Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-9qhr-gr34-rmgj | A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328… | 2025-12-31T03:30:34Z | 2025-12-31T03:30:34Z |
| ghsa-53h7-g6w8-rxxc | On Windows only, if libpcap needs to convert a Windows error message to UTF-8 and the message inclu… | 2025-12-31T03:30:34Z | 2025-12-31T03:30:34Z |
| ghsa-x25x-vjrm-h7qq | pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fix… | 2025-12-31T03:30:33Z | 2025-12-31T03:30:34Z |
| ghsa-x5cr-w4x6-22r9 | Ksenia Security Lares 4.0 version 1.6 contains a URL redirection vulnerability in the 'cmdOk.xml' s… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-wm7p-2wcf-h9qh | Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to … | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-vqvm-xqhr-4h5w | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-rg8q-q5qg-28fm | Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative cre… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-mpcq-qm9f-9qfj | Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers t… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-m9w6-v3p4-qjm7 | Cross-Site Request Forgery (CSRF) vulnerability in Hoernerfranz WP-CalDav2ICS allows Stored XSS.Thi… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-jv66-87h9-r6q4 | Tosibox Key Service 3.3.0 contains an unquoted service path vulnerability that allows local non-pri… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-hcw3-qjrp-gq57 | Tinycontrol LAN Controller 1.58a contains an authentication bypass vulnerability that allows unauth… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-g772-q552-ggr6 | Ksenia Security Lares 4.0 Home Automation version 1.6 contains an unprotected endpoint vulnerabilit… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-g2pw-5fjr-fhhf | Ksenia Security Lares 4.0 Home Automation version 1.6 contains a default credentials vulnerability … | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-c56g-3hg8-4249 | Akuvox Smart Intercom S539 contains an improper access control vulnerability that allows users with… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-5xw5-83cp-4rjf | Ksenia Security Lares 4.0 Home Automation version 1.6 contains a critical security flaw that expose… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-4rhh-qhhp-cw22 | NLB mKlik Macedonia 3.3.12 contains a SQL injection vulnerability in international transfer paramet… | 2025-12-31T00:31:11Z | 2025-12-31T00:31:11Z |
| ghsa-xpmj-f96f-w324 | ETAP Safety Manager 1.0.0.32 contains a cross-site scripting vulnerability in the 'action' GET para… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-x593-jp73-3qq7 | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a command injection vulnerability that allows local au… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-r568-76cw-jx2w | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a conditional command injection vulnerability that all… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-q68f-54g3-3rc9 | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a conditional command injection vulnerability that all… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-mv53-5j69-vvj9 | JM-DATA ONU JF511-TV version 1.0.67 is vulnerable to cross-site request forgery (CSRF) attacks, all… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:11Z |
| ghsa-m8f6-rrcx-mrm3 | H3C SSL VPN contains a user enumeration vulnerability that allows attackers to identify valid usern… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-hv34-rhhr-q53f | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an unauthenticated remote code execution vulnerability… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-gxjj-79fr-px4p | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains an unauthenticated stored cross-site scripting … | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-gr6g-859c-3j6j | SoX 14.4.2 contains a division by zero vulnerability when handling WAV files that can cause program… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-gcc4-3hh2-4mcx | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated command injection v… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-cqgr-77q2-257r | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains a network vulnerability that allows unauthentic… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-cjhx-gxg4-xjm7 | Fetch FTP Client 5.8.2 contains a denial of service vulnerability that allows attackers to trigger … | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-9x83-xq9p-cxq5 | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an information disclosure vulnerability that allows un… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ghsa-7h43-qx63-fwcr | SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated file disclosure vul… | 2025-12-31T00:31:10Z | 2025-12-31T00:31:10Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2022-50796 | 9.3 (v4.0) 7.5 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Re… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:39.503Z | 2025-12-30T22:41:39.503Z |
