Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-55056 | 4.8 (v3.1) | Multiple CWE-79 Improper Neutralization of Input … |
Rumpus |
FTP Server |
2025-11-17T17:28:28.345Z | 2025-11-17T21:24:21.835Z |
| cve-2025-34054 | 10 (v4.0) | AVTECH IP camera, DVR, and NVR Devices Unauthenticated… |
AVTECH |
IP camera, DVR, and NVR Devices |
2025-07-01T14:46:00.832Z | 2025-11-17T21:23:54.440Z |
| cve-2025-34049 | 9.4 (v4.0) | OptiLink ONT1GEW GPON Remote Code Execution |
OptiLink |
ONT1GEW GPON |
2025-06-26T15:52:12.197Z | 2025-11-17T21:23:06.316Z |
| cve-2025-34047 | 8.7 (v4.0) | Leadsec VPN Path Traversal Arbitrary File Read |
Beijing NetGuard Nebula Information Technology Co., Ltd. |
Leadsec SSL VPN |
2025-06-26T16:10:37.548Z | 2025-11-17T21:22:13.998Z |
| cve-2025-55057 | 4.5 (v3.1) | Multiple CWE-352 Cross-Site Request Forgery (CSRF) |
Rumpus |
FTP Server |
2025-11-17T17:31:23.641Z | 2025-11-17T21:21:55.928Z |
| cve-2025-34046 | 10 (v4.0) | Fanwei E-Office Unauthenticated File Upload |
Shanghai Fanwei Network Technology |
E-Office |
2025-06-26T15:51:45.664Z | 2025-11-17T21:21:13.355Z |
| cve-2025-13297 | itsourcecode Web-Based Internet Laboratory Management … |
itsourcecode |
Web-Based Internet Laboratory Management System |
2025-11-17T18:02:06.710Z | 2025-11-17T21:21:04.312Z | |
| cve-2025-34045 | 8.7 (v4.0) | WeiPHP Path Traversal Arbitrary File Read |
Shenzhen Yuanmengyun Technology Co., Ltd. |
WeiPHP |
2025-06-26T15:51:37.884Z | 2025-11-17T21:19:57.608Z |
| cve-2025-34044 | 9.4 (v4.0) | WIFISKY 7-Layer Flow Control Router Remote Command Execution |
Shenzhen Lingkong Technology |
WIFISKY 7-layer flow control router |
2025-06-26T15:51:30.957Z | 2025-11-17T21:15:30.068Z |
| cve-2025-34048 | 8.7 (v4.0) | D-Link DSL-2730U/2750U/2750E Path Traversal Arbitrary … |
D-Link |
DSL-2730U |
2025-06-26T15:52:04.200Z | 2025-11-17T21:12:32.976Z |
| cve-2025-64758 | @dependencytrack/frontend Vulnerable to Persistent Cro… |
DependencyTrack |
frontend |
2025-11-17T17:24:27.491Z | 2025-11-17T21:05:16.691Z | |
| cve-2025-64342 | ESF-IDF's ESP32 Bluetooth Controller Has an Invalid Ac… |
espressif |
esp-idf |
2025-11-17T17:21:01.773Z | 2025-11-17T21:04:07.698Z | |
| cve-2025-13291 | Campcodes Supplier Management System confirm_order.php… |
Campcodes |
Supplier Management System |
2025-11-17T17:02:07.150Z | 2025-11-17T20:58:15.294Z | |
| cve-2025-36118 | 7.5 (v3.1) | IBM Storage Virtualize Information Disclosure |
IBM |
Storage Virtualize |
2025-11-17T20:47:48.824Z | 2025-11-17T20:57:45.516Z |
| cve-2025-58410 | N/A | GPU DDK - Multiple calls into PhysmemGEMPrimeExport ca… |
Imagination Technologies |
Graphics DDK |
2025-11-17T16:57:05.418Z | 2025-11-17T20:55:22.714Z |
| cve-2025-36299 | 4.3 (v3.1) | IBM Planning Analytics Information Disclosure |
IBM |
IBM Planning Analytics Local |
2025-11-17T20:09:35.286Z | 2025-11-17T20:54:09.781Z |
| cve-2025-13300 | itsourcecode Web-Based Internet Laboratory Management … |
itsourcecode |
Web-Based Internet Laboratory Management System |
2025-11-17T20:32:05.863Z | 2025-11-17T20:49:54.222Z | |
| cve-2021-4471 | 8.7 (v4.0) | TG8 Firewall Unauthenticated User Password Disclosure |
TG8 |
TG8 Firewall |
