Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-m8f6-rrcx-mrm3 | H3C SSL VPN contains a user enumeration vulnerability that allows attackers to identify valid usern… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-hv34-rhhr-q53f | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an unauthenticated remote code execution vulnerability… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-gxjj-79fr-px4p | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains an unauthenticated stored cross-site scripting … | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-gr6g-859c-3j6j | SoX 14.4.2 contains a division by zero vulnerability when handling WAV files that can cause program… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-gcc4-3hh2-4mcx | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated command injection v… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-cqgr-77q2-257r | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains a network vulnerability that allows unauthentic… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-cjhx-gxg4-xjm7 | Fetch FTP Client 5.8.2 contains a denial of service vulnerability that allows attackers to trigger … | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-9x83-xq9p-cxq5 | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an information disclosure vulnerability that allows un… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-7h43-qx63-fwcr | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated file disclosure vul… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-7fvm-m3gq-pf2p | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain hardcoded credentials embedded in serv… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-6xcq-8cpm-6v2h | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an authenticated command injection vulnerability in th… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-3crj-9596-945w | JM-DATA ONU JF511-TV version 1.0.67 uses default credentials that allow attackers to gain unauthori… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-32jx-jm5r-c6x7 | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated vulnerability that … | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-2v4h-c2w7-48pw | JM-DATA ONU JF511-TV version 1.0.67 is vulnerable to authenticated stored cross-site scripting (XSS… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-vf6p-f83q-937h | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an SQL injection vulnerability in the 'username' POST … | 2025-12-31T00:31:09Z | 2025-12-31T00:31:10Z |
| ghsa-r6vv-wc27-96r7 | MiniDVBLinux 5.4 contains a remote command execution vulnerability that allows unauthenticated atta… | 2025-12-31T00:31:09Z | 2025-12-31T00:31:09Z |
| ghsa-pc62-v6r5-973x | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an insufficient session expiration vul… | 2025-12-31T00:31:09Z | 2025-12-31T00:31:10Z |
| ghsa-3gq6-fx9q-4r9m | A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the f… | 2025-12-31T00:31:09Z | 2025-12-31T00:31:09Z |
| ghsa-95qg-89c2-w5hj | theshit vulnerable to unsafe loading of user-owned Python rules when running as root | 2025-12-30T23:45:51Z | 2025-12-30T23:45:52Z |
| ghsa-7rvh-xqp3-pr8j | ImageMagick's failure to limit MVG mutual causes Stack Overflow | 2025-12-30T23:08:15Z | 2025-12-30T23:08:15Z |
| ghsa-h956-rh7x-ppgj | RustFS has a gRPC Hardcoded Token Authentication Bypass | 2025-12-30T23:06:15Z | 2025-12-30T23:06:15Z |
| ghsa-p27m-hp98-6637 | ImageMagick's failure to limit the depth of SVG file reads caused a DoS attack | 2025-12-30T22:54:32Z | 2025-12-30T22:54:33Z |
| ghsa-xx3f-437p-fp69 | A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the f… | 2025-12-30T21:30:33Z | 2025-12-30T21:30:33Z |
| ghsa-p2gr-hm8g-q772 | When frontend.enableExecuteMultiOperation is enabled, the server can apply namespace-scoped validat… | 2025-12-30T21:30:33Z | 2025-12-30T21:30:33Z |
| ghsa-hmhp-gh8m-c8xp | When system.enableCrossNamespaceCommands is enabled (on by default), the Temporal server permits ce… | 2025-12-30T21:30:33Z | 2025-12-30T21:30:33Z |
| ghsa-95cj-hx7q-rjj4 | A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The impacted element is the functio… | 2025-12-30T21:30:33Z | 2025-12-30T21:30:33Z |
| ghsa-86hp-crvx-3qvr | An HTML Injection vulnerability in TrueConf server 5.5.2.10813 in the conference description field … | 2025-12-30T21:30:33Z | 2025-12-30T21:30:33Z |
| ghsa-5rqh-29cg-rcqm | inMusic Brands Engine DJ 4.3.0 suffers from Insecure Permissions due to exposed HTTP service in the… | 2025-12-30T21:30:33Z | 2025-12-30T21:30:33Z |
| ghsa-wc9p-rvp2-mc4r | A Stored Cross-Site Scripting (XSS) vulnerability exists in the Meeting location field of the Creat… | 2025-12-30T21:30:32Z | 2025-12-30T21:30:32Z |
| ghsa-w5qh-693v-56hm | A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected is an unknown function of… | 2025-12-30T21:30:32Z | 2025-12-30T21:30:32Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-13029 | N/A | Knowband Mobile App Builder for wooCommerce < 3.0.0 – … |
