Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-5fgj-7r84-vwrr | A vulnerability was found in Philipinho Simple-PHP-Blog up to 94b5d3e57308bce5dfbc44c3edafa9811893d… | 2025-12-31T03:30:35Z | 2025-12-31T03:30:35Z |
| ghsa-4695-qj73-37p4 | A weakness has been identified in youlaitech vue3-element-admin up to 3.4.0. This issue affects som… | 2025-12-31T03:30:35Z | 2025-12-31T03:30:35Z |
| ghsa-9qhr-gr34-rmgj | A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328… | 2025-12-31T03:30:34Z | 2025-12-31T03:30:34Z |
| ghsa-53h7-g6w8-rxxc | On Windows only, if libpcap needs to convert a Windows error message to UTF-8 and the message inclu… | 2025-12-31T03:30:34Z | 2025-12-31T03:30:34Z |
| ghsa-x25x-vjrm-h7qq | pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fix… | 2025-12-31T03:30:33Z | 2025-12-31T03:30:34Z |
| ghsa-x5cr-w4x6-22r9 | Ksenia Security Lares 4.0 version 1.6 contains a URL redirection vulnerability in the 'cmdOk.xml' s… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-wm7p-2wcf-h9qh | Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to … | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-vqvm-xqhr-4h5w | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-rg8q-q5qg-28fm | Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative cre… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-mpcq-qm9f-9qfj | Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers t… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-m9w6-v3p4-qjm7 | Cross-Site Request Forgery (CSRF) vulnerability in Hoernerfranz WP-CalDav2ICS allows Stored XSS.Thi… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-jv66-87h9-r6q4 | Tosibox Key Service 3.3.0 contains an unquoted service path vulnerability that allows local non-pri… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-hcw3-qjrp-gq57 | Tinycontrol LAN Controller 1.58a contains an authentication bypass vulnerability that allows unauth… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-g772-q552-ggr6 | Ksenia Security Lares 4.0 Home Automation version 1.6 contains an unprotected endpoint vulnerabilit… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-g2pw-5fjr-fhhf | Ksenia Security Lares 4.0 Home Automation version 1.6 contains a default credentials vulnerability … | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-c56g-3hg8-4249 | Akuvox Smart Intercom S539 contains an improper access control vulnerability that allows users with… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-5xw5-83cp-4rjf | Ksenia Security Lares 4.0 Home Automation version 1.6 contains a critical security flaw that expose… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-4rhh-qhhp-cw22 | NLB mKlik Macedonia 3.3.12 contains a SQL injection vulnerability in international transfer paramet… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-xpmj-f96f-w324 | ETAP Safety Manager 1.0.0.32 contains a cross-site scripting vulnerability in the 'action' GET para… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-x593-jp73-3qq7 | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a command injection vulnerability that allows local au… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-r568-76cw-jx2w | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a conditional command injection vulnerability that all… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-q68f-54g3-3rc9 | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a conditional command injection vulnerability that all… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-mv53-5j69-vvj9 | JM-DATA ONU JF511-TV version 1.0.67 is vulnerable to cross-site request forgery (CSRF) attacks, all… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:11Z |
| ghsa-m8f6-rrcx-mrm3 | H3C SSL VPN contains a user enumeration vulnerability that allows attackers to identify valid usern… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-hv34-rhhr-q53f | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an unauthenticated remote code execution vulnerability… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-gxjj-79fr-px4p | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains an unauthenticated stored cross-site scripting … | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-gr6g-859c-3j6j | SoX 14.4.2 contains a division by zero vulnerability when handling WAV files that can cause program… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-gcc4-3hh2-4mcx | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated command injection v… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-cqgr-77q2-257r | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains a network vulnerability that allows unauthentic… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-cjhx-gxg4-xjm7 | Fetch FTP Client 5.8.2 contains a denial of service vulnerability that allows attackers to trigger … | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-15223 | Philipinho Simple-PHP-Blog login.php cross site scripting |
