Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-55qw-5v38-gj45 | A buffer overflow vulnerability has been reported to affect License Center. If a remote attacker ga… | 2026-01-02T18:30:30Z | 2026-01-02T18:30:30Z |
| ghsa-cm78-px7f-5m69 | A buffer overflow vulnerability has been reported to affect several QNAP operating system versions.… | 2026-01-02T18:30:29Z | 2026-01-02T18:30:29Z |
| ghsa-98j3-hjh2-q3pv | An out-of-bounds read vulnerability has been reported to affect License Center. If a remote attacke… | 2026-01-02T18:30:29Z | 2026-01-02T18:30:29Z |
| ghsa-92w4-hf76-4gwf | An improper control of generation of code vulnerability has been reported to affect Malware Remover… | 2026-01-02T18:30:28Z | 2026-01-02T18:30:28Z |
| ghsa-xwhh-qff2-j7fx | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:31Z | 2026-01-02T15:30:31Z |
| ghsa-xmww-pq7x-5g2c | An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versi… | 2026-01-02T15:30:31Z | 2026-01-02T15:30:31Z |
| ghsa-xj99-2m32-jhvv | An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versi… | 2026-01-02T15:30:31Z | 2026-01-02T15:30:31Z |
| ghsa-wmhh-c8hm-26vq | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:31Z | 2026-01-02T15:30:31Z |
| ghsa-vj5w-qq78-7xg8 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:31Z | 2026-01-02T15:30:31Z |
| ghsa-qrcf-84cj-mgmg | An allocation of resources without limits or throttling vulnerability has been reported to affect s… | 2026-01-02T15:30:31Z | 2026-01-02T15:30:31Z |
| ghsa-qhch-48gg-2f55 | A buffer overflow vulnerability has been reported to affect several QNAP operating system versions.… | 2026-01-02T15:30:31Z | 2026-01-02T15:30:31Z |
| ghsa-p666-ch8g-wp7w | A use of externally-controlled format string vulnerability has been reported to affect several QNAP… | 2026-01-02T15:30:31Z | 2026-01-02T15:30:31Z |
| ghsa-mwv4-qf7c-vfg5 | A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie. The remote attacker… | 2026-01-02T15:30:31Z | 2026-01-02T15:30:31Z |
| ghsa-m9jj-wqc5-fm74 | An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versi… | 2026-01-02T15:30:31Z | 2026-01-02T15:30:31Z |
| ghsa-jjfc-5g72-6w7r | SQL injection in gosaliajainam/online-movie-booking 5.5 in movie_details.php allows attackers to ga… | 2026-01-02T15:30:31Z | 2026-01-02T15:30:31Z |
| ghsa-fpf9-544w-86x7 | A buffer overflow vulnerability has been reported to affect several QNAP operating system versions.… | 2026-01-02T15:30:31Z | 2026-01-02T15:30:31Z |
| ghsa-57jg-xfph-7vqg | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:31Z | 2026-01-02T15:30:31Z |
| ghsa-4cjq-q46g-r27r | A buffer overflow vulnerability has been reported to affect several QNAP operating system versions.… | 2026-01-02T15:30:31Z | 2026-01-02T15:30:31Z |
| ghsa-38g5-822j-7rr9 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:31Z | 2026-01-02T15:30:31Z |
| ghsa-x2j2-pg6r-pp2q | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:30Z | 2026-01-02T15:30:31Z |
| ghsa-wxwx-rghm-5hm2 | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:30Z | 2026-01-02T15:30:30Z |
| ghsa-pfp4-c2jf-cxcx | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:30Z | 2026-01-02T15:30:30Z |
| ghsa-h65r-fq24-hw5g | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:30Z | 2026-01-02T15:30:30Z |
| ghsa-2m4f-hqj2-29hr | A buffer overflow vulnerability has been reported to affect several QNAP operating system versions.… | 2026-01-02T15:30:30Z | 2026-01-02T15:30:30Z |
| ghsa-xpcp-7r7v-4mfm | An allocation of resources without limits or throttling vulnerability has been reported to affect s… | 2026-01-02T15:30:29Z | 2026-01-02T15:30:29Z |
| ghsa-p4f6-h8jj-vfvf | Duplicate Advisory: Reflected XSS in go-httpbin due to unrestricted client control over Content-Type | 2026-01-02T15:30:29Z | 2026-01-02T20:32:24Z |