Unknown |
Knowband Mobile App Builder |
2025-12-31T06:00:03.241Z | 2025-12-31T06:00:03.241Z |
| cve-2025-49342 | 7.1 (v3.1) | WordPress Custom Style plugin <= 1.0 - Cross Site Requ… |
Wolfgang Häfelinger |
Custom Style |
2025-12-31T05:55:53.218Z | 2025-12-31T05:55:53.218Z |
| cve-2025-69277 | 4.5 (v3.1) | libsodium before ad3004e, in atypical use cases i… |
libsodium |
libsodium |
2025-12-31T05:50:07.422Z | 2025-12-31T06:03:26.026Z |
| cve-2025-49353 | 7.1 (v3.1) | WordPress Noindex by Path plugin <= 1.0 - Cross Site R… |
Marcin Kijak |
Noindex by Path |
2025-12-31T05:36:42.895Z | 2025-12-31T17:50:20.668Z |
| cve-2025-68885 | 7.1 (v3.1) | WordPress Custom Post Status plugin <= 1.1.0 - Cross S… |
Page Carbajal |
Custom Post Status |
2025-12-31T05:34:27.042Z | 2025-12-31T17:50:25.904Z |
| cve-2025-49354 | 7.1 (v3.1) | WordPress Recent Posts From Each Category plugin <= 1.… |
Mindstien Technologies |
Recent Posts From Each Category |
2025-12-31T05:30:25.381Z | 2025-12-31T17:50:31.560Z |
| cve-2025-49343 | 7.1 (v3.1) | WordPress Social Profilr plugin <= 1.0 - Cross Site Re… |
Socialprofilr |
Social Profilr |
2025-12-31T05:28:06.720Z | 2025-12-31T17:50:36.826Z |
| cve-2025-49344 | 7.1 (v3.1) | WordPress SensitiveTagCloud plugin <= 1.4.1 - Cross Si… |
Rene Ade |
SensitiveTagCloud |
2025-12-31T05:25:58.689Z | 2025-12-31T17:50:42.300Z |
| cve-2025-49345 | 7.1 (v3.1) | WordPress WP-EasyArchives plugin <= 3.1.2 - Cross Site… |
mg12 |
WP-EasyArchives |
2025-12-31T05:23:28.075Z | 2025-12-31T17:50:47.950Z |
| cve-2025-15375 | EyouCMS arcpagelist Ajax.php unserialize deserialization |
n/a |
EyouCMS |
2025-12-31T05:02:09.241Z | 2025-12-31T05:02:09.241Z | |
| cve-2025-49346 | 7.1 (v3.1) | WordPress Simple Archive Generator plugin <= 5.2 - Cro… |
Peter Sterling |
Simple Archive Generator |
2025-12-31T04:37:01.172Z | 2025-12-31T17:50:53.258Z |
| cve-2025-59137 | 7.1 (v3.1) | WordPress Behance Portfolio Manager plugin <= 1.7.5 - … |
eLEOPARD |
Behance Portfolio Manager |
2025-12-31T04:33:22.492Z | 2025-12-31T17:50:58.481Z |
| cve-2025-15374 | EyouCMS Ask Module Ask.php cross site scripting |
n/a |
EyouCMS |
2025-12-31T04:32:08.144Z | 2025-12-31T04:32:08.144Z | |
| cve-2025-15373 | EyouCMS function.php saveRemote server-side request forgery |
n/a |
EyouCMS |
2025-12-31T04:02:08.912Z | 2025-12-31T04:02:08.912Z | |
| cve-2025-15223 | Philipinho Simple-PHP-Blog login.php cross site scripting |
Philipinho |
Simple-PHP-Blog |
2025-12-31T02:32:09.788Z | 2025-12-31T03:00:30.523Z | |
| cve-2025-15372 | youlaitech vue3-element-admin Notice index.vue cross s… |
youlaitech |
vue3-element-admin |
2025-12-31T02:02:06.787Z | 2025-12-31T02:02:06.787Z | |
| cve-2025-68131 | CBORDecoder reuse can leak shareable values across dec… |
agronholm |
cbor2 |
2025-12-31T01:15:36.827Z | 2025-12-31T01:15:36.827Z | |
| cve-2025-15371 | Tenda i24 Shadow File hard-coded credentials |
Tenda |
i24 |
2025-12-31T01:02:06.989Z | 2025-12-31T01:02:06.989Z | |
| cve-2025-11964 | 1.9 (v3.1) | OOBW in utf_16le_to_utf_8_truncated() in libpcap |
The Tcpdump Group |
libpcap |
2025-12-31T00:58:19.026Z | 2025-12-31T00:58:19.026Z |
| cve-2025-11961 | 1.9 (v3.1) | OOBR and OOBW in pcap_ether_aton() in libpcap |
The Tcpdump Group |
libpcap |
2025-12-31T00:56:16.310Z | 2025-12-31T00:56:16.310Z |
| cve-2025-64699 | N/A | An incorrect NULL DACL issue exists in SevenCs OR… |
n/a |
n/a |
2025-12-31T00:00:00.000Z | 2025-12-31T15:53:47.139Z |
| cve-2025-61037 | N/A | A local privilege escalation vulnerability exists… |
n/a |
n/a |
2025-12-31T00:00:00.000Z | 2025-12-31T15:40:23.022Z |
| cve-2025-59131 | 7.1 (v3.1) | WordPress WP-CalDav2ICS plugin <= 1.3.4 - Cross Site R… |
Hoernerfranz |
WP-CalDav2ICS |
2025-12-30T22:55:32.248Z | 2025-12-31T17:51:04.587Z |
| cve-2022-50802 | 5.1 (v4.0) 6.1 (v3.1) | ETAP Safety Manager 1.0.0.32 Unauthenticated Reflected… |
ETAP Lighting International NV |
ETAP Safety Manager |
2025-12-30T22:42:57.655Z | 2025-12-30T22:42:57.655Z |
| cve-2025-15114 | 9.3 (v4.0) 9.8 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 PIN Expo… |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:47.116Z | 2025-12-30T22:41:47.116Z |
| cve-2025-15113 | 8.5 (v4.0) 7.8 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 Remote C… |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:46.694Z | 2025-12-30T22:41:46.694Z |
| cve-2025-15112 | 5.1 (v4.0) 8 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 URL Redi… |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:46.247Z | 2025-12-30T22:41:46.247Z |
| cve-2025-15111 | 9.3 (v4.0) 7.5 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 Default … |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:45.831Z | 2025-12-30T22:41:45.831Z |
| cve-2024-58338 | 8.6 (v4.0) 9.8 (v3.1) | Anevia Flamingo XL 3.2.9 Remote Root Jailbreak via Tra… |
Ateme |
Flamingo XL |
2025-12-30T22:41:45.411Z | 2025-12-30T22:41:45.411Z |