| cve-2022-50795 | 8.5 (v4.0) 8.4 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Comman… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:39.100Z | 2025-12-30T22:41:39.100Z |
| cve-2022-50794 | 9.3 (v4.0) 9.8 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Co… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:38.681Z | 2025-12-30T22:41:38.681Z |
| cve-2022-50793 | 8.7 (v4.0) 8.8 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Authenticated Comm… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:38.291Z | 2025-12-30T22:41:38.291Z |
| cve-2022-50792 | 8.7 (v4.0) 9.8 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Fi… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:37.875Z | 2025-12-30T22:41:37.875Z |
| cve-2022-50791 | 8.5 (v4.0) 8.4 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Comman… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:37.450Z | 2025-12-30T22:41:37.450Z |
| cve-2022-50790 | 6.9 (v4.0) 9.8 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Ra… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:37.051Z | 2025-12-30T22:41:37.051Z |
| cve-2022-50789 | 8.5 (v4.0) 8.4 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Comman… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:36.629Z | 2025-12-30T22:41:36.629Z |
| cve-2022-50788 | 6.9 (v4.0) 7.5 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Information Disclo… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:36.215Z | 2025-12-30T22:41:36.215Z |
| cve-2022-50787 | 5.3 (v4.0) 7.2 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated St… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:35.798Z | 2025-12-30T22:41:35.798Z |
| cve-2022-50696 | 9.3 (v4.0) 6.5 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Hardcoded Credenti… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:35.214Z | 2025-12-30T22:41:35.214Z |
| cve-2022-50695 | 8.7 (v4.0) 9.8 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x ICMP Flood Attack … |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:34.792Z | 2025-12-30T22:41:34.792Z |
| cve-2022-50694 | 8.8 (v4.0) 8.2 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x SQL Injection via … |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:34.373Z | 2025-12-30T22:41:34.373Z |
| cve-2022-50692 | 6.9 (v4.0) 7.5 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Insufficient Sessi… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:33.949Z | 2025-12-30T22:41:33.949Z |
| cve-2022-50691 | 9.3 (v4.0) 9.8 (v3.1) | MiniDVBLinux 5.4 Remote Root Command Execution via com… |
MiniDVBLinux |
MiniDVBLinux |
2025-12-30T22:41:33.477Z | 2025-12-30T22:41:33.477Z |
| cve-2025-62753 | 7.5 (v3.1) | WordPress MAS Videos plugin <= 1.3.2 - Local File Incl… |
MadrasThemes |
MAS Videos |
2025-12-30T22:37:03.420Z | 2025-12-31T17:51:10.306Z |
| cve-2025-15360 | newbee-mall-plus Product Information Edit UploadContro… |
n/a |
newbee-mall-plus |
2025-12-30T21:32:06.648Z | 2025-12-30T22:36:37.524Z | |
| cve-2025-61594 | 2.7 (v4.0) | URI Credential Leakage Bypass over CVE-2025-27221 |
ruby |
uri |
2025-12-30T21:03:08.990Z | 2025-12-30T21:29:39.048Z |
| cve-2025-15357 | D-Link DI-7400G+ msp_info.htm command injection |
D-Link |
DI-7400G+ |
2025-12-30T21:02:08.930Z | 2025-12-30T21:30:23.077Z | |
| cve-2025-15356 | Tenda AC20 PowerSaveSet sscanf buffer overflow |
Tenda |
AC20 |
2025-12-30T20:32:08.560Z | 2025-12-30T21:31:11.375Z | |
| cve-2025-14986 | 1.3 (v4.0) | ExecuteMultiOperation Namespace Policy Bypass |
Temporal |
Temporal |
2025-12-30T20:17:47.201Z | 2025-12-30T20:17:47.201Z |
| cve-2025-14987 | 5.3 (v4.0) | Cross Namespace Commands Authorization Bypass |
Temporal |
Temporal |
2025-12-30T20:16:20.154Z | 2025-12-30T20:16:20.154Z |
| cve-2025-15354 | itsourcecode Society Management System add_admin.php s… |
itsourcecode |
Society Management System |
2025-12-30T20:02:07.091Z | 2025-12-30T21:33:06.890Z | |
| cve-2025-69261 | WasmEdge integer wrap in MemoryInstance::getSpan()'s m… |
WasmEdge |
WasmEdge |
2025-12-30T19:43:59.746Z | 2025-12-30T19:43:59.746Z | |
| cve-2025-15353 | itsourcecode Society Management System edit_admin_quer… |
itsourcecode |
Society Management System |
2025-12-30T19:32:07.432Z | 2025-12-30T19:45:12.847Z | |
| cve-2025-69210 | FacturaScripts vulnerable to Stored Cross-Site Scripti… |
NeoRazorX |
facturascripts |
2025-12-30T19:23:31.130Z | 2025-12-30T19:47:52.458Z | |
| cve-2025-69257 | theshit vulnerable to unsafe loading of user-owned Pyt… |
AsfhtgkDavid |
theshit |
2025-12-30T19:15:17.267Z | 2025-12-30T19:28:19.205Z | |
| cve-2025-69256 | serverless MCP Server vulnerable to command injection … |
serverless |
serverless |
2025-12-30T19:05:24.616Z | 2025-12-30T19:17:50.532Z | |
| cve-2025-15264 | FeehiCMS TimThumb timthumb.php server-side request forgery |
n/a |
FeehiCMS |
2025-12-30T19:02:05.997Z | 2025-12-30T19:19:34.871Z | |
