| jvndb-2023-000045 | WordPress Plugin "VK Blocks" and "VK All in One Expansion Unit" vulnerable to cross-site scripting | 2023-05-09T15:14+09:00 | 2024-05-24T17:05+09:00 |
| jvndb-2023-000042 | WordPress Plugin "Newsletter" vulnerable to cross-site scripting | 2023-05-09T14:42+09:00 | 2024-06-13T16:14+09:00 |
| jvndb-2023-000046 | SR-7100VN vulnerable to privilege escalation | 2023-05-09T13:58+09:00 | 2024-05-24T16:13+09:00 |
| jvndb-2023-000041 | LINE WORKS Drive Explorer vulnerable to code injection | 2023-05-08T15:16+09:00 | 2024-05-23T17:03+09:00 |
| jvndb-2023-000044 | JINS MEME CORE uses a hard-coded cryptographic key | 2023-05-08T15:13+09:00 | 2024-06-13T16:19+09:00 |
| jvndb-2023-001639 | Heap-based buffer overflow vulnerability in OMRON CX-Drive | 2023-04-25T14:31+09:00 | 2024-05-27T18:11+09:00 |
| jvndb-2023-000040 | WordPress Plugin "Appointment and Event Booking Calendar for WordPress - Amelia" vulnerable to cross-site scripting | 2023-04-24T13:41+09:00 | 2024-05-28T16:59+09:00 |
| jvndb-2023-000035 | Improper restriction of XML external entity references (XXE) in Shinseiyo Sogo Soft | 2023-04-19T14:49+09:00 | 2024-05-29T16:58+09:00 |
| jvndb-2023-000039 | WordPress plugin "LIQUID SPEECH BALLOON" vulnerable to cross-site request forgery | 2023-04-19T14:24+09:00 | 2024-05-28T16:56+09:00 |
| jvndb-2023-000038 | EC-CUBE plugin "NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series)" vulnerable to authentication bypass | 2023-04-19T14:06+09:00 | 2024-05-30T15:11+09:00 |
| jvndb-2023-001534 | Security Issues in FINS protocol | 2023-04-18T13:58+09:00 | 2024-05-23T17:35+09:00 |
| jvndb-2023-000037 | Joruri Gw vulnerable to cross-site scripting | 2023-04-17T14:19+09:00 | 2024-05-30T16:19+09:00 |
| jvndb-2023-000036 | API server of TONE Family vulnerable to authentication bypass using an alternate path | 2023-04-17T14:04+09:00 | 2023-04-17T14:04+09:00 |
| ID | Description | Updated |
|---|