| cve-2024-58337 | 8.7 (v4.0) 7.5 (v3.1) | Akuvox Smart Intercom S539 Improper Access Control via… |
The Akuvox Company |
Akuvox Smart Doorphone |
2025-12-30T22:41:44.989Z | 2025-12-30T22:41:44.989Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-14783 | Easy Digital Downloads <= 3.6.2 - Unvalidated Redirect… |
smub |
Easy Digital Downloads – eCommerce Payments and Subscriptions made easy |
2025-12-31T06:24:42.546Z | 2025-12-31T16:25:51.162Z | |
| cve-2025-69277 | 4.5 (v3.1) | libsodium before ad3004e, in atypical use cases i… |
libsodium |
libsodium |
2025-12-31T05:50:07.422Z | 2025-12-31T06:03:26.026Z |
| cve-2025-68885 | 7.1 (v3.1) | WordPress Custom Post Status plugin <= 1.1.0 - Cross S… |
Page Carbajal |
Custom Post Status |
2025-12-31T05:34:27.042Z | 2025-12-31T17:50:25.904Z |
| cve-2025-49354 | 7.1 (v3.1) | WordPress Recent Posts From Each Category plugin <= 1.… |
Mindstien Technologies |
Recent Posts From Each Category |
2025-12-31T05:30:25.381Z | 2025-12-31T17:50:31.560Z |
| cve-2025-49353 | 7.1 (v3.1) | WordPress Noindex by Path plugin <= 1.0 - Cross Site R… |
Marcin Kijak |
Noindex by Path |
2025-12-31T05:36:42.895Z | 2025-12-31T17:50:20.668Z |
| cve-2025-49345 | 7.1 (v3.1) | WordPress WP-EasyArchives plugin <= 3.1.2 - Cross Site… |
mg12 |
WP-EasyArchives |
2025-12-31T05:23:28.075Z | 2025-12-31T17:50:47.950Z |
| cve-2025-49344 | 7.1 (v3.1) | WordPress SensitiveTagCloud plugin <= 1.4.1 - Cross Si… |
Rene Ade |
SensitiveTagCloud |
2025-12-31T05:25:58.689Z | 2025-12-31T17:50:42.300Z |
| cve-2025-49343 | 7.1 (v3.1) | WordPress Social Profilr plugin <= 1.0 - Cross Site Re… |
Socialprofilr |
Social Profilr |
2025-12-31T05:28:06.720Z | 2025-12-31T17:50:36.826Z |
| cve-2025-49342 | 7.1 (v3.1) | WordPress Custom Style plugin <= 1.0 - Cross Site Requ… |
Wolfgang Häfelinger |
Custom Style |
2025-12-31T05:55:53.218Z | 2025-12-31T05:55:53.218Z |
| cve-2025-14434 | N/A | Ultimate Post Kit < 4.0.16 – Unauthenticated Arbitrary… |
Unknown |
Ultimate Post Kit Addons for Elementor |
2025-12-31T06:00:11.262Z | 2025-12-31T06:00:11.262Z |
| cve-2025-13029 | N/A | Knowband Mobile App Builder for wooCommerce < 3.0.0 – … |
Unknown |
Knowband Mobile App Builder |
2025-12-31T06:00:03.241Z | 2025-12-31T06:00:03.241Z |
| cve-2025-59137 | 7.1 (v3.1) | WordPress Behance Portfolio Manager plugin <= 1.7.5 - … |
eLEOPARD |
Behance Portfolio Manager |
2025-12-31T04:33:22.492Z | 2025-12-31T17:50:58.481Z |
| cve-2025-49346 | 7.1 (v3.1) | WordPress Simple Archive Generator plugin <= 5.2 - Cro… |
Peter Sterling |
Simple Archive Generator |
2025-12-31T04:37:01.172Z | 2025-12-31T17:50:53.258Z |
| cve-2025-15375 | EyouCMS arcpagelist Ajax.php unserialize deserialization |
n/a |
EyouCMS |
2025-12-31T05:02:09.241Z | 2025-12-31T05:02:09.241Z | |
| cve-2025-15374 | EyouCMS Ask Module Ask.php cross site scripting |
n/a |
EyouCMS |
2025-12-31T04:32:08.144Z | 2025-12-31T04:32:08.144Z | |
| cve-2025-15373 | EyouCMS function.php saveRemote server-side request forgery |
n/a |
EyouCMS |
2025-12-31T04:02:08.912Z | 2025-12-31T04:02:08.912Z | |
| cve-2025-15372 | youlaitech vue3-element-admin Notice index.vue cross s… |
youlaitech |
vue3-element-admin |
2025-12-31T02:02:06.787Z | 2025-12-31T02:02:06.787Z | |
| cve-2025-15223 | Philipinho Simple-PHP-Blog login.php cross site scripting |
Philipinho |
Simple-PHP-Blog |
2025-12-31T02:32:09.788Z | 2025-12-31T03:00:30.523Z | |
| cve-2025-68131 | CBORDecoder reuse can leak shareable values across dec… |
agronholm |
cbor2 |
2025-12-31T01:15:36.827Z | 2025-12-31T01:15:36.827Z | |
| cve-2025-15371 | Tenda i24 Shadow File hard-coded credentials |
Tenda |
i24 |
2025-12-31T01:02:06.989Z | 2025-12-31T01:02:06.989Z | |
| cve-2025-11964 | 1.9 (v3.1) | OOBW in utf_16le_to_utf_8_truncated() in libpcap |
The Tcpdump Group |
libpcap |
2025-12-31T00:58:19.026Z | 2025-12-31T00:58:19.026Z |
| cve-2025-11961 | 1.9 (v3.1) | OOBR and OOBW in pcap_ether_aton() in libpcap |
The Tcpdump Group |
libpcap |
2025-12-31T00:56:16.310Z | 2025-12-31T00:56:16.310Z |
| cve-2025-62753 | 7.5 (v3.1) | WordPress MAS Videos plugin <= 1.3.2 - Local File Incl… |
MadrasThemes |
MAS Videos |
2025-12-30T22:37:03.420Z | 2025-12-31T17:51:10.306Z |
| cve-2025-59131 | 7.1 (v3.1) | WordPress WP-CalDav2ICS plugin <= 1.3.4 - Cross Site R… |
Hoernerfranz |
WP-CalDav2ICS |
2025-12-30T22:55:32.248Z | 2025-12-31T17:51:04.587Z |
| cve-2025-15114 | 9.3 (v4.0) 9.8 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 PIN Expo… |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:47.116Z | 2025-12-30T22:41:47.116Z |
| cve-2025-15113 | 8.5 (v4.0) 7.8 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 Remote C… |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:46.694Z | 2025-12-30T22:41:46.694Z |
| cve-2025-15112 | 5.1 (v4.0) 8 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 URL Redi… |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:46.247Z | 2025-12-30T22:41:46.247Z |
| cve-2025-15111 | 9.3 (v4.0) 7.5 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 Default … |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:45.831Z | 2025-12-30T22:41:45.831Z |