Philipinho |
Simple-PHP-Blog |
2025-12-31T02:32:09.788Z | 2025-12-31T03:00:30.523Z | |
| cve-2025-15372 | youlaitech vue3-element-admin Notice index.vue cross s… |
youlaitech |
vue3-element-admin |
2025-12-31T02:02:06.787Z | 2025-12-31T02:02:06.787Z | |
| cve-2025-68131 | CBORDecoder reuse can leak shareable values across dec… |
agronholm |
cbor2 |
2025-12-31T01:15:36.827Z | 2025-12-31T01:15:36.827Z | |
| cve-2025-15371 | Tenda i24 Shadow File hard-coded credentials |
Tenda |
i24 |
2025-12-31T01:02:06.989Z | 2025-12-31T01:02:06.989Z | |
| cve-2025-11964 | 1.9 (v3.1) | OOBW in utf_16le_to_utf_8_truncated() in libpcap |
The Tcpdump Group |
libpcap |
2025-12-31T00:58:19.026Z | 2025-12-31T00:58:19.026Z |
| cve-2025-11961 | 1.9 (v3.1) | OOBR and OOBW in pcap_ether_aton() in libpcap |
The Tcpdump Group |
libpcap |
2025-12-31T00:56:16.310Z | 2025-12-31T00:56:16.310Z |
| cve-2025-64699 | N/A | An incorrect NULL DACL issue exists in SevenCs OR… |
n/a |
n/a |
2025-12-31T00:00:00.000Z | 2025-12-31T15:53:47.139Z |
| cve-2025-61037 | N/A | A local privilege escalation vulnerability exists… |
n/a |
n/a |
2025-12-31T00:00:00.000Z | 2025-12-31T15:40:23.022Z |
| cve-2025-59131 | 7.1 (v3.1) | WordPress WP-CalDav2ICS plugin <= 1.3.4 - Cross Site R… |
Hoernerfranz |
WP-CalDav2ICS |
2025-12-30T22:55:32.248Z | 2025-12-31T17:51:04.587Z |
| cve-2022-50802 | 5.1 (v4.0) 6.1 (v3.1) | ETAP Safety Manager 1.0.0.32 Unauthenticated Reflected… |
ETAP Lighting International NV |
ETAP Safety Manager |
2025-12-30T22:42:57.655Z | 2025-12-30T22:42:57.655Z |
| cve-2025-15114 | 9.3 (v4.0) 9.8 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 PIN Expo… |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:47.116Z | 2025-12-30T22:41:47.116Z |
| cve-2025-15113 | 8.5 (v4.0) 7.8 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 Remote C… |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:46.694Z | 2025-12-30T22:41:46.694Z |
| cve-2025-15112 | 5.1 (v4.0) 8 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 URL Redi… |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:46.247Z | 2025-12-30T22:41:46.247Z |
| cve-2025-15111 | 9.3 (v4.0) 7.5 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 Default … |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:45.831Z | 2025-12-30T22:41:45.831Z |
| cve-2024-58338 | 8.6 (v4.0) 9.8 (v3.1) | Anevia Flamingo XL 3.2.9 Remote Root Jailbreak via Tra… |
Ateme |
Flamingo XL |
2025-12-30T22:41:45.411Z | 2025-12-30T22:41:45.411Z |
| cve-2024-58337 | 8.7 (v4.0) 7.5 (v3.1) | Akuvox Smart Intercom S539 Improper Access Control via… |
The Akuvox Company |
Akuvox Smart Doorphone |
2025-12-30T22:41:44.989Z | 2025-12-30T22:41:44.989Z |
| cve-2024-58336 | 8.7 (v4.0) 9.8 (v3.1) | Akuvox Smart Intercom S539 Unauthenticated Video Strea… |
The Akuvox Company |
Akuvox Smart Doorphone |
2025-12-30T22:41:44.569Z | 2025-12-30T22:41:44.569Z |
| cve-2024-58315 | 8.5 (v4.0) 8.4 (v3.1) | Tosibox Key Service 3.3.0 Local Privilege Escalation v… |
Tosibox Oy |
Tosibox Key Service |
2025-12-30T22:41:44.147Z | 2025-12-30T22:41:44.147Z |
| cve-2023-54327 | 9.3 (v4.0) 7.5 (v3.1) | Tinycontrol LAN Controller 1.58a Authentication Bypass… |
Tinycontrol |
LAN Controller |
2025-12-30T22:41:43.728Z | 2025-12-30T22:41:43.728Z |
| cve-2023-54163 | 8.8 (v4.0) 8.2 (v3.1) | NLB mKlik Macedonia 3.3.12 SQL Injection via Internati… |
NLB Banka AD Skopje |
NLB mKlik Makedonija |
2025-12-30T22:41:43.245Z | 2025-12-30T22:41:43.245Z |
| cve-2023-53983 | 9.3 (v4.0) 7.5 (v3.1) | Anevia Flamingo XL/XS 3.6.20 Default Credentials Authe… |
Ateme |
Anevia Flamingo XL/XS |
2025-12-30T22:41:42.839Z | 2025-12-30T22:41:42.839Z |
| cve-2022-50804 | 5.1 (v4.0) 6.5 (v3.1) | JM-DATA ONU JF511-TV 1.0.67 Cross-Site Request Forgery… |
JM-DATA ONU |
JF511-TV |
2025-12-30T22:41:42.422Z | 2025-12-30T22:41:42.422Z |
| cve-2022-50803 | 9.3 (v4.0) 9.8 (v3.1) | JM-DATA ONU JF511-TV 1.0.67 Default Credentials Vulner… |
JM-DATA ONU |
JF511-TV |
2025-12-30T22:41:41.999Z | 2025-12-30T22:41:41.999Z |
| cve-2022-50801 | 5.1 (v4.0) 4.3 (v3.1) | JM-DATA ONU JF511-TV 1.0.67 Authenticated Stored Cross… |
JM-DATA ONU |
JF511-TV |
2025-12-30T22:41:41.205Z | 2025-12-30T22:41:41.205Z |
| cve-2022-50800 | 6.9 (v4.0) 7.5 (v3.1) | H3C SSL VPN n/a Username Enumeration via Login Script … |
Hangzhou H3C Technologies |
H3C SSL VPN |
2025-12-30T22:41:40.801Z | 2025-12-30T22:41:40.801Z |
| cve-2022-50799 | 7.1 (v4.0) 7.5 (v3.1) | Fetch Softworks Fetch FTP Client 5.8.2 Remote CPU Cons… |
Fetch Softworks |
Fetch Softworks Fetch FTP Client |
2025-12-30T22:41:40.340Z | 2025-12-30T22:41:40.340Z |
| cve-2022-50798 | 6.7 (v4.0) 7.5 (v3.1) | SoX 14.4.2 Denial of Service Vulnerability via WAV Fil… |
Chris Bagwell |
SoX |
2025-12-30T22:41:39.913Z | 2025-12-30T22:41:39.913Z |
| cve-2022-50796 | 9.3 (v4.0) 7.5 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Re… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:39.503Z | 2025-12-30T22:41:39.503Z |