| cve-2025-15263 | BiggiDroid Simple PHP CMS Admin Login login.php sql in… |
BiggiDroid |
Simple PHP CMS |
2025-12-30T18:32:09.366Z | 2025-12-30T19:20:42.260Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-15373 | EyouCMS function.php saveRemote server-side request forgery |
n/a |
EyouCMS |
2025-12-31T04:02:08.912Z | 2025-12-31T04:02:08.912Z | |
| cve-2025-15372 | youlaitech vue3-element-admin Notice index.vue cross s… |
youlaitech |
vue3-element-admin |
2025-12-31T02:02:06.787Z | 2025-12-31T02:02:06.787Z | |
| cve-2025-15223 | Philipinho Simple-PHP-Blog login.php cross site scripting |
Philipinho |
Simple-PHP-Blog |
2025-12-31T02:32:09.788Z | 2025-12-31T03:00:30.523Z | |
| cve-2025-68131 | CBORDecoder reuse can leak shareable values across dec… |
agronholm |
cbor2 |
2025-12-31T01:15:36.827Z | 2025-12-31T01:15:36.827Z | |
| cve-2025-15371 | Tenda i24 Shadow File hard-coded credentials |
Tenda |
i24 |
2025-12-31T01:02:06.989Z | 2025-12-31T01:02:06.989Z | |
| cve-2025-11964 | 1.9 (v3.1) | OOBW in utf_16le_to_utf_8_truncated() in libpcap |
The Tcpdump Group |
libpcap |
2025-12-31T00:58:19.026Z | 2025-12-31T00:58:19.026Z |
| cve-2025-11961 | 1.9 (v3.1) | OOBR and OOBW in pcap_ether_aton() in libpcap |
The Tcpdump Group |
libpcap |
2025-12-31T00:56:16.310Z | 2025-12-31T00:56:16.310Z |
| cve-2025-62753 | 7.5 (v3.1) | WordPress MAS Videos plugin <= 1.3.2 - Local File Incl… |
MadrasThemes |
MAS Videos |
2025-12-30T22:37:03.420Z | 2025-12-31T17:51:10.306Z |
| cve-2025-59131 | 7.1 (v3.1) | WordPress WP-CalDav2ICS plugin <= 1.3.4 - Cross Site R… |
Hoernerfranz |
WP-CalDav2ICS |
2025-12-30T22:55:32.248Z | 2025-12-31T17:51:04.587Z |
| cve-2025-15114 | 9.3 (v4.0) 9.8 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 PIN Expo… |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:47.116Z | 2025-12-30T22:41:47.116Z |
| cve-2025-15113 | 8.5 (v4.0) 7.8 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 Remote C… |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:46.694Z | 2025-12-30T22:41:46.694Z |
| cve-2025-15112 | 5.1 (v4.0) 8 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 URL Redi… |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:46.247Z | 2025-12-30T22:41:46.247Z |
| cve-2025-15111 | 9.3 (v4.0) 7.5 (v3.1) | Ksenia Security Lares 4.0 Home Automation 1.6 Default … |
Ksenia Security S.p.A. |
Ksenia Security Lares 4.0 Home Automation |
2025-12-30T22:41:45.831Z | 2025-12-30T22:41:45.831Z |
| cve-2024-58338 | 8.6 (v4.0) 9.8 (v3.1) | Anevia Flamingo XL 3.2.9 Remote Root Jailbreak via Tra… |
Ateme |
Flamingo XL |
2025-12-30T22:41:45.411Z | 2025-12-30T22:41:45.411Z |
| cve-2024-58337 | 8.7 (v4.0) 7.5 (v3.1) | Akuvox Smart Intercom S539 Improper Access Control via… |
The Akuvox Company |
Akuvox Smart Doorphone |
2025-12-30T22:41:44.989Z | 2025-12-30T22:41:44.989Z |
| cve-2024-58336 | 8.7 (v4.0) 9.8 (v3.1) | Akuvox Smart Intercom S539 Unauthenticated Video Strea… |
The Akuvox Company |
Akuvox Smart Doorphone |
2025-12-30T22:41:44.569Z | 2025-12-30T22:41:44.569Z |
| cve-2024-58315 | 8.5 (v4.0) 8.4 (v3.1) | Tosibox Key Service 3.3.0 Local Privilege Escalation v… |
Tosibox Oy |
Tosibox Key Service |
2025-12-30T22:41:44.147Z | 2025-12-30T22:41:44.147Z |
| cve-2023-54327 | 9.3 (v4.0) 7.5 (v3.1) | Tinycontrol LAN Controller 1.58a Authentication Bypass… |
Tinycontrol |
LAN Controller |
2025-12-30T22:41:43.728Z | 2025-12-30T22:41:43.728Z |
| cve-2023-54163 | 8.8 (v4.0) 8.2 (v3.1) | NLB mKlik Macedonia 3.3.12 SQL Injection via Internati… |
NLB Banka AD Skopje |
NLB mKlik Makedonija |
2025-12-30T22:41:43.245Z | 2025-12-30T22:41:43.245Z |
| cve-2023-53983 | 9.3 (v4.0) 7.5 (v3.1) | Anevia Flamingo XL/XS 3.6.20 Default Credentials Authe… |
Ateme |
Anevia Flamingo XL/XS |
2025-12-30T22:41:42.839Z | 2025-12-30T22:41:42.839Z |
| cve-2022-50804 | 5.1 (v4.0) 6.5 (v3.1) | JM-DATA ONU JF511-TV 1.0.67 Cross-Site Request Forgery… |
JM-DATA ONU |
JF511-TV |
2025-12-30T22:41:42.422Z | 2025-12-30T22:41:42.422Z |
| cve-2022-50803 | 9.3 (v4.0) 9.8 (v3.1) | JM-DATA ONU JF511-TV 1.0.67 Default Credentials Vulner… |
JM-DATA ONU |
JF511-TV |
2025-12-30T22:41:41.999Z | 2025-12-30T22:41:41.999Z |
| cve-2022-50802 | 5.1 (v4.0) 6.1 (v3.1) | ETAP Safety Manager 1.0.0.32 Unauthenticated Reflected… |
ETAP Lighting International NV |
ETAP Safety Manager |
2025-12-30T22:42:57.655Z | 2025-12-30T22:42:57.655Z |
| cve-2022-50801 | 5.1 (v4.0) 4.3 (v3.1) | JM-DATA ONU JF511-TV 1.0.67 Authenticated Stored Cross… |
JM-DATA ONU |
JF511-TV |
2025-12-30T22:41:41.205Z | 2025-12-30T22:41:41.205Z |
| cve-2022-50800 | 6.9 (v4.0) 7.5 (v3.1) | H3C SSL VPN n/a Username Enumeration via Login Script … |
Hangzhou H3C Technologies |
H3C SSL VPN |
2025-12-30T22:41:40.801Z | 2025-12-30T22:41:40.801Z |
| cve-2022-50799 | 7.1 (v4.0) 7.5 (v3.1) | Fetch Softworks Fetch FTP Client 5.8.2 Remote CPU Cons… |
Fetch Softworks |
Fetch Softworks Fetch FTP Client |
2025-12-30T22:41:40.340Z | 2025-12-30T22:41:40.340Z |
| cve-2022-50798 | 6.7 (v4.0) 7.5 (v3.1) | SoX 14.4.2 Denial of Service Vulnerability via WAV Fil… |