| ghsa-8v28-3j53-xvq8 | A vulnerability was determined in PluXml up to 5.8.22. Affected is the function FileCookieJar::__de… | 2026-01-02T15:30:29Z | 2026-01-02T15:30:29Z |
| ghsa-84j8-5g3f-g34c | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system … | 2026-01-02T15:30:29Z | 2026-01-02T15:30:29Z |
| ghsa-w7qc-mvcj-whr5 | REDCap 14.3.13 allows an attacker to enumerate usernames due to an observable discrepancy between l… | 2026-01-02T15:30:28Z | 2026-01-02T15:30:28Z |
| ghsa-3g65-26q9-22q3 | A weakness has been identified in code-projects Content Management System 1.0. This issue affects s… | 2026-01-02T15:30:28Z | 2026-01-02T15:30:28Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2023-54166 | N/A | igc: Fix Kernel Panic during ndo_tx_timeout callback |
Linux |
Linux |
2025-12-30T12:08:41.832Z | 2025-12-30T12:08:41.832Z |
| cve-2023-54165 | N/A | zsmalloc: move LRU update from zs_map_object() to zs_m… |
Linux |
Linux |
2025-12-30T12:08:41.019Z | 2025-12-30T12:08:41.019Z |
| cve-2023-54164 | N/A | Bluetooth: ISO: fix iso_conn related locking and valid… |
Linux |
Linux |
2025-12-30T12:08:40.357Z | 2025-12-30T12:08:40.357Z |
| cve-2022-50827 | N/A | scsi: lpfc: Fix memory leak in lpfc_create_port() |
Linux |
Linux |
2025-12-30T12:08:39.669Z | 2025-12-30T12:08:39.669Z |
| cve-2022-50826 | N/A | ipu3-imgu: Fix NULL pointer dereference in imgu_subdev… |
Linux |
Linux |
2025-12-30T12:08:38.950Z | 2025-12-30T12:08:38.950Z |
| cve-2022-50825 | N/A | usb: typec: wusb3801: fix fwnode refcount leak in wusb… |
Linux |
Linux |
2025-12-30T12:08:38.249Z | 2025-12-30T12:08:38.249Z |
| cve-2022-50824 | N/A | tpm: tpm_tis: Add the missed acpi_put_table() to fix m… |
Linux |
Linux |
2025-12-30T12:08:37.580Z | 2025-12-30T12:08:37.580Z |
| cve-2022-50823 | N/A | clk: tegra: Fix refcount leak in tegra114_clock_init |
Linux |
Linux |
2025-12-30T12:08:36.911Z | 2025-12-30T12:08:36.911Z |
| cve-2022-50822 | N/A | RDMA/restrack: Release MR restrack when delete |
Linux |
Linux |
2025-12-30T12:08:36.228Z | 2025-12-30T12:08:36.228Z |
| cve-2022-50821 | N/A | SUNRPC: Don't leak netobj memory when gss_read_proxy_v… |
Linux |
Linux |
2025-12-30T12:08:35.564Z | 2025-12-30T12:08:35.564Z |
| cve-2022-50820 | N/A | perf/arm_dmc620: Fix hotplug callback leak in dmc620_p… |
Linux |
Linux |
2025-12-30T12:08:34.894Z | 2025-12-30T12:08:34.894Z |
| cve-2022-50819 | N/A | udmabuf: Set ubuf->sg = NULL if the creation of sg tab… |
Linux |
Linux |
2025-12-30T12:08:34.225Z | 2026-01-02T15:04:50.111Z |
| cve-2022-50818 | N/A | scsi: pm8001: Fix running_req for internal abort commands |
Linux |
Linux |
2025-12-30T12:08:33.548Z | 2025-12-30T12:08:33.548Z |
| cve-2022-50817 | N/A | net: hsr: avoid possible NULL deref in skb_clone() |
Linux |
Linux |
2025-12-30T12:08:32.866Z | 2025-12-30T12:08:32.866Z |
| cve-2022-50816 | N/A | ipv6: ensure sane device mtu in tunnels |
Linux |
Linux |
2025-12-30T12:08:32.215Z | 2025-12-30T12:08:32.215Z |
| cve-2022-50815 | N/A | ext2: Add sanity checks for group and filesystem size |
Linux |
Linux |
2025-12-30T12:08:31.554Z | 2026-01-02T15:04:48.762Z |
| cve-2022-50814 | N/A | crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr |
Linux |
Linux |
2025-12-30T12:08:30.862Z | 2025-12-30T12:08:30.862Z |
| cve-2022-50813 | N/A | drivers: mcb: fix resource leak in mcb_probe() |
Linux |
Linux |
2025-12-30T12:08:30.164Z | 2025-12-30T12:08:30.164Z |
| cve-2022-50812 | N/A | security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc o… |
Linux |
Linux |
2025-12-30T12:08:29.434Z | 2026-01-02T15:04:47.424Z |
| cve-2022-50811 | N/A | erofs: fix missing unmap if z_erofs_get_extent_compres… |