2025-11-14T22:50:25.482Z | 2025-11-17T20:44:47.274Z |
| cve-2025-13188 | D-Link DIR-816L authentication.cgi authenticationcgi_m… |
D-Link |
DIR-816L |
2025-11-14T22:32:06.220Z | 2025-11-17T20:43:05.895Z | |
| cve-2025-13187 | Intelbras ICIP acessodeusuario.xml credentials storage |
Intelbras |
ICIP |
2025-11-14T22:02:06.229Z | 2025-11-17T20:42:25.385Z | |
| cve-2025-13186 | Bdtask/CodeCanyon Isshue Multi Store eCommerce Shoppin… |
Bdtask |
Isshue Multi Store eCommerce Shopping Cart Solution |
2025-11-14T21:32:05.698Z | 2025-11-17T20:41:49.637Z | |
| cve-2025-13177 | Bdtask/CodeCanyon SalesERP cross-site request forgery |
Bdtask |
SalesERP |
2025-11-14T19:02:07.421Z | 2025-11-17T20:41:11.611Z | |
| cve-2024-44662 | N/A | PHPGurukul Online Shopping Portal 2.0 is vulnerab… |
n/a |
n/a |
2025-11-17T00:00:00.000Z | 2025-11-17T20:40:23.622Z |
| cve-2025-13172 | CodeAstro Gym Management System view-member-report.php… |
CodeAstro |
Gym Management System |
2025-11-14T18:02:06.388Z | 2025-11-17T20:40:10.365Z | |
| cve-2025-4616 | 1.1 (v4.0) | Prisma Browser: Insufficient Validation of Untrusted I… |
Palo Alto Networks |
Prisma Browser |
2025-11-14T17:33:21.420Z | 2025-11-17T20:39:22.564Z |
| cve-2021-4468 | 8.7 (v4.0) | PLANEX CS-QP50F-ING2 Smart Camera Remote Configuration… |
PLANEX COMMUNICATIONS Inc. |
CS-QP50F-ING2 |
2025-11-14T22:52:05.351Z | 2025-11-17T20:37:28.498Z |
| cve-2018-25125 | 8.7 (v4.0) | Netis DL4322D RTK 2.1.1 FTP Service DoS |
Netis Systems Co., Ltd. |
DL4322D |
2025-11-14T22:52:24.858Z | 2025-11-17T20:35:53.147Z |
| cve-2021-4466 | 8.7 (v4.0) | IPCop <= 2.1.9 Authenticated RCE |
IPCop Project |
IPCop |
2025-11-14T22:52:44.463Z | 2025-11-17T20:34:34.580Z |
| cve-2024-44660 | N/A | PHPGurukul Online Shopping Portal 2.0 is vulnerab… |
n/a |
n/a |
2025-11-17T00:00:00.000Z | 2025-11-17T20:31:45.360Z |
| cve-2025-8114 | 4.7 (v3.1) | Libssh: null pointer dereference in libssh kex session… |
|
|
2025-07-24T14:14:47.745Z | 2025-11-17T20:31:35.902Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2022-002537 | Stack-based buffer overflow vulnerability in Yokogawa Test & Measurement WTViewerE | 2022-10-19T16:23+09:00 | 2024-06-12T16:54+09:00 |
| jvndb-2022-000081 | Lemon8 App fails to restrict access permissions | 2022-10-19T14:08+09:00 | 2024-06-12T16:39+09:00 |
| jvndb-2024-000062 | Denial-of-service (DoS) vulnerability in IPCOM WAF function | 2024-06-12T15:03+09:00 | 2024-06-12T15:03+09:00 |
| jvndb-2022-000075 | IPFire WebUI vulnerable to cross-site scripting | 2022-10-06T13:05+09:00 | 2024-06-12T14:28+09:00 |
| jvndb-2023-000013 | Ichiran App vulnerable to improper server certificate verification | 2023-02-06T14:31+09:00 | 2024-06-12T14:25+09:00 |
| jvndb-2022-000074 | BookStack vulnerable to cross-site scripting | 2022-09-30T14:48+09:00 | 2024-06-12T14:07+09:00 |
| jvndb-2022-000077 | The installer of Sony Content Transfer may insecurely load Dynamic Link Libraries | 2022-10-11T15:08+09:00 | 2024-06-12T12:12+09:00 |
| jvndb-2022-000076 | Growi vulnerable to improper access control | 2022-10-07T14:30+09:00 | 2024-06-12T12:04+09:00 |