Chris Bagwell |
SoX |
2025-12-30T22:41:39.913Z | 2025-12-30T22:41:39.913Z |
| cve-2022-50796 | 9.3 (v4.0) 7.5 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Re… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:39.503Z | 2025-12-30T22:41:39.503Z |
| cve-2022-50795 | 8.5 (v4.0) 8.4 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Comman… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:39.100Z | 2025-12-30T22:41:39.100Z |
| cve-2022-50794 | 9.3 (v4.0) 9.8 (v3.1) | SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Co… |
SOUND4 Ltd. |
Impact/Pulse/First |
2025-12-30T22:41:38.681Z | 2025-12-30T22:41:38.681Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192805 | Malicious code in intuit-test (npm) | 2025-12-23T08:17:01Z | 2025-12-24T00:53:17Z |
| mal-2025-192804 | Malicious code in injectorpackage (npm) | 2025-12-23T08:16:49Z | 2025-12-24T00:53:17Z |
| mal-2025-192803 | Malicious code in init-router (npm) | 2025-12-23T08:16:47Z | 2025-12-24T00:53:17Z |
| mal-2025-192802 | Malicious code in ingka-test (npm) | 2025-12-23T08:16:45Z | 2025-12-24T00:53:17Z |
| mal-2025-192801 | Malicious code in hiro-docs (npm) | 2025-12-23T08:16:14Z | 2025-12-24T00:53:17Z |
| mal-2025-192800 | Malicious code in gibertserct8 (npm) | 2025-12-23T08:15:14Z | 2025-12-24T00:53:17Z |
| mal-2025-192799 | Malicious code in gibertserct15 (npm) | 2025-12-23T08:15:05Z | 2025-12-24T00:53:17Z |
| mal-2025-192798 | Malicious code in flagstealer (npm) | 2025-12-23T08:14:04Z | 2025-12-24T00:53:17Z |
| mal-2025-192797 | Malicious code in fe-cdnpath-transform (npm) | 2025-12-23T08:13:47Z | 2025-12-24T00:53:17Z |
| mal-2025-192796 | Malicious code in estree-util (npm) | 2025-12-23T08:12:35Z | 2025-12-24T00:53:17Z |
| mal-2025-192795 | Malicious code in elf-stats-whimsical-satchel-586 (npm) | 2025-12-23T08:11:46Z | 2025-12-24T00:53:16Z |
| mal-2025-192794 | Malicious code in elf-stats-whimsical-cocoa-613 (npm) | 2025-12-23T08:11:33Z | 2025-12-24T00:53:16Z |
| mal-2025-192793 | Malicious code in elf-stats-whimsical-cocoa-243 (npm) | 2025-12-23T08:11:32Z | 2025-12-24T00:53:16Z |
| mal-2025-192792 | Malicious code in elf-stats-velvet-sparkler-555 (npm) | 2025-12-23T08:11:31Z | 2025-12-24T00:53:16Z |
| mal-2025-192791 | Malicious code in elf-stats-velvet-bow-244 (npm) | 2025-12-23T08:11:29Z | 2025-12-24T00:53:16Z |
| mal-2025-192790 | Malicious code in elf-stats-sprucey-giftbox-118 (npm) | 2025-12-23T08:10:50Z | 2025-12-24T00:53:16Z |
| mal-2025-192789 | Malicious code in elf-stats-sprucey-cookie-492 (npm) | 2025-12-23T08:10:49Z | 2025-12-24T00:53:16Z |
| mal-2025-192788 | Malicious code in elf-stats-sparkly-train-831 (npm) | 2025-12-23T08:10:48Z | 2025-12-24T00:53:16Z |
| mal-2025-192787 | Malicious code in elf-stats-sparkly-toolkit-703 (npm) | 2025-12-23T08:10:46Z | 2025-12-24T00:53:16Z |
| mal-2025-192786 | Malicious code in elf-stats-sparkly-sled-484 (npm) | 2025-12-23T08:10:45Z | 2025-12-24T00:53:16Z |
| mal-2025-192785 | Malicious code in elf-stats-sleighing-hammer-902 (npm) | 2025-12-23T08:10:05Z | 2025-12-24T00:53:16Z |
| mal-2025-192784 | Malicious code in elf-stats-silvered-toolkit-914 (npm) | 2025-12-23T08:10:02Z | 2025-12-24T00:53:16Z |
| mal-2025-192783 | Malicious code in elf-stats-silvered-bow-679 (npm) | 2025-12-23T08:09:51Z | 2025-12-24T00:53:16Z |
| mal-2025-192782 | Malicious code in elf-stats-shimmering-fir-491 (npm) | 2025-12-23T08:09:49Z | 2025-12-24T00:53:16Z |
| mal-2025-192781 | Malicious code in elf-stats-rooftop-pinecone-887 (npm) | 2025-12-23T08:09:47Z | 2025-12-24T00:53:16Z |
| mal-2025-192780 | Malicious code in elf-stats-rooftop-mitten-324 (npm) | 2025-12-23T08:09:46Z | 2025-12-24T00:53:16Z |
| mal-2025-192779 | Malicious code in elf-stats-piney-train-884 (npm) | 2025-12-23T08:09:34Z | 2025-12-24T00:53:16Z |
| mal-2025-192778 | Malicious code in elf-stats-nutmeg-fir-716 (npm) | 2025-12-23T08:09:29Z | 2025-12-24T00:53:16Z |
| mal-2025-192777 | Malicious code in elf-stats-mistletoe-muffin-976 (npm) | 2025-12-23T08:09:15Z | 2025-12-24T00:53:16Z |
| mal-2025-192776 | Malicious code in elf-stats-mistletoe-cookie-256 (npm) | 2025-12-23T08:09:14Z | 2025-12-24T00:53:16Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-1810 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2025-08-12T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-1807 | IBM WebSphere Application Server Liberty: Mehrere Schwachstellen | 2025-08-12T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1785 | Intel Prozessoren: Mehrere Schwachstellen | 2025-08-12T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-1757 | Linux Kernel: Schwachstelle ermöglicht Umgehen von Sicherheitsmechanismen | 2025-08-11T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1754 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-08-10T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1748 | libarchive: Schwachstelle ermöglicht Denial of Service und potenziell Codeausführung | 2025-08-07T22:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-1744 | OpenJPEG: Schwachstelle ermöglicht Denial of Service | 2025-08-07T22:00:00.000+00:00 | 2025-12-29T23:00:00.000+00:00 |