| cve-2022-50795 | 8.5 (v4.0) 8.4 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Comman… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:39.100Z | 2025-12-30T22:41:39.100Z |
| cve-2022-50794 | 9.3 (v4.0) 9.8 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Co… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:38.681Z | 2025-12-30T22:41:38.681Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-15374 | EyouCMS Ask Module Ask.php cross site scripting |
n/a |
EyouCMS |
2025-12-31T04:32:08.144Z | 2025-12-31T04:32:08.144Z | |
| cve-2025-15373 | EyouCMS function.php saveRemote server-side request forgery |
n/a |
EyouCMS |
2025-12-31T04:02:08.912Z | 2025-12-31T04:02:08.912Z | |
| cve-2025-15372 | youlaitech vue3-element-admin Notice index.vue cross s… |
youlaitech |
vue3-element-admin |
2025-12-31T02:02:06.787Z | 2025-12-31T02:02:06.787Z | |
| cve-2025-15223 | Philipinho Simple-PHP-Blog login.php cross site scripting |
Philipinho |
Simple-PHP-Blog |
2025-12-31T02:32:09.788Z | 2025-12-31T03:00:30.523Z | |
| cve-2025-68131 | CBORDecoder reuse can leak shareable values across dec… |
agronholm |
cbor2 |
2025-12-31T01:15:36.827Z | 2025-12-31T01:15:36.827Z | |
| cve-2025-15371 | Tenda i24 Shadow File hard-coded credentials |
Tenda |
i24 |
2025-12-31T01:02:06.989Z | 2025-12-31T01:02:06.989Z | |
| cve-2025-11964 | 1.9 (v3.1) | OOBW in utf_16le_to_utf_8_truncated() in libpcap |
The Tcpdump Group |
libpcap |
2025-12-31T00:58:19.026Z | 2025-12-31T00:58:19.026Z |
| cve-2025-11961 | 1.9 (v3.1) | OOBR and OOBW in pcap_ether_aton() in libpcap |
The Tcpdump Group |
libpcap |
2025-12-31T00:56:16.310Z | 2025-12-31T00:56:16.310Z |
| cve-2025-62753 | 7.5 (v3.1) | WordPress MAS Videos plugin <= 1.3.2 - Local File Incl… |
MadrasThemes |
MAS Videos |
2025-12-30T22:37:03.420Z | 2025-12-31T17:51:10.306Z |
| cve-2025-59131 | 7.1 (v3.1) | WordPress WP-CalDav2ICS plugin <= 1.3.4 - Cross Site R… |
Hoernerfranz |
WP-CalDav2ICS |
2025-12-30T22:55:32.248Z | 2025-12-31T17:51:04.587Z |
| cve-2025-15114 | 9.3 (v4.0) 9.8 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 PIN Expo… |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:47.116Z | 2025-12-30T22:41:47.116Z |
| cve-2025-15113 | 8.5 (v4.0) 7.8 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 Remote C… |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:46.694Z | 2025-12-30T22:41:46.694Z |
| cve-2025-15112 | 5.1 (v4.0) 8 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 URL Redi… |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:46.247Z | 2025-12-30T22:41:46.247Z |
| cve-2025-15111 | 9.3 (v4.0) 7.5 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 Default … |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:45.831Z | 2025-12-30T22:41:45.831Z |
| cve-2024-58338 | 8.6 (v4.0) 9.8 (v3.1) | Anevia Flamingo XL 3.2.9 Remote Root Jailbreak via Tra… |
Ateme |
Flamingo XL |
2025-12-30T22:41:45.411Z | 2025-12-30T22:41:45.411Z |
| cve-2024-58337 | 8.7 (v4.0) 7.5 (v3.1) | Akuvox Smart Intercom S539 Improper Access Control via… |
The Akuvox Company |
Akuvox Smart Doorphone |
2025-12-30T22:41:44.989Z | 2025-12-30T22:41:44.989Z |
| cve-2024-58336 | 8.7 (v4.0) 9.8 (v3.1) | Akuvox Smart Intercom S539 Unauthenticated Video Strea… |
The Akuvox Company |
Akuvox Smart Doorphone |
2025-12-30T22:41:44.569Z | 2025-12-30T22:41:44.569Z |
| cve-2024-58315 | 8.5 (v4.0) 8.4 (v3.1) | Tosibox Key Service 3.3.0 Local Privilege Escalation v… |
Tosibox Oy |
Tosibox Key Service |
2025-12-30T22:41:44.147Z | 2025-12-30T22:41:44.147Z |
| cve-2023-54327 | 9.3 (v4.0) 7.5 (v3.1) | Tinycontrol LAN Controller 1.58a Authentication Bypass… |
Tinycontrol |
LAN Controller |
2025-12-30T22:41:43.728Z | 2025-12-30T22:41:43.728Z |
| cve-2023-54163 | 8.8 (v4.0) 8.2 (v3.1) | NLB mKlik Macedonia 3.3.12 SQL Injection via Internati… |
NLB Banka AD Skopje |
NLB mKlik Makedonija |
2025-12-30T22:41:43.245Z | 2025-12-30T22:41:43.245Z |
| cve-2023-53983 | 9.3 (v4.0) 7.5 (v3.1) | Anevia Flamingo XL/XS 3.6.20 Default Credentials Authe… |
Ateme |
Anevia Flamingo XL/XS |
2025-12-30T22:41:42.839Z | 2025-12-30T22:41:42.839Z |
| cve-2022-50804 | 5.1 (v4.0) 6.5 (v3.1) | JM-DATA ONU JF511-TV 1.0.67 Cross-Site Request Forgery… |
JM-DATA ONU |
JF511-TV |
2025-12-30T22:41:42.422Z | 2025-12-30T22:41:42.422Z |
| cve-2022-50803 | 9.3 (v4.0) 9.8 (v3.1) | JM-DATA ONU JF511-TV 1.0.67 Default Credentials Vulner… |
JM-DATA ONU |
JF511-TV |
2025-12-30T22:41:41.999Z | 2025-12-30T22:41:41.999Z |
| cve-2022-50802 | 5.1 (v4.0) 6.1 (v3.1) | ETAP Safety Manager 1.0.0.32 Unauthenticated Reflected… |
ETAP Lighting International NV |
ETAP Safety Manager |
2025-12-30T22:42:57.655Z | 2025-12-30T22:42:57.655Z |
| cve-2022-50801 | 5.1 (v4.0) 4.3 (v3.1) | JM-DATA ONU JF511-TV 1.0.67 Authenticated Stored Cross… |
JM-DATA ONU |
JF511-TV |
2025-12-30T22:41:41.205Z | 2025-12-30T22:41:41.205Z |