| jvndb-2023-000017 | Improper restriction of XML external entity reference (XXE) vulnerability in tsClinical Define.xml Generator and tsClinical Metadata Desktop Tools | 2023-02-14T17:00+09:00 | 2024-06-12T11:15+09:00 |
| jvndb-2023-000012 | Vulnerability in Driver Distributor where passwords are stored in a recoverable format | 2023-01-31T14:14+09:00 | 2024-06-12T11:07+09:00 |
| jvndb-2023-000011 | SUSHIRO App for Android outputs sensitive information to the log file | 2023-01-31T14:10+09:00 | 2024-06-11T17:35+09:00 |
| jvndb-2023-001269 | File and Directory Permissions Vulnerability in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center | 2023-03-01T16:59+09:00 | 2024-06-11T16:42+09:00 |
| jvndb-2023-000014 | NEC PC Settings Tool vulnerable to missing authentication for critical function | 2023-02-10T14:43+09:00 | 2024-06-10T18:13+09:00 |
| jvndb-2023-000019 | Multiple cross-site scripting vulnerabilities in EC-CUBE | 2023-02-28T16:38+09:00 | 2024-06-10T17:28+09:00 |
| jvndb-2023-001212 | Multiple vulnerabilities in JTEKT ELECTRONICS Screen Creator Advance 2 | 2023-02-08T12:46+09:00 | 2024-06-10T17:25+09:00 |
| jvndb-2023-000018 | Multiple cross-site scripting vulnerabilities in SHIRASAGI | 2023-02-22T15:16+09:00 | 2024-06-10T17:18+09:00 |
| jvndb-2024-000058 | WordPress Plugin "Music Store - WordPress eCommerce" vulnerable to SQL injection | 2024-06-07T15:24+09:00 | 2024-06-10T17:08+09:00 |
| jvndb-2023-000023 | Multiple vulnerabilities in PostgreSQL extension module pg_ivm | 2023-03-06T15:22+09:00 | 2024-06-10T16:41+09:00 |
| jvndb-2023-001292 | Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service | 2023-03-02T17:33+09:00 | 2024-06-07T16:59+09:00 |
| jvndb-2023-001304 | Multiple vulnerabilities in JTEKT ELECTRONICS Kostac PLC Programming Software | 2023-03-06T15:31+09:00 | 2024-06-07T16:39+09:00 |
| jvndb-2023-000020 | web2py development tool vulnerable to open redirect | 2023-02-28T15:00+09:00 | 2024-06-07T16:31+09:00 |
| jvndb-2024-000060 | Multiple vulnerabilities in "FreeFrom - the nostr client" App | 2024-06-07T14:51+09:00 | 2024-06-07T14:51+09:00 |
| jvndb-2023-000021 | Multiple vulnerabilities in SS1 and Rakuraku PC Cloud | 2023-03-01T15:57+09:00 | 2024-06-06T18:02+09:00 |
| jvndb-2022-000086 | Aiphone Video Multi-Tenant System Entrance Stations vulnerable to information disclosure | 2022-11-10T13:40+09:00 | 2024-06-06T17:37+09:00 |
| jvndb-2023-000028 | baserCMS vulnerable to arbitrary file uploads | 2023-03-27T13:39+09:00 | 2024-06-06T17:31+09:00 |
| jvndb-2022-000079 | Multiple vulnerabilities in the web interfaces of Kyocera Document Solutions MFPs and printers | 2022-11-01T14:51+09:00 | 2024-06-06T17:01+09:00 |
| jvndb-2022-000084 | Multiple vulnerabilities in FUJI SOFT network devices | 2022-10-28T15:12+09:00 | 2024-06-06T16:48+09:00 |
| jvndb-2022-000087 | Multiple vulnerabilities in WordPress | 2022-11-08T14:59+09:00 | 2024-06-06T16:27+09:00 |
| jvndb-2022-000088 | TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java (Rich) vulnerable to ClassLoader manipulation | 2022-11-14T16:45+09:00 | 2024-06-06T16:11+09:00 |
| jvndb-2022-000085 | WordPress Plugin "Salon booking system" vulnerable to cross-site scripting | 2022-11-08T15:07+09:00 | 2024-06-05T18:07+09:00 |