Linux |
Linux |
2025-12-30T12:08:28.719Z | 2025-12-30T12:08:28.719Z |
| cve-2022-50810 | N/A | rapidio: devices: fix missing put_device in mport_cdev_open |
Linux |
Linux |
2025-12-30T12:08:27.924Z | 2025-12-30T12:08:27.924Z |
| cve-2022-50809 | N/A | xhci: dbc: Fix memory leak in xhci_alloc_dbc() |
Linux |
Linux |
2025-12-30T12:08:27.242Z | 2025-12-30T12:08:27.242Z |
| cve-2023-54162 | N/A | ksmbd: fix possible memory leak in smb2_lock() |
Linux |
Linux |
2025-12-30T12:03:23.583Z | 2025-12-30T12:03:23.583Z |
| cve-2022-50786 | N/A | media: s5p-mfc: Clear workbit to handle error condition |
Linux |
Linux |
2025-12-30T12:03:22.909Z | 2025-12-30T12:03:22.909Z |
| cve-2022-50785 | N/A | fsi: occ: Prevent use after free |
Linux |
Linux |
2025-12-30T12:03:22.224Z | 2026-01-02T15:04:45.884Z |
| cve-2022-50784 | N/A | wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone |
Linux |
Linux |
2025-12-30T12:03:21.544Z | 2025-12-30T12:03:21.544Z |
| cve-2025-15247 | gmg137 snap7-rs client.rs download heap-based overflow |
gmg137 |
snap7-rs |
2025-12-30T12:02:09.529Z | 2025-12-30T12:53:26.556Z | |
| cve-2025-15246 | aizuda snail-job API FurySerializer.deserialize deseri… |
aizuda |
snail-job |
2025-12-30T11:32:09.752Z | 2025-12-30T12:54:29.358Z | |
| cve-2025-14509 | Lucky Wheel for WooCommerce – Spin a Sale <= 1.1.13 - … |
villatheme |
Lucky Wheel for WooCommerce – Spin a Sale |
2025-12-30T11:14:25.111Z | 2025-12-30T12:55:26.974Z | |
| cve-2025-15245 | D-Link DCS-850L Firmware Update Service uploadfirmware… |
D-Link |
DCS-850L |
2025-12-30T11:02:16.676Z | 2025-12-30T12:57:33.830Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-62852 | 1.2 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T15:19:40.492Z | 2026-01-02T15:19:40.492Z |
| cve-2025-62842 | 7 (v4.0) | HBS 3 Hybrid Backup Sync |
QNAP Systems Inc. |
HBS 3 Hybrid Backup Sync |
2026-01-02T15:51:40.904Z | 2026-01-02T15:51:40.904Z |
| cve-2025-62840 | 7 (v4.0) | HBS 3 Hybrid Backup Sync |
QNAP Systems Inc. |
HBS 3 Hybrid Backup Sync |
2026-01-02T15:51:34.972Z | 2026-01-02T15:51:34.972Z |
| cve-2025-59389 | 8.1 (v4.0) | Hyper Data Protector |
QNAP Systems Inc. |
Hyper Data Protector |
2026-01-02T15:51:48.998Z | 2026-01-02T19:09:42.304Z |
| cve-2025-59387 | 8.1 (v4.0) | MARS (Multi-Application Recovery Service) |
QNAP Systems Inc. |
MARS (Multi-Application Recovery Service) |
2026-01-02T15:19:30.445Z | 2026-01-02T15:19:30.445Z |
| cve-2025-59384 | 8.1 (v4.0) | Qfiling |
QNAP Systems Inc. |
Qfiling |
2026-01-02T15:19:19.626Z | 2026-01-02T15:19:19.626Z |
| cve-2025-59381 | 4.6 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T15:19:09.271Z | 2026-01-02T15:19:09.271Z |
| cve-2025-59380 | 4.6 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T15:18:56.977Z | 2026-01-02T19:10:29.579Z |
| cve-2025-53597 | 1.2 (v4.0) | License Center |
QNAP Systems Inc. |
License Center |
2026-01-02T15:18:41.520Z | 2026-01-02T19:11:27.286Z |
| cve-2025-53594 | 4.4 (v4.0) | Qfinder Pro, Qsync, QVPN |
QNAP Systems Inc. |
Qfinder Pro Mac |
2026-01-02T15:18:26.356Z | 2026-01-02T19:12:02.094Z |
| cve-2025-52871 | 1.3 (v4.0) | License Center |
QNAP Systems Inc. |
License Center |
2026-01-02T15:18:17.036Z | 2026-01-02T19:12:32.718Z |
| cve-2025-48721 | 1.2 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T15:17:38.864Z | 2026-01-02T19:13:09.727Z |
| cve-2025-11837 | 8.1 (v4.0) | Malware Remover |
QNAP Systems Inc. |
Malware Remover |
2026-01-02T15:51:28.839Z | 2026-01-02T15:51:28.839Z |
| cve-2025-65125 | N/A | SQL injection in gosaliajainam/online-movie-booki… |
n/a |
n/a |
2026-01-02T00:00:00.000Z | 2026-01-02T15:09:11.417Z |
| cve-2025-62857 | 2.2 (v4.0) | QuMagie |
QNAP Systems Inc. |
QuMagie |