| cve-2022-50800 | 6.9 (v4.0) 7.5 (v3.1) | H3C SSL VPN n/a Username Enumeration via Login Script … |
Hangzhou H3C Technologies |
H3C SSL VPN |
2025-12-30T22:41:40.801Z | 2025-12-30T22:41:40.801Z |
| cve-2022-50799 | 7.1 (v4.0) 7.5 (v3.1) | Fetch Softworks Fetch FTP Client 5.8.2 Remote CPU Cons… |
Fetch Softworks |
Fetch Softworks Fetch FTP Client |
2025-12-30T22:41:40.340Z | 2025-12-30T22:41:40.340Z |
| cve-2022-50798 | 6.7 (v4.0) 7.5 (v3.1) | SoX 14.4.2 Denial of Service Vulnerability via WAV Fil… |
Chris Bagwell |
SoX |
2025-12-30T22:41:39.913Z | 2025-12-30T22:41:39.913Z |
| cve-2022-50796 | 9.3 (v4.0) 7.5 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Re… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:39.503Z | 2025-12-30T22:41:39.503Z |
| cve-2022-50795 | 8.5 (v4.0) 8.4 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Comman… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:39.100Z | 2025-12-30T22:41:39.100Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192835 | Malicious code in node-calculator-8f0c (npm) | 2025-12-23T08:22:05Z | 2025-12-23T08:22:05Z |
| mal-2025-192834 | Malicious code in node-calculator-7b82 (npm) | 2025-12-23T08:22:04Z | 2025-12-23T08:22:04Z |
| mal-2025-192833 | Malicious code in node-calculator-78c0 (npm) | 2025-12-23T08:22:03Z | 2025-12-23T08:22:03Z |
| mal-2025-192832 | Malicious code in node-calculator-73dd (npm) | 2025-12-23T08:22:02Z | 2025-12-23T08:22:02Z |
| mal-2025-192831 | Malicious code in node-calculator-603e (npm) | 2025-12-23T08:22:01Z | 2025-12-23T08:22:01Z |
| mal-2025-192830 | Malicious code in node-calculator-5b8f (npm) | 2025-12-23T08:22:00Z | 2025-12-23T08:22:00Z |
| mal-2025-192829 | Malicious code in node-calculator-40ed (npm) | 2025-12-23T08:21:52Z | 2025-12-23T08:21:52Z |
| mal-2025-192828 | Malicious code in node-calculator-2eb4 (npm) | 2025-12-23T08:21:51Z | 2025-12-23T08:21:51Z |
| mal-2025-192827 | Malicious code in node-calculator-290c (npm) | 2025-12-23T08:21:50Z | 2025-12-23T08:21:50Z |
| mal-2025-192826 | Malicious code in node-calculator-190a (npm) | 2025-12-23T08:21:50Z | 2025-12-23T08:21:50Z |
| mal-2025-192825 | Malicious code in no-use-extend-native (npm) | 2025-12-23T08:21:48Z | 2025-12-23T08:21:48Z |
| mal-2025-192824 | Malicious code in no-unsanitized (npm) | 2025-12-23T08:21:47Z | 2025-12-23T08:21:47Z |
| mal-2025-192823 | Malicious code in nintendo-test (npm) | 2025-12-23T08:21:45Z | 2025-12-23T08:21:45Z |
| mal-2025-192822 | Malicious code in ke-moma2 (npm) | 2025-12-23T08:18:31Z | 2025-12-23T08:18:31Z |
| mal-2025-192821 | Malicious code in ke-moma (npm) | 2025-12-23T08:18:30Z | 2025-12-23T08:18:30Z |
| mal-2025-192820 | Malicious code in karem6 (npm) | 2025-12-23T08:18:30Z | 2025-12-23T08:18:30Z |
| mal-2025-192819 | Malicious code in jz-user-js-bridge (npm) | 2025-12-23T08:18:20Z | 2025-12-23T08:18:20Z |
| mal-2025-192818 | Malicious code in jz-ui-user (npm) | 2025-12-23T08:18:20Z | 2025-12-23T08:18:20Z |
| mal-2025-192817 | Malicious code in jz-native-js-bridge (npm) | 2025-12-23T08:18:18Z | 2025-12-23T08:18:18Z |
| mal-2025-192816 | Malicious code in jsxswap (npm) | 2025-12-23T08:18:15Z | 2025-12-23T08:18:15Z |
| mal-2025-192815 | Malicious code in jstoauto (npm) | 2025-12-23T08:18:15Z | 2025-12-23T08:18:15Z |
| mal-2025-192814 | Malicious code in jsswapper (npm) | 2025-12-23T08:18:14Z | 2025-12-23T08:18:14Z |
| mal-2025-192813 | Malicious code in jsonupon (npm) | 2025-12-23T08:18:01Z | 2025-12-23T08:18:01Z |
| mal-2025-192812 | Malicious code in jsonrecap (npm) | 2025-12-23T08:18:00Z | 2025-12-23T08:18:00Z |
| mal-2025-192811 | Malicious code in jsonauto (npm) | 2025-12-23T08:18:00Z | 2025-12-23T08:18:00Z |
| mal-2025-192810 | Malicious code in jsonauthcap (npm) | 2025-12-23T08:17:59Z | 2025-12-23T08:17:59Z |
| mal-2025-192809 | Malicious code in jsonauth (npm) | 2025-12-23T08:17:51Z | 2025-12-23T08:17:51Z |
| mal-2025-192808 | Malicious code in jsonapptoken (npm) | 2025-12-23T08:17:50Z | 2025-12-23T08:17:50Z |
| mal-2025-192807 | Malicious code in json-panels (npm) | 2025-12-23T08:17:48Z | 2025-12-24T00:53:18Z |
| mal-2025-192806 | Malicious code in jest-formatting (npm) | 2025-12-23T08:17:34Z | 2025-12-24T00:53:17Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-1988 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-09-07T22:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-1976 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-09-04T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-1974 | Podman: Schwachstelle ermöglicht Manipulation von Dateien | 2025-09-04T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-1965 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2025-09-03T22:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-1962 | Google Cloud Platform Looker Studio: Mehrere Schwachstellen | 2025-09-03T22:00:00.000+00:00 | 2025-11-10T23:00:00.000+00:00 |