| wid-sec-w-2025-1740 | Golang Go: Mehrere Schwachstellen ermöglichen Manipulation von Dateien | 2025-08-06T22:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2025-1732 | Red Hat Enterprise Linux (libxslt): Schwachstelle ermöglicht Codeausführung | 2025-08-06T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-1717 | libTIFF (tiff2ps): Schwachstelle ermöglicht Denial of Service | 2025-08-04T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-1703 | WebKitGTK: Mehrere Schwachstellen | 2025-08-03T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-1700 | libTIFF: Schwachstelle ermöglicht einen Denial of Service | 2025-08-03T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-1699 | Red Hat Enterprise Linux (requests): Schwachstelle ermöglicht das Ausspähen von Informationen | 2025-08-03T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1665 | Linux Kernel: Mehrere Schwachstellen | 2025-07-28T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-1664 | Python: Schwachstelle ermöglicht Denial of Service | 2025-07-28T22:00:00.000+00:00 | 2025-10-21T22:00:00.000+00:00 |
| wid-sec-w-2025-1656 | Red Hat Enterprise Linux (unbound): Schwachstelle ermöglicht Manipulation von Daten | 2025-07-27T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-1654 | libTIFF (Tiffmedian, Thumbnail): Mehrere Schwachstellen | 2025-07-27T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-1653 | Linux Kernel: Mehrere Schwachstellen | 2025-07-27T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-1646 | Red Hat Enterprise Linux (nodejs, perl): Mehrere Schwachstellen | 2025-07-27T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-1637 | GNU libc: Schwachstelle ermöglicht unspezifischen Angriff | 2025-07-23T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1636 | Apache HTTP Server: Schwachstelle ermöglicht umgehen von Sicherheitsvorkehrungen | 2025-07-23T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1623 | Mozilla Firefox , Firefox ESR und Thunderbird: Mehrere Schwachstellen | 2025-07-22T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1613 | Linux Kernel: Mehrere Schwachstellen | 2025-07-20T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1591 | IBM WebSphere Application Server: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-07-17T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1583 | ffmpeg: Schwachstelle ermöglicht Denial of Service | 2025-07-16T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1582 | IBM WebSphere Application Server: Schwachstelle ermöglicht Denial of Service | 2025-07-16T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1575 | vim (.tar and .zip): Mehrere Schwachstellen ermöglichen Codeausführung | 2025-07-15T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-1569 | Oracle Java SE: Mehrere Schwachstellen | 2025-07-15T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1567 | Oracle MySQL: Mehrere Schwachstellen | 2025-07-15T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1540 | Apache Commons Lang: Schwachstelle ermöglicht Denial of Service | 2025-07-13T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-145224 | SSA-145224: Vulnerability in OSPF Packet Handling of SCALANCE XM-400 and XR-500 Devices | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-789162 | SSA-789162: Vulnerabilities in Teamcenter | 2022-05-10T00:00:00Z | 2022-08-09T00:00:00Z |
| ssa-736385 | SSA-736385: Memory Corruption Vulnerability in OpenV2G | 2022-05-10T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-732250 | SSA-732250: Libcurl Vulnerabilities in Industrial Devices | 2022-05-10T00:00:00Z | 2022-08-09T00:00:00Z |
| ssa-662649 | SSA-662649: Denial of Service Vulnerability in Desigo DXR and PXC Controllers | 2022-05-10T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-626968 | SSA-626968: Multiple Webserver Vulnerabilities in Desigo PXC and DXR Devices | 2022-05-10T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-553086 | SSA-553086: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization | 2022-05-10T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-480937 | SSA-480937: Denial of Service Vulnerability in CP 44x-1 RNA before V1.5.18 | 2022-05-10T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-363107 | SSA-363107: An Improper Initialization Vulnerability Affects SIMATIC WinCC Kiosk Mode | 2022-05-10T00:00:00Z | 2023-11-14T00:00:00Z |
| ssa-285795 | SSA-285795: Denial of Service in OPC-UA in Industrial Products | 2022-05-10T00:00:00Z | 2023-10-10T00:00:00Z |
| ssa-165073 | SSA-165073: Multiple Vulnerabilities in the Webinterface of SICAM P850 and SICAM P855 Devices | 2022-05-10T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-162616 | SSA-162616: File Parsing Vulnerabilities in Simcenter Femap before V2022.2 | 2022-05-10T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-254054 | SSA-254054: Spring Framework Vulnerability (Spring4Shell or SpringShell, CVE-2022-22965) - Impact to Siemens Products | 2022-04-19T00:00:00Z | 2022-10-11T00:00:00Z |