| cve-2024-58338 | 8.6 (v4.0) 9.8 (v3.1) | Anevia Flamingo XL 3.2.9 Remote Root Jailbreak via Tra… |
Ateme |
Flamingo XL |
2025-12-30T22:41:45.411Z | 2025-12-30T22:41:45.411Z |
| cve-2024-58337 | 8.7 (v4.0) 7.5 (v3.1) | Akuvox Smart Intercom S539 Improper Access Control via… |
The Akuvox Company |
Akuvox Smart Doorphone |
2025-12-30T22:41:44.989Z | 2025-12-30T22:41:44.989Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192865 | Malicious code in streamlinear (npm) | 2025-12-23T08:31:32Z | 2025-12-23T08:31:32Z |
| mal-2025-192864 | Malicious code in stream-chain-xor (npm) | 2025-12-23T08:31:31Z | 2025-12-23T08:31:31Z |
| mal-2025-192863 | Malicious code in smart-parser (npm) | 2025-12-23T08:30:35Z | 2025-12-23T08:30:35Z |
| mal-2025-192862 | Malicious code in session-parse (npm) | 2025-12-23T08:30:06Z | 2025-12-23T08:30:06Z |
| mal-2025-192861 | Malicious code in session-keeper (npm) | 2025-12-23T08:30:05Z | 2025-12-23T08:30:05Z |
| mal-2025-192860 | Malicious code in security-testing-research99 (npm) | 2025-12-23T08:29:51Z | 2025-12-23T08:29:51Z |
| mal-2025-192859 | Malicious code in security-testing-research- (npm) | 2025-12-23T08:29:51Z | 2025-12-23T08:29:51Z |
| mal-2025-192858 | Malicious code in resethp (npm) | 2025-12-23T08:28:15Z | 2025-12-23T08:28:15Z |
| mal-2025-192857 | Malicious code in redux-motion (npm) | 2025-12-23T08:27:50Z | 2025-12-23T08:27:50Z |
| mal-2025-192856 | Malicious code in react-resizable-text (npm) | 2025-12-23T08:27:17Z | 2025-12-23T08:27:17Z |
| mal-2025-192855 | Malicious code in react-flex-tools (npm) | 2025-12-23T08:26:31Z | 2025-12-23T08:26:31Z |
| mal-2025-192854 | Malicious code in react-confetti-enhanced (npm) | 2025-12-23T08:26:19Z | 2025-12-23T08:26:19Z |
| mal-2025-192853 | Malicious code in portal-aes (npm) | 2025-12-23T08:24:49Z | 2025-12-23T08:24:49Z |
| mal-2025-192852 | Malicious code in polyfill-corejs2 (npm) | 2025-12-23T08:24:47Z | 2025-12-23T08:24:47Z |
| mal-2025-192851 | Malicious code in petco-test (npm) | 2025-12-23T08:24:29Z | 2025-12-23T08:24:29Z |
| mal-2025-192850 | Malicious code in pentestlyio-testpackage (npm) | 2025-12-23T08:24:20Z | 2025-12-23T08:24:20Z |
| mal-2025-192849 | Malicious code in oneday-worm-research (npm) | 2025-12-23T08:23:15Z | 2025-12-23T08:23:15Z |
| mal-2025-192848 | Malicious code in nokaca (npm) | 2025-12-23T08:22:46Z | 2025-12-23T08:22:46Z |
| mal-2025-192847 | Malicious code in node-calculator-x7k9-grabber (npm) | 2025-12-23T08:22:31Z | 2025-12-23T08:22:31Z |
| mal-2025-192846 | Malicious code in node-calculator-x7k9-evil (npm) | 2025-12-23T08:22:31Z | 2025-12-23T08:22:31Z |
| mal-2025-192845 | Malicious code in node-calculator-fe54 (npm) | 2025-12-23T08:22:30Z | 2025-12-23T08:22:30Z |
| mal-2025-192844 | Malicious code in node-calculator-f483 (npm) | 2025-12-23T08:22:29Z | 2025-12-23T08:22:29Z |
| mal-2025-192843 | Malicious code in node-calculator-f2af (npm) | 2025-12-23T08:22:22Z | 2025-12-23T08:22:22Z |
| mal-2025-192842 | Malicious code in node-calculator-e776 (npm) | 2025-12-23T08:22:21Z | 2025-12-23T08:22:21Z |
| mal-2025-192841 | Malicious code in node-calculator-dfd9 (npm) | 2025-12-23T08:22:20Z | 2025-12-23T08:22:20Z |
| mal-2025-192840 | Malicious code in node-calculator-bde6 (npm) | 2025-12-23T08:22:19Z | 2025-12-23T08:22:19Z |
| mal-2025-192839 | Malicious code in node-calculator-ad83 (npm) | 2025-12-23T08:22:17Z | 2025-12-23T08:22:17Z |
| mal-2025-192838 | Malicious code in node-calculator-ab44 (npm) | 2025-12-23T08:22:16Z | 2025-12-23T08:22:16Z |
| mal-2025-192837 | Malicious code in node-calculator-a34e (npm) | 2025-12-23T08:22:15Z | 2025-12-23T08:22:15Z |
| mal-2025-192836 | Malicious code in node-calculator-98ba (npm) | 2025-12-23T08:22:06Z | 2025-12-23T08:22:06Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-2115 | WordPress Core: Mehrere Schwachstellen | 2025-09-23T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2114 | Dell PowerEdge BIOS und iDRAC9: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-09-23T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2110 | LibTiff: Schwachstelle ermöglicht Codeausführung | 2025-09-22T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2109 | Autodesk Produkte: Schwachstelle ermöglicht Codeausführung | 2025-09-22T22:00:00.000+00:00 | 2025-11-09T23:00:00.000+00:00 |