| wid-sec-w-2025-1954 | Drupal: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-09-03T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-1948 | libxml2 (exsltDynMapFunction): Schwachstelle ermöglicht Denial of Service | 2025-09-02T22:00:00.000+00:00 | 2025-12-29T23:00:00.000+00:00 |
| wid-sec-w-2025-1946 | Google Chrome/Microsoft Edge: Mehrere Schwachstellen | 2025-09-02T22:00:00.000+00:00 | 2025-11-16T23:00:00.000+00:00 |
| wid-sec-w-2025-1933 | Linux Kernel: Eine Schwachstelle ermöglicht einen Denial of Service | 2025-08-31T22:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-1928 | Linux UDisks Daemon: Schwachstelle ermöglicht Privilegieneskalation | 2025-08-28T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-1925 | Hashicorp Vault: Schwachstelle ermöglicht Denial of Service | 2025-08-28T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1921 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2025-08-27T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-1914 | Linux Kernel: Schwachstelle ermöglicht Codeausführung | 2025-08-26T22:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-1913 | Google Chrome und Microsoft Edge: Schwachstelle ermöglicht Codeausführung | 2025-08-26T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-1898 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-08-24T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1883 | Apache Tika: Schwachstelle ermöglicht Infogewinn oder Manipulation | 2025-08-20T22:00:00.000+00:00 | 2025-12-04T23:00:00.000+00:00 |
| wid-sec-w-2025-1870 | Keycloak: Schwachstelle ermöglicht Versand beliebiger E-Mails | 2025-08-19T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1869 | Linux Kernel: Mehrere Schwachstellen | 2025-08-19T22:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-1866 | Mozilla Firefox und Thunderbird: Mehrere Schwachstellen | 2025-08-19T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1864 | Google Chrome und Microsoft Edge: Schwachstelle ermöglicht Codeausführung | 2025-08-19T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-1863 | libTIFF: Schwachstelle ermöglicht Denial of Service | 2025-08-19T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-1862 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2025-08-18T22:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-1858 | Linux Kernel: Mehrere Schwachstellen | 2025-08-17T22:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-1850 | Xerox FreeFlow Print Server: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2025-08-14T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1847 | libTIFF: Schwachstelle ermöglicht Denial of Service | 2025-08-14T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-1833 | IBM WebSphere Application Server: Schwachstelle ermöglicht Denial of Service | 2025-08-13T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1830 | http/2 Implementierungen: Schwachstelle ermöglicht Denial of Service | 2025-08-13T22:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-1828 | PAM (linux-pam package): Schwachstelle ermöglicht Erlangen von Administratorrechten | 2025-08-13T22:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-1822 | Ruby on Rails: Mehrere Schwachstellen | 2025-08-13T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1812 | Google Chrome und Microsoft Edge: Mehrere Schwachstellen ermöglichen Codeausführung | 2025-08-12T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-637483 | SSA-637483 Third-Party Component Vulnerabilities in SINEC INS before V1.0 SP2 | 2022-09-13T00:00:00Z | 2022-09-13T00:00:00Z |
| ssa-518824 | SSA-518824 Multiple File Parsing Vulnerabilities in Simcenter Femap and Parasolid | 2022-09-13T00:00:00Z | 2022-09-13T00:00:00Z |
| ssa-759952 | SSA-759952: Command Injection and Denial of Service Vulnerability in Teamcenter | 2022-08-09T00:00:00Z | 2022-08-09T00:00:00Z |
| ssa-710008 | SSA-710008: Multiple Web Vulnerabilities in SCALANCE Products | 2022-08-09T00:00:00Z | 2023-10-10T00:00:00Z |
| ssa-185638 | SSA-185638: Authentication Bypass Vulnerability in SICAM A8000 Web Server Module | 2022-08-09T00:00:00Z | 2022-08-09T00:00:00Z |
| ssa-944952 | SSA-944952: Authentication Bypass Vulnerability in Opcenter Quality | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-910883 | SSA-910883: DHCP Client Vulnerability in SINAMICS PERFECT HARMONY GH180 Drives | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-865333 | SSA-865333: Memory Corruption Vulnerability in EN100 Ethernet Module | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-610768 | SSA-610768: XML Entity Expansion Injection Vulnerability in Mendix Excel Importer Module | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-599506 | SSA-599506: Command Injection Vulnerability in RUGGEDCOM ROX | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-580125 | SSA-580125: Multiple Vulnerabilities in SIMATIC eaSie | 2022-07-12T00:00:00Z | 2022-08-09T00:00:00Z |
