Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-64381 | N/A | WordPress Booking Calendar plugin <= 10.14.7 - Cross S… |
wpdevelop |
Booking Calendar |
2025-11-13T09:24:35.014Z | 2025-11-17T19:06:31.286Z |
| cve-2024-44652 | N/A | Kashipara Ecommerce Website 1.0 is vulnerable to … |
n/a |
n/a |
2025-11-17T00:00:00.000Z | 2025-11-17T19:04:41.379Z |
| cve-2025-12849 | Contest Gallery <= 28.0.2 - Missing Authorization |
contest-gallery |
Contest Gallery – Upload, Vote & Sell with PayPal and Stripe |
2025-11-15T06:41:31.470Z | 2025-11-17T19:01:33.905Z | |
| cve-2025-63916 | N/A | MyScreenTools v2.2.1.0 contains a critical OS com… |
n/a |
n/a |
2025-11-17T00:00:00.000Z | 2025-11-17T19:00:52.724Z |
| cve-2025-13249 | Jiusi OA OfficeServer unrestricted upload |
Jiusi |
OA |
2025-11-16T11:32:05.743Z | 2025-11-17T19:00:38.836Z | |
| cve-2025-13238 | Bdtask Flight Booking Software Edit Profile edit unres… |
Bdtask |
Flight Booking Software |
2025-11-16T05:32:05.486Z | 2025-11-17T19:00:34.257Z | |
| cve-2025-13237 | itsourcecode Inventory Management System LogSignModal.… |
itsourcecode |
Inventory Management System |
2025-11-16T05:02:06.469Z | 2025-11-17T18:59:36.030Z | |
| cve-2025-13250 | WeiYe-Jing datax-web Job triggerJob access control |
WeiYe-Jing |
datax-web |
2025-11-16T12:02:05.565Z | 2025-11-17T18:58:18.328Z | |
| cve-2025-13236 | itsourcecode Inventory Management System index.php sql… |
itsourcecode |
Inventory Management System |
2025-11-16T04:02:06.575Z | 2025-11-17T18:58:17.152Z | |
| cve-2025-13235 | itsourcecode Inventory Management System login.php sql… |
itsourcecode |
Inventory Management System |
2025-11-16T03:32:06.363Z | 2025-11-17T18:57:06.721Z | |
| cve-2025-13199 | code-projects Email Logging Interface signup.cpp path … |
code-projects |
Email Logging Interface |
2025-11-15T10:32:05.696Z | 2025-11-17T18:54:33.761Z | |
| cve-2025-64309 | 8.6 (v3.1) 8.2 (v4.0) | Brightpick Mission Control / Internal Logic Control Un… |
Brightpick AI |
Brightpick Mission Control / Internal Logic Control |
2025-11-14T23:41:18.445Z | 2025-11-17T18:54:22.779Z |
| cve-2025-13198 | DouPHP file.class.php unrestricted upload |
n/a |
DouPHP |
2025-11-15T09:02:07.001Z | 2025-11-17T18:53:54.523Z | |
| cve-2025-13253 | projectworlds Advanced Library Management System add_l… |
projectworlds |
Advanced Library Management System |
2025-11-16T23:32:05.637Z | 2025-11-17T18:51:50.947Z | |
| cve-2025-12482 | Booking for Appointments and Events Calendar – Amelia … |
ameliabooking |
Booking for Appointments and Events Calendar – Amelia |
2025-11-16T04:17:30.278Z | 2025-11-17T18:48:12.735Z | |
| cve-2025-13258 | Tenda AC20 WifiExtraSet buffer overflow |
Tenda |
AC20 |
2025-11-17T02:02:08.487Z | 2025-11-17T18:47:00.562Z | |
| cve-2025-12494 | Image Gallery – Photo Grid & Video Gallery <= 2.12.28 … |
wpchill |
Image Gallery – Photo Grid & Video Gallery |
2025-11-15T05:45:34.066Z | 2025-11-17T18:46:19.807Z | |