| wid-sec-w-2025-2107 | Linux Kernel: Mehrere Schwachstellen | 2025-09-22T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2104 | WebKitGTK: Mehrere Schwachstellen | 2025-09-22T22:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2101 | Ghostscript: Schwachstellen ermöglichen Codeausführung | 2025-09-21T22:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2099 | Linux Kernel: Mehrere Schwachstellen | 2025-09-21T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2092 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-09-18T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2087 | Linux Kernel: Mehrere Schwachstellen | 2025-09-17T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2083 | Ruby: Schwachstelle ermöglicht Denial of Service | 2025-09-17T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2080 | Google Chrome / Microsoft Edge: Mehrere Schwachstellen ermöglichen Codeausführung | 2025-09-17T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2078 | Red Hat Enterprise Linux (Developer Hub): Mehrere Schwachstellen | 2025-09-16T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2077 | Linux Kernel: Mehrere Schwachstellen | 2025-09-16T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2071 | WatchGuard Firebox: Schwachstelle ermöglicht Codeausführung | 2025-09-16T22:00:00.000+00:00 | 2025-11-12T23:00:00.000+00:00 |
| wid-sec-w-2025-2060 | VMware Tanzu Spring Framework und Spring Security: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen | 2025-09-15T22:00:00.000+00:00 | 2025-12-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2058 | Apple Safari: Mehrere Schwachstellen | 2025-09-15T22:00:00.000+00:00 | 2025-11-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2053 | Linux Kernel: Mehrere Schwachstellen | 2025-09-15T22:00:00.000+00:00 | 2025-12-29T23:00:00.000+00:00 |
| wid-sec-w-2025-2051 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-09-14T22:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-2045 | expat: Schwachstelle ermöglicht Denial of Service | 2025-09-14T22:00:00.000+00:00 | 2025-12-29T23:00:00.000+00:00 |
| wid-sec-w-2025-2040 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-09-11T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2039 | CUPS: Mehrere Schwachstellen | 2025-09-11T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2036 | IBM WebSphere Application Server: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-09-10T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-2034 | Erlang/OTP: Mehrere Schwachstellen | 2025-09-10T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2028 | Red Hat OpenShift Container Platform: Schwachstelle ermöglicht Codeausführung | 2025-09-10T22:00:00.000+00:00 | 2025-12-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2026 | ffmpeg: Schwachstelle ermöglicht Denial of Service | 2025-09-10T22:00:00.000+00:00 | 2025-10-21T22:00:00.000+00:00 |
| wid-sec-w-2025-2023 | cURL: Mehrere Schwachstellen ermöglichen Manipulation von Dateien | 2025-09-09T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2002 | libssh: Schwachstelle ermöglicht Denial of Service | 2025-09-09T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-1999 | Adobe Magento SessionReaper: Schwachstelle ermöglicht Umgehung von Sicherheitsmaßnahmen | 2025-09-08T22:00:00.000+00:00 | 2025-10-22T22:00:00.000+00:00 |
| wid-sec-w-2025-1998 | ffmpeg: Schwachstelle ermöglicht Codeausführung und potenziell Denial of Service | 2025-09-08T22:00:00.000+00:00 | 2025-10-21T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-792594 | SSA-792594: Host Header Injection Vulnerability in Polarion ALM | 2022-12-13T00:00:00Z | 2023-04-11T00:00:00Z |
| ssa-700053 | SSA-700053: Multiple File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go | 2022-12-13T00:00:00Z | 2023-04-11T00:00:00Z |
| ssa-552874 | SSA-552874: Denial of Service Vulnerability in SIPROTEC 5 Devices | 2022-12-13T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-547714 | SSA-547714: Argument Injection Vulnerability in SIMATIC WinCC OA Ultralight Client | 2022-12-13T00:00:00Z | 2023-01-10T00:00:00Z |
| ssa-436469 | SSA-436469: TCP Vulnerability in APOGEE/TALON Field Panels | 2022-12-13T00:00:00Z | 2022-12-13T00:00:00Z |
| ssa-413565 | SSA-413565: Multiple Vulnerabilities in SCALANCE Products | 2022-12-13T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-412672 | SSA-412672: Multiple OpenSSL and OpenSSH Vulnerabilities in SCALANCE X-200RNA Switch Devices before V3.2.7 | 2022-12-13T00:00:00Z | 2022-12-13T00:00:00Z |
| ssa-408105 | SSA-408105: Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products | 2022-12-13T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-382653 | SSA-382653: Multiple Denial of Service Vulnerabilities in Industrial Products | 2022-12-13T00:00:00Z | 2023-09-12T00:00:00Z |
| ssa-363821 | SSA-363821: Multiple Vulnerabilities in SCALANCE X-200RNA Switch Devices before V3.2.7 | 2022-12-13T00:00:00Z | 2022-12-13T00:00:00Z |
| ssa-360681 | SSA-360681: Datalogics File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go | 2022-12-13T00:00:00Z | 2022-12-13T00:00:00Z |
| ssa-333517 | SSA-333517: Multiple Vulnerabilities in SCALANCE SC-600 Family before V3.0 | 2022-12-13T00:00:00Z | 2022-12-13T00:00:00Z |
| ssa-274282 | SSA-274282: Cross Site Scripting Vulnerability in PLM Help Server V4.2 | 2022-12-13T00:00:00Z | 2022-12-13T00:00:00Z |
| ssa-224632 | SSA-224632: Improper Access Control Vulnerability in Mendix Email Connector Module | 2022-12-13T00:00:00Z | 2022-12-13T00:00:00Z |
| ssa-223771 | SSA-223771: SISCO Stack Vulnerability in SIPROTEC 5 Devices | 2022-12-13T00:00:00Z | 2023-08-08T00:00:00Z |