2026-01-02T14:51:49.742Z | 2026-01-02T14:51:49.742Z |
| cve-2025-57705 | 4.6 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T14:57:17.408Z | 2026-01-02T19:15:26.326Z |
| cve-2025-54166 | 4.6 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T14:57:05.534Z | 2026-01-02T19:16:09.640Z |
| cve-2025-54165 | 4.6 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T14:56:54.985Z | 2026-01-02T19:16:42.072Z |
| cve-2025-54164 | 4.6 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T14:56:43.726Z | 2026-01-02T19:17:21.484Z |
| cve-2025-53596 | 1.2 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T14:56:33.274Z | 2026-01-02T14:56:33.274Z |
| cve-2025-53593 | 1.2 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T14:56:24.161Z | 2026-01-02T14:56:24.161Z |
| cve-2025-53592 | 1.3 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T14:56:13.513Z | 2026-01-02T14:56:13.513Z |
| cve-2025-53591 | 1.2 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T14:55:54.769Z | 2026-01-02T14:55:54.769Z |
| cve-2025-53590 | 1.2 (v4.0) | QTS |
QNAP Systems Inc. |
QTS |
2026-01-02T14:55:37.460Z | 2026-01-02T14:55:37.460Z |
| cve-2025-53589 | 1.2 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T14:55:11.688Z | 2026-01-02T14:55:11.688Z |
| cve-2025-53414 | 1.2 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T14:54:54.455Z | 2026-01-02T19:17:55.858Z |
| cve-2025-53405 | 1.2 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T14:54:39.877Z | 2026-01-02T19:19:33.876Z |
| cve-2025-52872 | 1.3 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T14:54:25.736Z | 2026-01-02T19:20:02.277Z |
| cve-2025-52864 | 1.3 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T14:54:14.636Z | 2026-01-02T19:21:12.711Z |
| cve-2025-52863 | 1.3 (v4.0) | QTS, QuTS hero |
QNAP Systems Inc. |
QTS |
2026-01-02T14:53:57.755Z | 2026-01-02T19:21:59.941Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192442 | Malicious code in elf-stats-ember-stockpile-448 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| mal-2025-192441 | Malicious code in elf-stats-cosy-garland-592 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| mal-2025-192440 | Malicious code in elf-stats-candystriped-snowglobe-426 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T09:25:43Z |
| mal-2025-192439 | Malicious code in asdfgh3 (npm) | 2025-12-11T01:47:51Z | 2025-12-19T16:25:53Z |
| mal-0000-amazon-inspector-f5d1f93ba15e7b1d | Malicious code in libxmljsololo3 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-f5028d4ab741d3e7 | Malicious code in tnaxmlparserctf (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-e75640235a927670 | Malicious code in libxmlfinal5 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-e42a7ca12612653a | Malicious code in elf-stats-snowy-toolkit-186 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-db451e77f6ef3f56 | Malicious code in elf-stats-cosy-garland-592 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-da6b0fa4bde75a4b | Malicious code in ofjaaah12 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-d41a78ad1712a21f | Malicious code in libxmlfinal4 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-d21d950c23b9d623 | Malicious code in libxmljs2var234 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-cc9a09f98eaaf3f0 | Malicious code in asdfgh3 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-c33a3cb237b9fefd | Malicious code in libxmlfinal3 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-b4a0e883940b56b9 | Malicious code in elf-stats-candystriped-snowglobe-426 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-b00664d7d8c2cad9 | Malicious code in libxmlfinal (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-abe2b5ed5ab13037 | Malicious code in elf-stats-sugarplum-mitten-141 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-9df88087925552af | Malicious code in shop-api-sdk (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-84120b8e19b2fbf4 | Malicious code in tnaparserxml (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-81fa56c3bae542d2 | Malicious code in elf-stats-merry-icicle-449 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-68adb1bbfa456e34 | Malicious code in libxmljsololo4 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-642d01e2e6275f09 | Malicious code in elf-stats-silvered-wishlist-243 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-6137dbf72252f12f | Malicious code in libxmlpupupu (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-5c92b90964b44e6e | Malicious code in libxmljsololo (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-53b4c7fe3473ba68 | Malicious code in libxmljs10 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-5109d6f496cd17ca | Malicious code in gs-uitk-lodash (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-3e519eb1552f6865 | Malicious code in elf-stats-sparkly-snowglobe-243 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-2d94a22bb719650f | Malicious code in libxmlussr (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-2af173f5b0f776ed | Malicious code in libxmlhere (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-0000-amazon-inspector-2884de8cbf4bfb40 | Malicious code in elf-stats-silvered-mailbag-755 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:16160 | Red Hat Security Advisory: OpenShift Container Platform 4.15.58 bug fix and security update | 2025-09-25T08:35:24+00:00 | 2025-11-29T06:53:14+00:00 |
| rhsa-2025:16161 | Red Hat Security Advisory: OpenShift Container Platform 4.15.58 security and extras update | 2025-09-25T07:53:49+00:00 | 2025-11-29T00:08:56+00:00 |
| rhsa-2025:16165 | Red Hat Security Advisory: OpenShift Container Platform 4.14.57 bug fix and security update | 2025-09-25T04:42:04+00:00 | 2025-11-29T06:53:13+00:00 |
| rhsa-2025:16166 | Red Hat Security Advisory: OpenShift Container Platform 4.14.57 security and extras update | 2025-09-25T04:00:42+00:00 | 2025-11-21T23:04:37+00:00 |
| rhsa-2025:16669 | Red Hat Security Advisory: kernel security update | 2025-09-25T00:40:46+00:00 | 2025-11-21T19:27:20+00:00 |
| rhsa-2025:16667 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.15 security update | 2025-09-25T00:09:21+00:00 | 2025-11-27T17:36:44+00:00 |
| rhsa-2025:16668 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.12 on RHEL 7 security update | 2025-09-25T00:09:06+00:00 | 2025-11-27T17:36:44+00:00 |
| rhsa-2025:16592 | Red Hat Security Advisory: cups security update | 2025-09-24T16:34:55+00:00 | 2025-11-26T15:30:26+00:00 |
| rhsa-2025:16591 | Red Hat Security Advisory: cups security update | 2025-09-24T15:50:17+00:00 | 2025-11-26T15:30:27+00:00 |
| rhsa-2025:16590 | Red Hat Security Advisory: cups security update | 2025-09-24T15:40:20+00:00 | 2025-11-26T15:30:30+00:00 |
| rhsa-2025:16595 | Red Hat Security Advisory: VolSync v0.13 security fixes and container updates | 2025-09-24T15:33:41+00:00 | 2025-11-29T06:53:11+00:00 |
| rhsa-2025:16589 | Red Hat Security Advisory: thunderbird security update | 2025-09-24T14:11:45+00:00 | 2025-11-21T19:27:12+00:00 |
| rhsa-2025:16583 | Red Hat Security Advisory: kpatch-patch-4_18_0-477_67_1, kpatch-patch-4_18_0-477_81_1, kpatch-patch-4_18_0-477_89_1, and kpatch-patch-4_18_0-477_97_1 security update | 2025-09-24T13:10:55+00:00 | 2025-11-28T17:34:04+00:00 |
| rhsa-2025:16582 | Red Hat Security Advisory: kpatch-patch-4_18_0-553_16_1, kpatch-patch-4_18_0-553_30_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, and kpatch-patch-4_18_0-553_72_1 security update | 2025-09-24T13:06:20+00:00 | 2025-11-28T17:34:03+00:00 |