| ssa-998762 | SSA-998762: File Parsing Vulnerabilities in Simcenter Femap before V2022.1.2 | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-870917 | SSA-870917: Improper Access Control Vulnerability in Mendix | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-836527 | SSA-836527: Multiple Vulnerabilities in SCALANCE X-300 Switch Family Devices | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-711829 | SSA-711829: Denial of Service Vulnerability in TIA Administrator | 2022-04-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-655554 | SSA-655554: Multiple Vulnerabilities in SIMATIC Energy Manager before V7.3 Update 1 | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-446448 | SSA-446448: Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack | 2022-04-12T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-414513 | SSA-414513: Information Disclosure Vulnerability in Mendix | 2022-04-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-392912 | SSA-392912: Multiple Denial Of Service Vulnerabilities in SCALANCE W1700 Devices | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-350757 | SSA-350757: Improper Access Control Vulnerability in TIA Portal Affecting S7-1200 and S7-1500 CPUs Web Server (Incl. Related ET200 CPUs and SIPLUS variants) | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-316850 | SSA-316850: Unauthenticated File Access in SICAM A8000 Devices | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-594438 | SSA-594438: Remote Code Execution and Denial-of-Service Vulnerability in multiple RUGGEDCOM ROX products | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-562051 | SSA-562051: Cross-Site Scripting Vulnerability in Polarion ALM | 2022-03-08T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-415938 | SSA-415938: Improper Access Control Vulnerability in Mendix | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-406691 | SSA-406691: Buffer Vulnerabilities in DHCP function of RUGGEDCOM ROX products | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-389290 | SSA-389290: Third-Party Component Vulnerabilities in SINEC INS | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-337210 | SSA-337210: Privilege Escalation Vulnerability in SINUMERIK MC | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-252466 | SSA-252466: Multiple Vulnerabilities in Climatix POL909 (AWM and AWB) | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:20909 | Red Hat Security Advisory: podman security update | 2025-11-11T13:58:42+00:00 | 2025-11-26T15:51:09+00:00 |
| rhsa-2025:20926 | Red Hat Security Advisory: redis security update | 2025-11-11T13:58:33+00:00 | 2025-11-28T11:32:54+00:00 |
| rhsa-2025:20922 | Red Hat Security Advisory: webkit2gtk3 security update | 2025-11-11T13:58:27+00:00 | 2025-11-21T19:30:56+00:00 |
| rhsa-2025:19890 | Red Hat Security Advisory: OpenShift Container Platform 4.20.3 bug fix and security update | 2025-11-11T13:19:56+00:00 | 2025-11-21T19:38:57+00:00 |
| rhsa-2025:20478 | Red Hat Security Advisory: zziplib security update | 2025-11-11T11:39:12+00:00 | 2025-11-27T17:36:20+00:00 |
| rhsa-2025:20838 | Red Hat Security Advisory: zziplib security update | 2025-11-11T09:45:24+00:00 | 2025-11-21T19:30:55+00:00 |
| rhsa-2025:20801 | Red Hat Security Advisory: libtiff security update | 2025-11-11T09:33:14+00:00 | 2025-11-24T21:04:30+00:00 |
| rhba-2025:20841 | Red Hat Bug Fix Advisory: open-vm-tools bug fix and enhancement update | 2025-11-11T09:19:58+00:00 | 2025-11-21T17:23:51+00:00 |
| rhsa-2025:20518 | Red Hat Security Advisory: kernel security update | 2025-11-11T09:13:24+00:00 | 2025-11-26T21:27:09+00:00 |
| rhsa-2025:20559 | Red Hat Security Advisory: shadow-utils security update | 2025-11-11T09:01:50+00:00 | 2025-11-24T21:04:30+00:00 |
| rhsa-2025:20532 | Red Hat Security Advisory: grub2 security update | 2025-11-11T08:55:23+00:00 | 2025-11-21T19:30:53+00:00 |
| rhsa-2025:20155 | Red Hat Security Advisory: binutils security update | 2025-11-11T08:32:02+00:00 | 2025-11-21T19:30:50+00:00 |
| rhsa-2025:20126 | Red Hat Security Advisory: openssh security update | 2025-11-11T08:30:01+00:00 | 2025-11-21T19:30:49+00:00 |
| rhsa-2025:20181 | Red Hat Security Advisory: pam security update | 2025-11-11T08:27:02+00:00 | 2025-11-25T10:22:19+00:00 |
| rhsa-2025:20095 | Red Hat Security Advisory: kernel security update | 2025-11-11T08:21:57+00:00 | 2025-11-26T15:30:40+00:00 |
| rhsa-2025:20145 | Red Hat Security Advisory: shadow-utils security update | 2025-11-11T08:16:42+00:00 | 2025-11-24T21:04:30+00:00 |
| rhsa-2025:20066 | Red Hat Security Advisory: Insights proxy Container Image | 2025-11-10T21:09:13+00:00 | 2025-11-24T21:04:29+00:00 |
| rhsa-2025:20057 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 security update | 2025-11-10T20:47:44+00:00 | 2025-11-21T19:30:49+00:00 |