| cve-2025-8994 | WP Project Manager <= 2.6.26 - Authenticated (Subscrib… |
wedevs |
Project Management & Task Manager with Kanban Board & Gantt Chart – WP Project Manager |
2025-11-15T05:45:33.608Z | 2025-11-17T18:45:34.610Z | |
| cve-2025-13251 | WeiYe-Jing datax-web sql injection |
WeiYe-Jing |
datax-web |
2025-11-16T13:02:05.803Z | 2025-11-17T18:43:46.951Z | |
| cve-2025-12847 | All in One SEO – Powerful SEO Plugin to Boost SEO Rank… |
smub |
All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic |
2025-11-15T05:45:32.963Z | 2025-11-17T18:42:46.195Z | |
| cve-2025-12182 | Qi Blocks <= 1.4.3 - Missing Authorization to Arbitrar… |
qodeinteractive |
Qi Blocks |
2025-11-15T03:27:01.199Z | 2025-11-17T18:41:49.941Z | |
| cve-2025-13252 | shsuishang ShopSuite ModulithShop RSA/OAuth2/Database … |
shsuishang |
ShopSuite ModulithShop |
2025-11-16T23:02:05.790Z | 2025-11-17T18:41:06.687Z | |
| cve-2025-13193 | 5.5 (v3.1) | Libvirt: information disclosure via world-readable vm … |
|
|
2025-11-17T17:03:48.291Z | 2025-11-17T18:40:25.024Z |
| cve-2025-13254 | projectworlds Advanced Library Management System add_m… |
projectworlds |
Advanced Library Management System |
2025-11-17T00:02:07.060Z | 2025-11-17T18:40:00.235Z | |
| cve-2025-13255 | projectworlds Advanced Library Management System book_… |
projectworlds |
Advanced Library Management System |
2025-11-17T00:32:06.284Z | 2025-11-17T18:37:53.164Z | |
| cve-2025-13216 | N/A | {'providerMetadata': {'orgId': 'b15e7b5b-3da4-40ae-a43c-f7aa60e62599', 'shortName': 'Wordfence', 'dateUpdated': '2025-11-17T18:34:43.896Z'}, 'rejectedReasons': [{'lang': 'en', 'value': '** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.'}]} | N/A | N/A | 2025-11-17T18:34:43.896Z | |
| cve-2025-55886 | N/A | An Insecure Direct Object Reference (IDOR) vulner… |
n/a |
n/a |
2025-09-22T00:00:00.000Z | 2025-11-17T18:33:50.727Z |
| cve-2025-57685 | N/A | The LB-Link routers, including the BL-AC2100_AZ3 … |
n/a |
n/a |
2025-09-22T00:00:00.000Z | 2025-11-17T18:33:16.460Z |
| cve-2025-56241 | N/A | Aztech DSL5005EN firmware 1.00.AZ_2013-05-10 and … |
n/a |
n/a |
2025-09-24T00:00:00.000Z | 2025-11-17T18:31:46.604Z |
| cve-2025-13256 | projectworlds Advanced Library Management System borro… |
projectworlds |
Advanced Library Management System |
2025-11-17T01:02:06.346Z | 2025-11-17T18:31:39.756Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2024-000050 | WordPress Plugin "WP Booking" vulnerable to cross-site scripting | 2024-05-24T13:41+09:00 | 2024-05-24T13:41+09:00 |
| jvndb-2023-001534 | Security Issues in FINS protocol | 2023-04-18T13:58+09:00 | 2024-05-23T17:35+09:00 |
| jvndb-2023-000057 | "Jiyu Kukan Toku-Toku coupon" App vulnerable to improper server certificate verification | 2023-06-01T14:51+09:00 | 2024-05-23T17:19+09:00 |
| jvndb-2023-000026 | Qrio Smart Lock Q-SL2 vulnerable to authentication bypass by capture-replay | 2023-05-18T14:13+09:00 | 2024-05-23T17:18+09:00 |