| rhsa-2025:16580 | Red Hat Security Advisory: kpatch-patch-4_18_0-372_118_1, kpatch-patch-4_18_0-372_131_1, kpatch-patch-4_18_0-372_137_1, and kpatch-patch-4_18_0-372_145_1 security update | 2025-09-24T12:53:25+00:00 | 2025-11-28T17:34:05+00:00 |
| rhsa-2025:16538 | Red Hat Security Advisory: kpatch-patch-5_14_0-570_17_1 security update | 2025-09-24T00:37:28+00:00 | 2025-11-28T17:33:58+00:00 |
| rhsa-2025:16540 | Red Hat Security Advisory: kpatch-patch-5_14_0-427_31_1, kpatch-patch-5_14_0-427_44_1, kpatch-patch-5_14_0-427_55_1, kpatch-patch-5_14_0-427_68_2, and kpatch-patch-5_14_0-427_84_1 security update | 2025-09-24T00:31:03+00:00 | 2025-11-28T17:34:01+00:00 |
| rhsa-2025:16541 | Red Hat Security Advisory: kpatch-patch-5_14_0-70_112_1, kpatch-patch-5_14_0-70_121_1, kpatch-patch-5_14_0-70_124_1, and kpatch-patch-5_14_0-70_132_1 security update | 2025-09-24T00:22:33+00:00 | 2025-11-28T17:34:02+00:00 |
| rhsa-2025:16539 | Red Hat Security Advisory: kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 security update | 2025-09-24T00:22:33+00:00 | 2025-11-28T17:34:06+00:00 |
| rhsa-2025:16514 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Container Release Update | 2025-09-23T21:34:31+00:00 | 2025-11-21T19:27:05+00:00 |
| rhsa-2025:16535 | Red Hat Security Advisory: OpenShift Container Platform 4.19 ztp-site-generate container | 2025-09-23T21:08:55+00:00 | 2025-11-21T23:04:40+00:00 |
| rhsa-2025:16534 | Red Hat Security Advisory: OpenShift Container Platform 4.12 ztp-site-generate container | 2025-09-23T21:08:07+00:00 | 2025-11-29T00:08:57+00:00 |
| rhsa-2025:16530 | Red Hat Security Advisory: OpenShift Container Platform 4.18 ztp-site-generate container | 2025-09-23T21:00:41+00:00 | 2025-11-29T00:09:00+00:00 |
| rhsa-2025:16529 | Red Hat Security Advisory: OpenShift Container Platform 4.17 ztp-site-generate container | 2025-09-23T20:50:52+00:00 | 2025-11-29T00:08:56+00:00 |
| rhsa-2025:16527 | Red Hat Security Advisory: OpenShift Container Platform 4.16 ztp-site-generate container | 2025-09-23T20:37:14+00:00 | 2025-11-29T00:08:56+00:00 |
| rhsa-2025:16526 | Red Hat Security Advisory: OpenShift Container Platform 4.14 ztp-site-generate container | 2025-09-23T19:55:07+00:00 | 2025-11-29T00:08:56+00:00 |
| rhsa-2025:16524 | Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage | 2025-09-23T19:28:34+00:00 | 2025-11-25T10:22:49+00:00 |
| rhsa-2025:16515 | Red Hat Security Advisory: container-tools:rhel8 security update | 2025-09-23T18:32:48+00:00 | 2025-11-21T19:27:07+00:00 |
| rhsa-2025:16487 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update | 2025-09-23T18:04:58+00:00 | 2025-11-21T19:27:05+00:00 |
| rhsa-2025:16488 | Red Hat Security Advisory: podman security update | 2025-09-23T16:48:17+00:00 | 2025-11-21T19:27:05+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-39952 | wifi: wilc1000: avoid buffer overflow in WID string configuration | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:53.000Z |
| msrc_cve-2025-39951 | um: virtio_uml: Fix use-after-free after put_device in probe | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:32.000Z |
| msrc_cve-2025-39949 | qed: Don't collect too many protection override GRC elements | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:48.000Z |
| msrc_cve-2025-39947 | net/mlx5e: Harden uplink netdev access against device unbind | 2025-10-02T00:00:00.000Z | 2025-10-05T01:03:29.000Z |
| msrc_cve-2025-39946 | tls: make sure to abort the stream if headers are bogus | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:22.000Z |