| ssa-492173 | SSA-492173: Expression Injection Vulnerability in Mendix Applications | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-491621 | SSA-491621: Denial of Service Vulnerability in CPC80 Firmware of SICAM A8000 Devices | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-474231 | SSA-474231: File Parsing Vulnerability in Simcenter Femap before V2022.2 | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-439148 | SSA-439148: File Parsing Vulnerabilities in PADS Standard/Plus Viewer | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-433782 | SSA-433782: Improper Access Control Vulnerability in Mendix | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-348662 | SSA-348662: Multiple Vulnerabilities in SIMATIC MV500 Devices before V3.3 | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-243317 | SSA-243317 File Parsing Vulnerability in Simcenter Femap and Parasolid | 2022-07-12T00:00:00Z | 2022-09-13T00:00:00Z |
| ssa-225578 | SSA-225578: Improper Access Control Vulnerability in SICAM GridEdge Before V2.7.3 | 2022-07-12T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-111512 | SSA-111512: Client-side Authentication in SIMATIC WinCC OA | 2022-06-21T00:00:00Z | 2022-06-21T00:00:00Z |
| ssa-988345 | SSA-988345: Local Privilege Escalation Vulnerability in Xpedition Designer | 2022-06-14T00:00:00Z | 2023-06-13T00:00:00Z |
| ssa-911567 | SSA-911567: Missing HTTP headers in SINEMA Remote Connect Server before V3.0 SP2 | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-740594 | SSA-740594: Privilege Escalation Vulnerability in Mendix SAML Module | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-693555 | SSA-693555: Memory Corruption Vulnerability in EN100 Ethernet Module | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-631336 | SSA-631336: Multiple Web Server Vulnerabilities in SICAM GridEdge Before V2.6.6 | 2022-06-14T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-401167 | SSA-401167: Cross-site scripting Vulnerability in Teamcenter Active Workspace | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-388239 | SSA-388239: Default Password Leakage affecting the Component Shared HIS used in Spectrum Power Systems | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-330556 | SSA-330556: PwnKit Vulnerability in SCALANCE LPE9403 and SINUMERIK Edge Products (CVE-2021-4034) | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-222547 | SSA-222547: Third-Party Component Vulnerabilities in SCALANCE LPE9403 before V2.0 | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-220589 | SSA-220589: Hard Coded Default Credential Vulnerability in Teamcenter | 2022-06-14T00:00:00Z | 2022-08-09T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:21030 | Red Hat Security Advisory: expat security update | 2025-11-11T19:57:21+00:00 | 2025-11-27T17:36:54+00:00 |
| rhsa-2025:21035 | Red Hat Security Advisory: xorg-x11-server-Xwayland security update | 2025-11-11T19:57:01+00:00 | 2025-11-26T09:24:56+00:00 |
| rhsa-2025:21037 | Red Hat Security Advisory: qt6-qtsvg security update | 2025-11-11T19:56:51+00:00 | 2025-11-27T17:37:49+00:00 |
| rhsa-2025:21032 | Red Hat Security Advisory: libsoup3 security update | 2025-11-11T19:55:06+00:00 | 2025-11-27T17:37:03+00:00 |
| rhsa-2025:21036 | Red Hat Security Advisory: pcs security update | 2025-11-11T19:52:06+00:00 | 2025-11-21T19:31:10+00:00 |
| rhsa-2025:21006 | Red Hat Security Advisory: kea security update | 2025-11-11T19:31:51+00:00 | 2025-11-21T19:31:06+00:00 |
| rhsa-2025:21020 | Red Hat Security Advisory: sssd security update | 2025-11-11T19:30:56+00:00 | 2025-11-27T17:37:40+00:00 |
| rhsa-2025:21013 | Red Hat Security Advisory: libssh security update | 2025-11-11T19:29:32+00:00 | 2025-11-27T17:36:22+00:00 |
| rhsa-2025:20994 | Red Hat Security Advisory: ipa security update | 2025-11-11T19:22:56+00:00 | 2025-11-21T19:31:05+00:00 |
| rhsa-2025:21015 | Red Hat Security Advisory: vim security update | 2025-11-11T19:22:33+00:00 | 2025-11-24T21:04:33+00:00 |
| rhsa-2025:20998 | Red Hat Security Advisory: libtiff security update | 2025-11-11T19:21:21+00:00 | 2025-11-27T17:36:27+00:00 |
| rhba-2025:20993 | Red Hat Bug Fix Advisory: .NET 10.0 bug fix and enhancement update | 2025-11-11T19:19:40+00:00 | 2025-11-27T11:15:40+00:00 |
| rhsa-2025:20983 | Red Hat Security Advisory: podman security update | 2025-11-11T19:19:32+00:00 | 2025-11-26T15:51:10+00:00 |
| rhsa-2025:21002 | Red Hat Security Advisory: squid security update | 2025-11-11T19:17:56+00:00 | 2025-11-21T19:31:06+00:00 |
| rhsa-2025:20954 | Red Hat Security Advisory: sssd security update | 2025-11-11T15:28:09+00:00 | 2025-11-27T17:37:06+00:00 |
| rhsa-2025:20961 | Red Hat Security Advisory: xorg-x11-server security update | 2025-11-11T15:10:03+00:00 | 2025-11-26T09:25:04+00:00 |
| rhsa-2025:20960 | Red Hat Security Advisory: xorg-x11-server-Xwayland security update | 2025-11-11T15:09:24+00:00 | 2025-11-26T09:24:57+00:00 |
| rhsa-2025:20956 | Red Hat Security Advisory: libtiff security update | 2025-11-11T15:08:53+00:00 | 2025-11-27T17:37:40+00:00 |