| ssa-180579 | SSA-180579: Privilege Management Vulnerability and Multiple Nucleus RTOS Vulnerabilities in APOGEE/TALON Field Panels before V3.5.5/V2.8.20 | 2022-12-13T00:00:00Z | 2023-08-08T00:00:00Z |
| ssa-853037 | SSA-853037: File Parsing Vulnerabilities in Parasolid | 2022-11-08T00:00:00Z | 2022-11-08T00:00:00Z |
| ssa-587547 | SSA-587547: Unencrypted Storage of User Credentials in QMS Automotive | 2022-11-08T00:00:00Z | 2023-09-12T00:00:00Z |
| ssa-478960 | SSA-478960: Missing CSRF Protection in the Web Server Login Page of Industrial Controllers | 2022-11-08T00:00:00Z | 2023-09-12T00:00:00Z |
| ssa-371761 | SSA-371761: Arbitrary Code Execution Vulnerability in the Logback Component of SINEC NMS before V1.0.3 | 2022-11-08T00:00:00Z | 2022-11-08T00:00:00Z |
| ssa-120378 | SSA-120378: Multiple File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go | 2022-11-08T00:00:00Z | 2023-06-13T00:00:00Z |
| ssa-640732 | SSA-640732: Authentication Bypass Vulnerability in Siveillance Video Mobile Server | 2022-10-21T00:00:00Z | 2022-10-21T00:00:00Z |
| ssa-935500 | SSA-935500: Denial of Service Vulnerability in FTP Server of Nucleus RTOS based APOGEE, TALON and Desigo PXC/PXM Products | 2022-10-11T00:00:00Z | 2025-05-13T00:00:00Z |
| ssa-697140 | SSA-697140: Denial of Service Vulnerability in the TCP Event Service of SCALANCE and RUGGEDCOM Products | 2022-10-11T00:00:00Z | 2025-02-11T00:00:00Z |
| ssa-572005 | SSA-572005: Vulnerabilities in the Web Server of SICAM P850 and SICAM P855 Devices | 2022-10-11T00:00:00Z | 2023-06-13T00:00:00Z |
| ssa-568427 | SSA-568427: Weak Key Protection Vulnerability in SIMATIC S7-1200 and S7-1500 CPU Families | 2022-10-11T00:00:00Z | 2022-10-11T00:00:00Z |
| ssa-501891 | SSA-501891: Cross-Site Scripting Vulnerability in SCALANCE X-200 and X-200IRT Families | 2022-10-11T00:00:00Z | 2022-11-08T00:00:00Z |
| ssa-360783 | SSA-360783: Multiple Webserver Vulnerabilities in Desigo PXM Devices | 2022-10-11T00:00:00Z | 2022-10-11T00:00:00Z |
| ssa-258115 | SSA-258115: DWG File Parsing Vulnerability in Solid Edge before SE2022MP9 | 2022-10-11T00:00:00Z | 2022-10-11T00:00:00Z |
| ssa-638652 | SSA-638652: Authentication Bypass Vulnerability in Mendix SAML Module | 2022-09-13T00:00:00Z | 2022-12-13T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:21121 | Red Hat Security Advisory: firefox security update | 2025-11-12T12:49:38+00:00 | 2025-11-21T19:31:25+00:00 |
| rhsa-2025:21118 | Red Hat Security Advisory: kernel security update | 2025-11-12T12:41:03+00:00 | 2025-11-25T21:29:25+00:00 |
| rhsa-2025:21120 | Red Hat Security Advisory: firefox security update | 2025-11-12T12:31:49+00:00 | 2025-11-21T19:31:24+00:00 |
| rhsa-2025:21112 | Red Hat Security Advisory: kernel security update | 2025-11-12T11:50:59+00:00 | 2025-11-26T20:16:00+00:00 |
| rhsa-2025:21110 | Red Hat Security Advisory: bind security update | 2025-11-12T10:49:03+00:00 | 2025-11-27T03:24:25+00:00 |
| rhsa-2025:21111 | Red Hat Security Advisory: bind9.18 security update | 2025-11-12T10:44:58+00:00 | 2025-11-27T03:24:25+00:00 |
| rhsa-2025:21117 | Red Hat Security Advisory: RHOAI 3.0 - Red Hat OpenShift AI | 2025-11-12T10:03:26+00:00 | 2025-11-21T19:38:58+00:00 |
| rhsa-2025:21091 | Red Hat Security Advisory: kernel security update | 2025-11-12T08:15:53+00:00 | 2025-11-25T21:29:26+00:00 |
| rhsa-2025:21090 | Red Hat Security Advisory: squid:4 security update | 2025-11-12T08:03:19+00:00 | 2025-11-21T19:31:21+00:00 |
| rhsa-2025:21084 | Red Hat Security Advisory: kernel security update | 2025-11-12T05:26:07+00:00 | 2025-11-25T15:42:54+00:00 |
| rhsa-2025:21083 | Red Hat Security Advisory: kernel security update | 2025-11-12T05:21:13+00:00 | 2025-11-25T21:29:18+00:00 |
| rhsa-2025:21082 | Red Hat Security Advisory: kernel-rt security update | 2025-11-12T04:28:37+00:00 | 2025-11-21T19:31:18+00:00 |
| rhsa-2025:21067 | Red Hat Security Advisory: sssd security update | 2025-11-12T03:39:07+00:00 | 2025-11-27T17:37:04+00:00 |
| rhsa-2025:21066 | Red Hat Security Advisory: squid security update | 2025-11-12T02:47:02+00:00 | 2025-11-21T19:31:17+00:00 |
| rhsa-2025:21063 | Red Hat Security Advisory: kernel security update | 2025-11-12T02:44:58+00:00 | 2025-11-21T19:31:17+00:00 |
| rhsa-2025:21068 | Red Hat Security Advisory: Red Hat Ceph Storage 8.1 bug fix update | 2025-11-12T02:43:07+00:00 | 2025-11-28T14:33:55+00:00 |
| rhsa-2025:21062 | Red Hat Security Advisory: libtiff security update | 2025-11-12T02:41:56+00:00 | 2025-11-24T21:04:34+00:00 |
| rhsa-2025:21060 | Red Hat Security Advisory: libtiff security update | 2025-11-12T02:41:37+00:00 | 2025-11-24T21:04:33+00:00 |
| rhsa-2025:21059 | Red Hat Security Advisory: firefox security update | 2025-11-12T02:35:21+00:00 | 2025-11-21T19:31:15+00:00 |
| rhsa-2025:21064 | Red Hat Security Advisory: firefox security update | 2025-11-12T02:35:07+00:00 | 2025-11-21T19:31:16+00:00 |
| rhsa-2025:21065 | Red Hat Security Advisory: squid security update | 2025-11-12T02:34:12+00:00 | 2025-11-21T19:31:16+00:00 |