| msrc_cve-2025-39945 | cnic: Fix use-after-free bugs in cnic_delete_task | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:58.000Z |
| msrc_cve-2025-39944 | octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() | 2025-10-02T00:00:00.000Z | 2025-10-05T01:03:24.000Z |
| msrc_cve-2025-39943 | ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:27.000Z |
| msrc_cve-2025-39942 | ksmbd: smbdirect: verify remaining_data_length respects max_fragmented_recv_size | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:17.000Z |
| msrc_cve-2025-39940 | dm-stripe: fix a possible integer overflow | 2025-10-02T00:00:00.000Z | 2025-12-07T01:38:08.000Z |
| msrc_cve-2025-39938 | ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:11.000Z |
| msrc_cve-2025-39937 | net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:37.000Z |
| msrc_cve-2025-39934 | drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:01.000Z |
| msrc_cve-2025-39933 | smb: client: let recv_done verify data_offset, data_length and remaining_data_length | 2025-10-02T00:00:00.000Z | 2025-10-05T01:03:08.000Z |
| msrc_cve-2025-39932 | smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work) | 2025-10-02T00:00:00.000Z | 2025-12-07T01:37:57.000Z |
| msrc_cve-2025-39931 | crypto: af_alg - Set merge to zero early in af_alg_sendmsg | 2025-10-02T00:00:00.000Z | 2025-10-05T01:03:19.000Z |
| msrc_cve-2025-39929 | smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path | 2025-10-02T00:00:00.000Z | 2025-10-05T01:02:06.000Z |
| msrc_cve-2025-39927 | ceph: fix race condition validating r_parent before applying state | 2025-10-02T00:00:00.000Z | 2025-12-12T01:01:37.000Z |
| msrc_cve-2025-39925 | can: j1939: implement NETDEV_UNREGISTER notification handler | 2025-10-02T00:00:00.000Z | 2025-12-16T01:37:16.000Z |
| msrc_cve-2025-39923 | dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:11.000Z |
| msrc_cve-2025-39920 | pcmcia: Add error handling for add_interval() in do_validate_mem() | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:50.000Z |
| msrc_cve-2025-39916 | mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters() | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:03.000Z |
| msrc_cve-2025-39914 | tracing: Silence warning when chunk allocation fails in trace_pid_write | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:27.000Z |
| msrc_cve-2025-39913 | tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:55.000Z |
| msrc_cve-2025-39911 | i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path | 2025-10-02T00:00:00.000Z | 2025-10-02T01:07:45.000Z |
| msrc_cve-2025-39910 | mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc() | 2025-10-02T00:00:00.000Z | 2025-10-02T01:06:52.000Z |
| msrc_cve-2025-39909 | mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() | 2025-10-02T00:00:00.000Z | 2025-10-02T01:06:47.000Z |
| msrc_cve-2025-39907 | mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer | 2025-10-02T00:00:00.000Z | 2025-10-02T01:08:00.000Z |
| msrc_cve-2025-39905 | net: phylink: add lock for serializing concurrent pl->phydev writes with resolver | 2025-10-02T00:00:00.000Z | 2025-12-15T14:36:33.000Z |
| msrc_cve-2025-39902 | mm/slub: avoid accessing metadata when pointer is invalid in object_err() | 2025-10-02T00:00:00.000Z | 2025-10-02T01:06:58.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2022-002143 | Information Disclosure Vulnerability in Hitachi Automation Director and Hitachi Ops Center Automator | 2022-08-01T17:10+09:00 | 2022-08-01T17:10+09:00 |
| jvndb-2022-000056 | Multiple vulnerabilities in Nintendo Wi-Fi Network Adaptor WAP-001 | 2022-07-29T13:43+09:00 | 2024-06-14T16:27+09:00 |