| rhsa-2025:20052 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 security update | 2025-11-10T20:35:44+00:00 | 2025-11-21T19:30:48+00:00 |
| rhsa-2025:20047 | Red Hat Security Advisory: Red Hat Developer Hub 1.8.0 release. | 2025-11-10T16:41:16+00:00 | 2025-11-21T19:38:58+00:00 |
| rhsa-2025:20034 | Red Hat Security Advisory: libtiff security update | 2025-11-10T14:19:58+00:00 | 2025-11-27T17:37:51+00:00 |
| rhsa-2025:19967 | Red Hat Security Advisory: squid:4 security update | 2025-11-10T08:01:27+00:00 | 2025-11-21T19:30:47+00:00 |
| rhsa-2025:19962 | Red Hat Security Advisory: kernel security update | 2025-11-10T04:21:22+00:00 | 2025-11-21T19:30:47+00:00 |
| rhsa-2025:19951 | Red Hat Security Advisory: bind security update | 2025-11-10T02:58:07+00:00 | 2025-11-27T03:24:37+00:00 |
| rhsa-2025:19950 | Red Hat Security Advisory: bind9.18 security update | 2025-11-10T02:50:17+00:00 | 2025-11-27T03:24:36+00:00 |
| rhsa-2025:19947 | Red Hat Security Advisory: libtiff security update | 2025-11-10T02:22:22+00:00 | 2025-11-24T21:04:27+00:00 |
| rhsa-2025:19944 | Red Hat Security Advisory: thunderbird security update | 2025-11-10T02:20:02+00:00 | 2025-11-21T19:30:44+00:00 |
| rhsa-2025:19938 | Red Hat Security Advisory: thunderbird security update | 2025-11-10T02:00:31+00:00 | 2025-11-21T19:30:41+00:00 |
| rhsa-2025:19945 | Red Hat Security Advisory: thunderbird security update | 2025-11-10T01:56:36+00:00 | 2025-11-21T19:30:47+00:00 |
| rhsa-2025:19943 | Red Hat Security Advisory: thunderbird security update | 2025-11-10T01:56:11+00:00 | 2025-11-21T19:30:44+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-40310 | amd/amdkfd: resolve a race in amdgpu_amdkfd_device_fini_sw | 2025-12-02T00:00:00.000Z | 2025-12-16T14:39:23.000Z |
| msrc_cve-2025-40309 | Bluetooth: SCO: Fix UAF on sco_conn_free | 2025-12-02T00:00:00.000Z | 2025-12-09T01:01:37.000Z |
| msrc_cve-2025-40308 | Bluetooth: bcsp: receive data only if registered | 2025-12-02T00:00:00.000Z | 2025-12-16T14:38:38.000Z |
| msrc_cve-2025-40307 | exfat: validate cluster allocation bits of the allocation bitmap | 2025-12-02T00:00:00.000Z | 2025-12-09T01:01:26.000Z |
| msrc_cve-2025-40306 | orangefs: fix xattr related buffer overflow... | 2025-12-02T00:00:00.000Z | 2025-12-09T01:01:58.000Z |
| msrc_cve-2025-40305 | 9p/trans_fd: p9_fd_request: kick rx thread if EPOLLIN | 2025-12-02T00:00:00.000Z | 2025-12-09T01:01:42.000Z |
| msrc_cve-2025-40304 | fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds | 2025-12-02T00:00:00.000Z | 2025-12-16T14:39:10.000Z |
| msrc_cve-2025-40303 | btrfs: ensure no dirty metadata is written back for an fs with errors | 2025-12-02T00:00:00.000Z | 2025-12-16T14:39:56.000Z |
| msrc_cve-2025-40301 | Bluetooth: hci_event: validate skb length for unknown CC opcode | 2025-12-02T00:00:00.000Z | 2025-12-16T14:39:04.000Z |
| msrc_cve-2025-40297 | net: bridge: fix use-after-free due to MST port state bypass | 2025-12-02T00:00:00.000Z | 2025-12-16T14:39:49.000Z |
| msrc_cve-2025-40294 | Bluetooth: MGMT: Fix OOB access in parse_adv_monitor_pattern() | 2025-12-02T00:00:00.000Z | 2025-12-16T14:39:17.000Z |
| msrc_cve-2025-40293 | iommufd: Don't overflow during division for dirty tracking | 2025-12-02T00:00:00.000Z | 2025-12-09T01:01:47.000Z |
| msrc_cve-2025-40292 | virtio-net: fix received length check in big packets | 2025-12-02T00:00:00.000Z | 2025-12-16T14:38:45.000Z |
| msrc_cve-2025-40289 | drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM | 2025-12-02T00:00:00.000Z | 2025-12-08T14:38:27.000Z |
| msrc_cve-2025-40288 | drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices | 2025-12-02T00:00:00.000Z | 2025-12-16T14:37:34.000Z |
| msrc_cve-2025-40287 | exfat: fix improper check of dentry.stream.valid_size | 2025-12-02T00:00:00.000Z | 2025-12-09T01:40:07.000Z |
| msrc_cve-2025-40286 | smb/server: fix possible memory leak in smb2_read() | 2025-12-02T00:00:00.000Z | 2025-12-09T01:40:46.000Z |
| msrc_cve-2025-40285 | smb/server: fix possible refcount leak in smb2_sess_setup() | 2025-12-02T00:00:00.000Z | 2025-12-09T01:40:41.000Z |
| msrc_cve-2025-40284 | Bluetooth: MGMT: cancel mesh send timer when hdev removed | 2025-12-02T00:00:00.000Z | 2025-12-16T14:37:40.000Z |
| msrc_cve-2025-40283 | Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF | 2025-12-02T00:00:00.000Z | 2025-12-16T14:37:47.000Z |
| msrc_cve-2025-40282 | Bluetooth: 6lowpan: reset link-local header on ipv6 recv path | 2025-12-02T00:00:00.000Z | 2025-12-16T14:38:00.000Z |
| msrc_cve-2025-40281 | sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto | 2025-12-02T00:00:00.000Z | 2025-12-16T14:38:25.000Z |
| msrc_cve-2025-40280 | tipc: Fix use-after-free in tipc_mon_reinit_self(). | 2025-12-02T00:00:00.000Z | 2025-12-16T14:38:19.000Z |
| msrc_cve-2025-40279 | net: sched: act_connmark: initialize struct tc_ife to fix kernel leak | 2025-12-02T00:00:00.000Z | 2025-12-16T14:37:53.000Z |
| msrc_cve-2025-40278 | net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak | 2025-12-02T00:00:00.000Z | 2025-12-09T01:40:12.000Z |