| rhsa-2025:21061 | Red Hat Security Advisory: libtiff security update | 2025-11-12T02:34:12+00:00 | 2025-11-24T21:04:33+00:00 |
| rhsa-2025:21057 | Red Hat Security Advisory: firefox security update | 2025-11-12T01:48:17+00:00 | 2025-11-21T19:31:14+00:00 |
| rhsa-2025:21056 | Red Hat Security Advisory: firefox security update | 2025-11-12T01:37:57+00:00 | 2025-11-21T19:31:13+00:00 |
| rhsa-2025:21058 | Red Hat Security Advisory: firefox security update | 2025-11-12T01:36:38+00:00 | 2025-11-21T19:31:14+00:00 |
| rhsa-2025:21055 | Red Hat Security Advisory: firefox security update | 2025-11-12T01:23:47+00:00 | 2025-11-21T19:31:13+00:00 |
| rhsa-2025:21054 | Red Hat Security Advisory: firefox security update | 2025-11-12T01:19:02+00:00 | 2025-11-21T19:31:13+00:00 |
| rhsa-2025:21051 | Red Hat Security Advisory: kernel security update | 2025-11-12T00:40:37+00:00 | 2025-11-25T15:42:57+00:00 |
| rhsa-2025:21038 | Red Hat Security Advisory: kea security update | 2025-11-11T20:00:06+00:00 | 2025-11-21T19:31:12+00:00 |
| rhsa-2025:21034 | Red Hat Security Advisory: bind security update | 2025-11-11T19:58:12+00:00 | 2025-11-27T03:24:41+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-68204 | pmdomain: arm: scmi: Fix genpd leak on provider registration failure | 2025-12-02T00:00:00.000Z | 2025-12-17T01:03:44.000Z |
| msrc_cve-2025-68203 | drm/amdgpu: fix lock warning in amdgpu_userq_fence_driver_process | 2025-12-02T00:00:00.000Z | 2025-12-17T01:02:10.000Z |
| msrc_cve-2025-68201 | drm/amdgpu: remove two invalid BUG_ON()s | 2025-12-02T00:00:00.000Z | 2025-12-17T01:02:20.000Z |
| msrc_cve-2025-68198 | crash: fix crashkernel resource shrink | 2025-12-02T00:00:00.000Z | 2025-12-17T01:02:36.000Z |
| msrc_cve-2025-68196 | drm/amd/display: Cache streams targeting link when performing LT automation | 2025-12-02T00:00:00.000Z | 2025-12-17T01:02:15.000Z |
| msrc_cve-2025-68193 | drm/xe/guc: Add devm release action to safely tear down CT | 2025-12-02T00:00:00.000Z | 2025-12-17T01:01:43.000Z |
| msrc_cve-2025-68190 | drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked() | 2025-12-02T00:00:00.000Z | 2025-12-17T01:01:48.000Z |
| msrc_cve-2025-68188 | tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() | 2025-12-02T00:00:00.000Z | 2025-12-17T01:05:25.000Z |
| msrc_cve-2025-68175 | media: nxp: imx8-isi: Fix streaming cleanup on release | 2025-12-02T00:00:00.000Z | 2025-12-17T01:03:49.000Z |
| msrc_cve-2025-68174 | amd/amdkfd: enhance kfd process check in switch partition | 2025-12-02T00:00:00.000Z | 2025-12-17T01:03:38.000Z |
| msrc_cve-2025-68161 | Apache Log4j Core: Missing TLS hostname verification in Socket appender | 2025-12-02T00:00:00.000Z | 2025-12-23T01:37:29.000Z |
| msrc_cve-2025-68156 | Expr has Denial of Service via Unbounded Recursion in Builtin Functions | 2025-12-02T00:00:00.000Z | 2025-12-27T01:36:36.000Z |
| msrc_cve-2025-68146 | filelock has TOCTOU race condition that allows symlink attacks during lock file creation | 2025-12-02T00:00:00.000Z | 2025-12-19T01:02:14.000Z |
| msrc_cve-2025-68114 | Capstone doesn't check vsnprintf return in SStream_concat, allows stack buffer underflow and overflow | 2025-12-02T00:00:00.000Z | 2025-12-23T01:37:34.000Z |
| msrc_cve-2025-67897 | In Sequoia before 2.1.0, aes_key_unwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet. | 2025-12-02T00:00:00.000Z | 2025-12-17T01:05:50.000Z |
| msrc_cve-2025-66476 | Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability | 2025-12-02T00:00:00.000Z | 2025-12-09T01:37:47.000Z |
| msrc_cve-2025-66471 | urllib3 Streaming API improperly handles highly compressed data | 2025-12-02T00:00:00.000Z | 2025-12-23T01:38:16.000Z |
| msrc_cve-2025-66418 | urllib3 allows an unbounded number of links in the decompression chain | 2025-12-02T00:00:00.000Z | 2025-12-23T01:38:10.000Z |
| msrc_cve-2025-66293 | LIBPNG has an out-of-bounds read in png_image_read_composite | 2025-12-02T00:00:00.000Z | 2025-12-17T14:36:58.000Z |
| msrc_cve-2025-66200 | Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo | 2025-12-02T00:00:00.000Z | 2025-12-20T14:35:45.000Z |
| msrc_cve-2025-65637 | A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. | 2025-12-02T00:00:00.000Z | 2025-12-30T14:35:57.000Z |
| msrc_cve-2025-65082 | Apache HTTP Server: CGI environment variable override | 2025-12-02T00:00:00.000Z | 2025-12-20T14:35:39.000Z |
| msrc_cve-2025-62408 | c-ares has a Use After Free vulnerability when connection is cleaned up after error | 2025-12-02T00:00:00.000Z | 2025-12-11T01:01:47.000Z |
| msrc_cve-2025-61729 | Excessive resource consumption when printing error string for host certificate validation in crypto/x509 | 2025-12-02T00:00:00.000Z | 2025-12-13T01:38:50.000Z |
| msrc_cve-2025-61727 | Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509 | 2025-12-02T00:00:00.000Z | 2025-12-13T01:39:00.000Z |
| msrc_cve-2025-59775 | Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF | 2025-12-02T00:00:00.000Z | 2025-12-08T14:37:51.000Z |