| rhsa-2025:20958 | Red Hat Security Advisory: tigervnc security update | 2025-11-11T15:07:34+00:00 | 2025-11-26T09:24:55+00:00 |
| rhsa-2025:20955 | Red Hat Security Advisory: redis:7 security update | 2025-11-11T15:07:28+00:00 | 2025-11-28T11:33:05+00:00 |
| rhsa-2025:20957 | Red Hat Security Advisory: runc security update | 2025-11-11T15:07:24+00:00 | 2025-11-27T17:37:53+00:00 |
| rhsa-2025:20959 | Red Hat Security Advisory: libsoup security update | 2025-11-11T15:07:23+00:00 | 2025-11-25T10:22:23+00:00 |
| rhsa-2025:20963 | Red Hat Security Advisory: qt5-qt3d security update | 2025-11-11T15:06:58+00:00 | 2025-11-21T19:31:04+00:00 |
| rhsa-2025:20962 | Red Hat Security Advisory: pcs security update | 2025-11-11T15:05:08+00:00 | 2025-11-21T19:31:02+00:00 |
| rhsa-2025:20945 | Red Hat Security Advisory: vim security update | 2025-11-11T14:14:42+00:00 | 2025-11-24T21:04:31+00:00 |
| rhsa-2025:20943 | Red Hat Security Advisory: libssh security update | 2025-11-11T14:12:42+00:00 | 2025-11-27T17:36:25+00:00 |
| rhba-2025:20916 | Red Hat Bug Fix Advisory: .NET 10.0 bug fix and enhancement update | 2025-11-11T14:10:19+00:00 | 2025-11-27T11:15:34+00:00 |
| rhsa-2025:20936 | Red Hat Security Advisory: sqlite security update | 2025-11-11T14:06:37+00:00 | 2025-11-24T21:04:31+00:00 |
| rhsa-2025:20928 | Red Hat Security Advisory: ipa security update | 2025-11-11T14:05:57+00:00 | 2025-11-21T19:30:56+00:00 |
| rhsa-2025:20935 | Red Hat Security Advisory: squid security update | 2025-11-11T14:05:53+00:00 | 2025-11-21T19:30:57+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-40355 | sysfs: check visibility before changing group attribute ownership | 2025-12-02T00:00:00.000Z | 2025-12-17T01:03:54.000Z |
| msrc_cve-2025-40354 | drm/amd/display: increase max link count and fix link->enc NULL pointer access | 2025-12-02T00:00:00.000Z | 2025-12-17T01:02:41.000Z |
| msrc_cve-2025-40353 | arm64: mte: Do not warn if the page is already tagged in copy_highpage() | 2025-12-02T00:00:00.000Z | 2025-12-17T01:03:28.000Z |
| msrc_cve-2025-40345 | usb: storage: sddr55: Reject out-of-bound new_pba | 2025-12-02T00:00:00.000Z | 2025-12-16T01:37:53.000Z |
| msrc_cve-2025-40343 | nvmet-fc: avoid scheduling association deletion twice | 2025-12-02T00:00:00.000Z | 2025-12-16T14:40:15.000Z |
| msrc_cve-2025-40342 | nvme-fc: use lock accessing port_state and rport state | 2025-12-02T00:00:00.000Z | 2025-12-16T14:40:34.000Z |
| msrc_cve-2025-40341 | futex: Don't leak robust_list pointer on exec race | 2025-12-02T00:00:00.000Z | 2025-12-16T14:40:09.000Z |
| msrc_cve-2025-40340 | drm/xe: Fix oops in xe_gem_fault when running core_hotunplug test. | 2025-12-02T00:00:00.000Z | 2025-12-10T01:02:33.000Z |
| msrc_cve-2025-40339 | drm/amdgpu: fix nullptr err of vm_handle_moved | 2025-12-02T00:00:00.000Z | 2025-12-10T01:01:52.000Z |
| msrc_cve-2025-40338 | ASoC: Intel: avs: Do not share the name pointer between components | 2025-12-02T00:00:00.000Z | 2025-12-11T01:36:32.000Z |
| msrc_cve-2025-40337 | net: stmmac: Correctly handle Rx checksum offload errors | 2025-12-02T00:00:00.000Z | 2025-12-16T14:40:54.000Z |
| msrc_cve-2025-40336 | drm/gpusvm: fix hmm_pfn_to_map_order() usage | 2025-12-02T00:00:00.000Z | 2025-12-11T01:36:26.000Z |
| msrc_cve-2025-40335 | drm/amdgpu: validate userq input args | 2025-12-02T00:00:00.000Z | 2025-12-10T01:01:46.000Z |
| msrc_cve-2025-40334 | drm/amdgpu: validate userq buffer virtual address and size | 2025-12-02T00:00:00.000Z | 2025-12-11T01:36:37.000Z |
| msrc_cve-2025-40333 | f2fs: fix infinite loop in __insert_extent_tree() | 2025-12-02T00:00:00.000Z | 2025-12-16T14:40:47.000Z |
| msrc_cve-2025-40332 | drm/amdkfd: Fix mmap write lock not release | 2025-12-02T00:00:00.000Z | 2025-12-10T01:02:09.000Z |
| msrc_cve-2025-40331 | sctp: Prevent TOCTOU out-of-bounds write | 2025-12-02T00:00:00.000Z | 2025-12-16T14:40:22.000Z |
| msrc_cve-2025-40329 | drm/sched: Fix deadlock in drm_sched_entity_kill_jobs_cb | 2025-12-02T00:00:00.000Z | 2025-12-16T14:40:41.000Z |
| msrc_cve-2025-40328 | smb: client: fix potential UAF in smb2_close_cached_fid() | 2025-12-02T00:00:00.000Z | 2025-12-16T14:40:28.000Z |
| msrc_cve-2025-40324 | NFSD: Fix crash in nfsd4_read_release() | 2025-12-02T00:00:00.000Z | 2025-12-16T14:40:02.000Z |
| msrc_cve-2025-40323 | fbcon: Set fb_display[i]->mode to NULL when the mode is released | 2025-12-02T00:00:00.000Z | 2025-12-16T14:39:30.000Z |
| msrc_cve-2025-40322 | fbdev: bitblit: bound-check glyph index in bit_putcs* | 2025-12-02T00:00:00.000Z | 2025-12-16T14:39:43.000Z |
| msrc_cve-2025-40321 | wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode | 2025-12-02T00:00:00.000Z | 2025-12-16T14:38:58.000Z |
| msrc_cve-2025-40319 | bpf: Sync pending IRQ work before freeing ring buffer | 2025-12-02T00:00:00.000Z | 2025-12-16T14:38:51.000Z |
| msrc_cve-2025-40317 | regmap: slimbus: fix bus_context pointer in regmap init calls | 2025-12-02T00:00:00.000Z | 2025-12-09T01:02:25.000Z |