| jvndb-2022-000061 | "JustSystems JUST Online Update for J-License" starts a program with an unquoted file path | 2022-07-28T13:40+09:00 | 2022-07-28T13:40+09:00 |
| jvndb-2022-000060 | "Hulu" App for iOS vulnerable to improper server certificate verification | 2022-07-28T09:51+09:00 | 2024-06-14T12:25+09:00 |
| jvndb-2022-000059 | "Hulu" App for Android uses a hard-coded API key for an external service | 2022-07-28T09:14+09:00 | 2024-06-14T14:42+09:00 |
| jvndb-2022-000057 | WordPress Plugin "Newsletter" vulnerable to cross-site scripting | 2022-07-25T14:30+09:00 | 2024-06-18T11:21+09:00 |
| jvndb-2022-000058 | Multiple vulnerabilities in untangle | 2022-07-25T14:18+09:00 | 2024-06-17T11:03+09:00 |
| jvndb-2022-000055 | Booked vulnerable to open redirect | 2022-07-22T13:40+09:00 | 2024-06-14T17:43+09:00 |
| jvndb-2022-000054 | Multiple vulnerabilities in Cybozu Office | 2022-07-20T17:28+09:00 | 2024-06-14T14:02+09:00 |
| jvndb-2022-002017 | U-Boot squashfs filesystem implementation vulnerable to heap-based buffer overflow | 2022-07-14T15:59+09:00 | 2024-06-14T17:53+09:00 |
| jvndb-2022-000053 | Django Extract and Trunc functions vulnerable to SQL injection | 2022-07-12T13:47+09:00 | 2024-06-18T11:57+09:00 |
| jvndb-2022-000052 | Passage Drive vulnerable to insufficient data verification | 2022-07-08T13:42+09:00 | 2024-06-14T17:48+09:00 |
| jvndb-2022-000051 | Multiple vulnerabilities in Cybozu Garoon | 2022-07-04T14:17+09:00 | 2024-06-17T16:49+09:00 |
| jvndb-2022-000050 | LiteCart vulnerable to cross-site scripting | 2022-07-04T14:12+09:00 | 2024-06-17T10:39+09:00 |
| jvndb-2022-000049 | HOME SPOT CUBE2 vulnerable to OS command injection | 2022-06-29T13:42+09:00 | 2024-06-17T10:45+09:00 |
| jvndb-2022-000048 | L2Blocker Sensor setup screen vulnerable to authentication bypass | 2022-06-24T14:21+09:00 | 2024-06-18T10:45+09:00 |
| jvndb-2022-000047 | web2py vulnerable to open redirect | 2022-06-23T14:21+09:00 | 2024-06-18T10:48+09:00 |
| jvndb-2022-000046 | Gitlab vulnerable to server-side request forgery | 2022-06-17T12:26+09:00 | 2024-06-20T15:39+09:00 |
| jvndb-2022-001953 | Growi vulnerable to weak password requirements | 2022-06-15T17:47+09:00 | 2022-06-15T17:47+09:00 |
| jvndb-2022-000045 | FreeBSD vulnerable to denial-of-service (DoS) | 2022-06-15T12:28+09:00 | 2024-06-13T16:31+09:00 |
| jvndb-2022-000044 | Cisco Catalyst 2940 Series Switches vulnerable to cross-site scripting | 2022-06-14T13:46+09:00 | 2024-06-18T10:51+09:00 |
| jvndb-2022-000043 | SHIRASAGI vulnerable to cross-site scripting | 2022-06-09T13:31+09:00 | 2024-06-18T11:13+09:00 |
| jvndb-2022-001948 | Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service | 2022-06-03T12:17+09:00 | 2024-06-18T16:30+09:00 |
| jvndb-2022-000042 | T&D Data Server and THERMO RECORDER DATA SERVER contain a directory traversal vulnerability. | 2022-06-01T16:12+09:00 | 2024-06-18T10:34+09:00 |
| jvndb-2022-000041 | WordPress Plugin "Modern Events Calendar Lite" vulnerable to cross-site scripting | 2022-06-01T13:39+09:00 | 2024-06-18T10:42+09:00 |
| jvndb-2022-000039 | RevoWorks incomplete filtering of MS Office v4 macros | 2022-05-27T16:09+09:00 | 2024-06-18T16:31+09:00 |
| jvndb-2022-000040 | Mobaoku-Auction & Flea Market App for iOS vulnerable to improper server certificate verification | 2022-05-27T15:48+09:00 | 2024-06-18T11:06+09:00 |
| jvndb-2022-001929 | Multiple vulnerabilities in Fuji Electric V-SFT | 2022-05-27T15:39+09:00 | 2024-06-18T13:44+09:00 |
| jvndb-2022-001931 | Multiple vulnerabilities in Fuji Electric V-SFT, V-Server and V-Server Lite | 2022-05-27T15:37+09:00 | 2024-06-18T16:28+09:00 |
| jvndb-2022-001923 | Multiple vulnerabilities in CONTEC SolarView Compact | 2022-05-27T15:28+09:00 | 2024-06-20T11:34+09:00 |
| ID | Description | Updated |
|---|