| msrc_cve-2025-59529 | simple protocol server ignores accepts unlimited connections and logs failures without limit | 2025-12-02T00:00:00.000Z | 2025-12-23T01:37:23.000Z |
| msrc_cve-2025-58098 | Apache HTTP Server: Server Side Includes adds query string to #exec cmd=... | 2025-12-02T00:00:00.000Z | 2025-12-20T14:35:52.000Z |
| msrc_cve-2025-55753 | Apache HTTP Server: mod_md (ACME), unintended retry intervals | 2025-12-02T00:00:00.000Z | 2025-12-20T14:35:58.000Z |
| msrc_cve-2025-40362 | ceph: fix multifs mds auth caps issue | 2025-12-02T00:00:00.000Z | 2025-12-17T01:02:26.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2024-015393 | Multiple security updates for Trend Micro Apex One and Apex One as a Service (December 2024) | 2024-12-23T12:52+09:00 | 2024-12-23T12:52+09:00 |
| jvndb-2024-014918 | Authentication Bypass Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2024-12-17T15:23+09:00 | 2024-12-17T15:23+09:00 |
| jvndb-2024-000128 | Multiple vulnerabilities in SHARP routers | 2024-12-17T07:54+09:00 | 2024-12-17T07:54+09:00 |
| jvndb-2024-000127 | "Shonen Jump+" App for Android fails to restrict custom URL schemes properly | 2024-12-16T15:07+09:00 | 2024-12-16T15:07+09:00 |
| jvndb-2024-014825 | WordPress Plugin "My WP Customize Admin/Frontend" vulnerable to cross-site scripting | 2024-12-16T13:57+09:00 | 2024-12-16T13:57+09:00 |
| jvndb-2024-014793 | Multiple vulnerabilities in FXC AE1021 and AE1021PE | 2024-12-16T11:51+09:00 | 2024-12-16T11:51+09:00 |
| jvndb-2024-014079 | Trend Micro Deep Security Agent for Windows and Deep Security Notifier on DSVA vulnerable to OS command injection | 2024-12-06T12:11+09:00 | 2024-12-06T12:11+09:00 |
| jvndb-2024-000125 | Multiple vulnerabilities in I-O DATA routers UD-LT1 and UD-LT1/EX | 2024-12-04T15:22+09:00 | 2024-12-18T15:20+09:00 |
| jvndb-2024-000124 | Multiple vulnerabilities in UNIVERGE IX/IX-R/IX-V series routers | 2024-12-02T16:38+09:00 | 2024-12-02T16:38+09:00 |
| jvndb-2024-000123 | Multiple FCNT Android devices vulnerable to authentication bypass | 2024-11-29T15:30+09:00 | 2024-11-29T15:30+09:00 |
| jvndb-2024-013702 | Multiple vulnerabilities in FUJI ELECTRIC products | 2024-11-29T14:42+09:00 | 2024-11-29T14:42+09:00 |
| jvndb-2024-000122 | HAProxy vulnerable to HTTP request/response smuggling | 2024-11-27T14:36+09:00 | 2024-11-27T14:36+09:00 |
| jvndb-2024-000121 | WordPress Plugin "WP Admin UI Customize" vulnerable to cross-site scripting | 2024-11-26T13:57+09:00 | 2024-11-26T13:57+09:00 |
| jvndb-2024-013260 | Multiple vulnerabilities in Edgecross Basic Software for Windows | 2024-11-22T10:59+09:00 | 2025-11-04T16:41+09:00 |
| jvndb-2024-000120 | "Kura Sushi Official App Produced by EPARK" for Android uses a hard-coded cryptographic key | 2024-11-20T13:56+09:00 | 2024-11-20T13:56+09:00 |
| jvndb-2024-012941 | Multiple vulnerabilities in Rakuten Turbo 5G | 2024-11-19T10:41+09:00 | 2024-11-19T10:41+09:00 |
| jvndb-2024-000119 | Multiple vulnerabilities in FitNesse | 2024-11-15T13:37+09:00 | 2024-11-20T11:18+09:00 |
| jvndb-2024-012461 | Multiple vulnerabilities in SoftBank Mesh Wi-Fi router RP562B | 2024-11-13T14:26+09:00 | 2024-11-26T16:11+09:00 |
| jvndb-2024-000118 | WordPress Plugin "VK All in One Expansion Unit" vulnerable to cross-site scripting | 2024-11-13T13:50+09:00 | 2024-11-13T13:50+09:00 |
| jvndb-2024-012017 | Trend Micro Deep Security 20 Agent for Windows vulnerable to improper access control | 2024-11-06T11:00+09:00 | 2024-11-06T11:00+09:00 |
| jvndb-2024-011833 | Incorrect authorization vulnerability in OMRON Sysmac Studio | 2024-11-05T15:29+09:00 | 2024-11-05T15:29+09:00 |
| jvndb-2024-011747 | Command injection vulnerability in Trend Micro Cloud Edge | 2024-11-01T14:28+09:00 | 2024-11-01T14:28+09:00 |
| jvndb-2024-011744 | REST-APIs unintentionally enabled in Century Systems FutureNet NXR series routers | 2024-11-01T13:49+09:00 | 2024-11-01T13:49+09:00 |
| jvndb-2024-000117 | Stack-based buffer overflow vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor | 2024-10-31T16:44+09:00 | 2025-05-19T17:59+09:00 |
| jvndb-2024-000116 | Hikvision network camera security enhancement to prevent cleartext transmission of Dynamic DNS credentials | 2024-10-30T15:07+09:00 | 2024-10-30T15:07+09:00 |
| jvndb-2024-011256 | Multiple vulnerabilities in Sharp and Toshiba Tec MFPs | 2024-10-28T17:33+09:00 | 2024-10-28T17:33+09:00 |
| jvndb-2024-000115 | Chatwork Desktop Application (Windows) uses a potentially dangerous function | 2024-10-28T14:29+09:00 | 2024-10-28T14:29+09:00 |
| jvndb-2024-000114 | Multiple vulnerabilities in baserCMS | 2024-10-25T15:07+09:00 | 2025-02-18T15:35+09:00 |
| jvndb-2024-010802 | Multiple SQL injection vulnerabilities in Trend Micro Deep Discovery Inspector | 2024-10-22T13:02+09:00 | 2024-10-22T13:02+09:00 |
| jvndb-2024-000106 | Multiple vulnerabilities in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software | 2024-10-21T11:58+09:00 | 2024-11-21T11:37+09:00 |
| ID | Description | Updated |
|---|