| msrc_cve-2025-40277 | drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE | 2025-12-02T00:00:00.000Z | 2025-12-16T14:38:13.000Z |
| msrc_cve-2025-40275 | ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd | 2025-12-02T00:00:00.000Z | 2025-12-16T14:37:27.000Z |
| msrc_cve-2025-40273 | NFSD: free copynotify stateid in nfs4_free_ol_stateid() | 2025-12-02T00:00:00.000Z | 2025-12-16T14:38:06.000Z |
| msrc_cve-2025-40272 | mm/secretmem: fix use-after-free race in fault handler | 2025-12-02T00:00:00.000Z | 2025-12-16T14:37:21.000Z |
| msrc_cve-2025-40269 | ALSA: usb-audio: Fix potential overflow of PCM transfer buffer | 2025-12-02T00:00:00.000Z | 2025-12-16T14:38:32.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2024-007002 | Panasonic Control FPWIN Pro7 vulnerable to stack-based buffer overflow | 2024-09-02T14:57+09:00 | 2024-09-02T14:57+09:00 |
| jvndb-2024-000091 | IPCOM vulnerable to information disclosure | 2024-08-30T14:56+09:00 | 2024-08-30T14:56+09:00 |
| jvndb-2024-000092 | Multiple vulnerabilities in WordPress plugin "Carousel Slider" | 2024-08-30T13:58+09:00 | 2024-08-30T13:58+09:00 |
| jvndb-2024-000089 | WindLDR and WindO/I-NV4 store sensitive information in cleartext | 2024-08-29T15:08+09:00 | 2024-09-24T17:14+09:00 |
| jvndb-2024-006787 | xfpt vulnerable to stack-based buffer overflow | 2024-08-29T14:07+09:00 | 2024-08-29T14:07+09:00 |
| jvndb-2024-000088 | Multiple vulnerabilities in ELECOM wireless LAN routers and access points | 2024-08-27T14:40+09:00 | 2024-11-26T15:17+09:00 |
| jvndb-2024-006646 | Authentication Bypass Vulnerability in Hitachi Ops Center Common Services | 2024-08-27T12:01+09:00 | 2024-08-27T12:01+09:00 |
| jvndb-2024-006367 | Unquoted Service Path in Hitachi Device Manager | 2024-08-26T16:27+09:00 | 2024-08-26T16:27+09:00 |
| jvndb-2024-000087 | BUFFALO wireless LAN routers and wireless LAN repeaters vulnerable to OS command injection | 2024-08-23T14:17+09:00 | 2024-08-23T14:17+09:00 |
| jvndb-2024-000086 | Multiple Safie products vulnerable to improper server certificate verification | 2024-08-22T13:51+09:00 | 2024-08-29T12:23+09:00 |
| jvndb-2020-007305 | Installer of Trend Micro Security 2020 (Consumer) may insecurely load Dynamic Link Libraries | 2024-08-22T11:33+09:00 | 2024-08-22T11:33+09:00 |
| jvndb-2017-009536 | Packetbeat vulnerable to denial-of-service (DoS) | 2024-08-21T17:54+09:00 | 2024-08-21T17:54+09:00 |
| jvndb-2018-009127 | Multiple vulnerabilities in LogonTracer | 2024-08-21T17:37+09:00 | 2024-08-21T17:37+09:00 |
| jvndb-2020-002957 | A vulnerability in TOYOTA MOTOR's DCU (Display Control Unit) | 2024-08-20T18:12+09:00 | 2024-08-20T18:12+09:00 |
| jvndb-2020-007306 | Trend Micro Security (Consumer) Driver vulnerable to Out-of-bounds Read | 2024-08-20T17:52+09:00 | 2024-08-20T17:52+09:00 |
| jvndb-2024-000085 | "Rakuten Ichiba App" fails to restrict custom URL schemes properly | 2024-08-20T16:56+09:00 | 2024-08-20T16:56+09:00 |
| jvndb-2024-005167 | EL Injection Vulnerability in Hitachi Tuning Manager | 2024-08-15T09:38+09:00 | 2024-08-15T09:38+09:00 |
| jvndb-2016-000124 | WAON service app for Android fails to verify SSL server certificates | 2024-08-15T09:36+09:00 | 2024-08-15T09:36+09:00 |
| jvndb-2024-000083 | Firmware update for RICOH JavaTM Platform resets the TLS configuration | 2024-08-06T15:13+09:00 | 2024-08-06T15:13+09:00 |
| jvndb-2024-000079 | Cybozu Office vulnerable to bypass browsing restrictions in Custom App | 2024-08-06T14:59+09:00 | 2024-08-06T14:59+09:00 |
| jvndb-2024-000082 | Pimax Play and PiTool accept WebSocket connections from unintended endpoints | 2024-08-05T13:58+09:00 | 2024-08-05T13:58+09:00 |
| jvndb-2024-000084 | Multiple vulnerabilities in ZEXELON ZWX-2000CSW2-HN | 2024-08-05T13:46+09:00 | 2024-08-05T13:46+09:00 |
| jvndb-2024-000077 | FFRI AMC vulnerable to OS command injection | 2024-07-30T16:40+09:00 | 2024-07-30T16:40+09:00 |
| jvndb-2024-000078 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2024-07-30T15:34+09:00 | 2025-02-12T14:34+09:00 |
| jvndb-2024-000081 | EC-CUBE plugin (for EC-CUBE 4 series) "EC-CUBE Web API Plugin" vulnerable to stored cross-site scripting | 2024-07-30T14:06+09:00 | 2024-07-30T14:06+09:00 |
| jvndb-2024-000080 | EC-CUBE 4 Series improper input validation when installing plugins | 2024-07-30T13:56+09:00 | 2024-07-30T13:56+09:00 |
| jvndb-2024-004595 | Multiple vulnerabilities in FutureNet NXR series, VXR series and WXR series | 2024-07-29T17:51+09:00 | 2025-06-30T09:56+09:00 |
| jvndb-2024-000076 | SDoP contains a stack-based buffer overflow vulnerability. | 2024-07-29T17:24+09:00 | 2024-07-29T17:24+09:00 |
| jvndb-2024-000074 | Multiple vulnerabilities in SKYSEA Client View | 2024-07-29T15:28+09:00 | 2024-07-31T14:12+09:00 |
| jvndb-2024-004623 | Multiple products from Check Point Software Technologies vulnerable to information disclosure | 2024-07-29T10:23+09:00 | 2024-10-24T16:37+09:00 |
| ID | Description | Updated |
|---|