| msrc_cve-2025-40315 | usb: gadget: f_fs: Fix epfile null pointer access after ep enable. | 2025-12-02T00:00:00.000Z | 2025-12-09T01:02:15.000Z |
| msrc_cve-2025-40314 | usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget | 2025-12-02T00:00:00.000Z | 2025-12-09T01:02:20.000Z |
| msrc_cve-2025-40313 | ntfs3: pretend $Extend records as regular files | 2025-12-02T00:00:00.000Z | 2025-12-09T01:02:47.000Z |
| msrc_cve-2025-40312 | jfs: Verify inode mode when loading from disk | 2025-12-02T00:00:00.000Z | 2025-12-09T01:02:09.000Z |
| msrc_cve-2025-40311 | accel/habanalabs: support mapping cb with vmalloc-backed coherent memory | 2025-12-02T00:00:00.000Z | 2025-12-16T14:39:36.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2024-000113 | N-LINE vulnerable to HTML injection | 2024-10-18T14:48+09:00 | 2024-10-25T16:48+09:00 |
| jvndb-2024-000112 | MUSASI version 3 performing authentication on client-side | 2024-10-18T14:40+09:00 | 2024-10-25T16:55+09:00 |
| jvndb-2024-000111 | SHIRASAGI vulnerable to path traversal | 2024-10-16T14:12+09:00 | 2024-10-23T17:35+09:00 |
| jvndb-2024-000110 | Multiple vulnerabilities in Exment | 2024-10-11T14:13+09:00 | 2024-10-11T14:13+09:00 |
| jvndb-2024-000109 | baserCMS plugin "BurgerEditor" vulnerable to directory listing | 2024-10-10T14:57+09:00 | 2024-11-06T14:45+09:00 |
| jvndb-2024-009667 | Multiple vulnerabilities in JTEKT ELECTRONICS Kostac PLC Programming Software | 2024-10-03T13:42+09:00 | 2024-10-03T13:42+09:00 |
| jvndb-2024-000108 | Apache Tomcat improper handling of TLS handshake process data | 2024-10-01T17:51+09:00 | 2024-10-01T17:51+09:00 |
| jvndb-2024-009498 | Vulnerability in Cosminexus | 2024-10-01T16:01+09:00 | 2024-10-01T16:01+09:00 |
| jvndb-2024-009481 | Insecure initial password configuration issue in SEIKO EPSON Web Config | 2024-10-01T14:14+09:00 | 2024-11-12T10:25+09:00 |
| jvndb-2024-000107 | RevoWorks Cloud vulnerable to unintended process execution | 2024-09-30T15:17+09:00 | 2024-09-30T15:17+09:00 |
| jvndb-2024-003932 | File Permissions Vulnerability in Hitachi Ops Center Common Services | 2024-09-30T14:15+09:00 | 2024-09-30T14:15+09:00 |
| jvndb-2024-000105 | Multiple vulnerabilities in Smart-tab | 2024-09-30T14:14+09:00 | 2024-09-30T14:14+09:00 |
| jvndb-2024-009396 | SNMP service is enabled by default in Sharp NEC Display Solutions projectors | 2024-09-30T12:46+09:00 | 2024-09-30T12:46+09:00 |
| jvndb-2024-000104 | MF Teacher Performance Management System vulnerable to cross-site scripting | 2024-09-27T15:00+09:00 | 2024-10-10T11:14+09:00 |
| jvndb-2024-000103 | The installer of e-Tax software(common program) vulnerable to privilege escalation | 2024-09-24T16:12+09:00 | 2024-09-24T16:12+09:00 |
| jvndb-2024-000102 | Multiple NTT EAST Home GateWay/Hikari Denwa routers fail to restrict access permissions | 2024-09-24T16:00+09:00 | 2024-10-18T11:02+09:00 |
| jvndb-2024-000101 | Multiple vulnerabilities in PLANEX COMMUNICATIONS network devices | 2024-09-24T15:26+09:00 | 2024-09-24T15:26+09:00 |
| jvndb-2024-008391 | Multiple vulnerabilities in TAKENAKA ENGINEERING digital video recorders | 2024-09-19T14:07+09:00 | 2024-09-19T14:07+09:00 |
| jvndb-2024-000100 | Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce" | 2024-09-18T14:34+09:00 | 2024-09-18T14:34+09:00 |
| jvndb-2024-000099 | Assimp vulnerable to heap-based buffer overflow | 2024-09-18T14:20+09:00 | 2024-09-18T14:20+09:00 |
| jvndb-2020-018328 | Falsification and eavesdropping of contents across multiple websites via Web Rehosting services | 2024-09-12T12:23+09:00 | 2024-09-12T12:23+09:00 |
| jvndb-2023-027250 | Security Problem in Web Browser Permission Mechanism | 2024-09-11T18:19+09:00 | 2024-09-11T18:19+09:00 |
| jvndb-2020-018327 | Malleability attack against executables encrypted by CBC mode with no integrity check | 2024-09-11T18:19+09:00 | 2024-09-11T18:19+09:00 |
| jvndb-2024-000095 | Multiple Alps System Integration products and the OEM products vulnerable to cross-site request forgery | 2024-09-09T16:40+09:00 | 2024-09-09T16:40+09:00 |
| jvndb-2024-000096 | Pgpool-II vulnerable to information disclosure | 2024-09-09T14:58+09:00 | 2024-09-09T14:58+09:00 |
| jvndb-2024-000094 | "@cosme" App fails to restrict custom URL schemes properly | 2024-09-09T14:20+09:00 | 2024-09-09T14:20+09:00 |
| jvndb-2024-000097 | WordPress Plugin "Forminator" vulnerable to cross-site scripting | 2024-09-09T13:51+09:00 | 2024-09-09T13:51+09:00 |
| jvndb-2024-000098 | Multiple products from KINGSOFT JAPAN vulnerable to path traversal | 2024-09-06T15:07+09:00 | 2024-09-06T15:07+09:00 |
| jvndb-2024-000090 | Secure Boot bypass Vulnerability in PRIMERGY | 2024-09-06T14:39+09:00 | 2024-09-06T14:39+09:00 |
| jvndb-2024-000093 | WordPress Plugin "Advanced Custom Fields" vulnerable to cross-site scripting | 2024-09-04T13:01+09:00 | 2024-09-04T13:01+09:00 |
| ID | Description | Updated |
|---|