| jvndb-2023-000051 | Multiple vulnerabilities in T&D and ESPEC MIC data logger products | 2023-05-19T15:21+09:00 | 2024-05-23T17:03+09:00 |
| jvndb-2023-000041 | LINE WORKS Drive Explorer vulnerable to code injection | 2023-05-08T15:16+09:00 | 2024-05-23T17:03+09:00 |
| jvndb-2023-002111 | Printer Driver Packager NX creates driver installation packages without modification detection | 2023-06-15T16:06+09:00 | 2024-05-23T15:45+09:00 |
| jvndb-2023-002072 | Multiple vulnerabilities in Fuji Electric products | 2023-06-09T12:23+09:00 | 2024-05-23T15:33+09:00 |
| jvndb-2023-002100 | Security updates for multiple Trend Micro products for enterprises (June 2023) | 2023-06-14T14:47+09:00 | 2024-05-23T15:23+09:00 |
| jvndb-2023-000066 | Multiple vulnerabilities in Aterm series | 2023-06-27T15:12+09:00 | 2024-05-22T18:16+09:00 |
| jvndb-2023-003767 | Multiple vulnerabilities in multiple FURUNO SYSTEMS wireless LAN access point devices in ST(Standalone) mode | 2023-10-03T14:26+09:00 | 2024-05-22T18:01+09:00 |
| jvndb-2023-000101 | web2py vulnerable to OS command injection | 2023-10-16T16:11+09:00 | 2024-05-22T17:58+09:00 |
| jvndb-2023-000069 | Multiple vulnerabilities in SoftEther VPN and PacketiX VPN | 2023-07-03T15:07+09:00 | 2024-05-22T17:47+09:00 |
| jvndb-2023-000096 | Improper restriction of XML external entity references (XXE) in FD Application | 2023-10-02T12:36+09:00 | 2024-05-22T15:37+09:00 |
| jvndb-2023-003770 | DoS Vulnerability in Hitachi Ops Center Common Services | 2023-10-04T15:23+09:00 | 2024-05-22T15:31+09:00 |
| jvndb-2023-003769 | Information Exposure Vulnerability in Hitachi Ops Center Administrator | 2023-10-04T15:23+09:00 | 2024-05-22T15:20+09:00 |
| jvndb-2023-000095 | Shihonkanri Plus vulnerable to relative path traversal | 2023-09-27T13:49+09:00 | 2024-05-21T17:16+09:00 |
| jvndb-2023-000097 | Citadel WebCit vulnerable to cross-site scripting on Instant Messaging facility | 2023-10-04T14:07+09:00 | 2024-05-21T17:08+09:00 |
| jvndb-2024-000046 | Android App "TP-Link Tether" and "TP-Link Tapo" vulnerable to improper server certificate verification | 2024-05-21T13:33+09:00 | 2024-05-21T13:33+09:00 |
| jvndb-2023-004294 | Advanced Micro Devices Windows kernel drivers vulnerable to insufficient access control on its IOCTL | 2023-10-27T16:10+09:00 | 2024-05-20T17:49+09:00 |
| jvndb-2023-000098 | e-Gov Client Application fails to restrict custom URL schemes properly | 2023-10-06T14:57+09:00 | 2024-05-17T17:55+09:00 |
| jvndb-2024-003188 | Panasonic KW Watcher vulnerable to memory buffer error | 2024-05-17T15:46+09:00 | 2024-05-17T15:46+09:00 |
| jvndb-2023-021762 | Ruijie BCR810W/BCR860 vulnerable to OS command injection | 2024-05-17T13:54+09:00 | 2024-05-17T13:54+09:00 |
| jvndb-2024-000049 | WordPress Plugin "Download Plugins and Themes from Dashboard" vulnerable to path traversal | 2024-05-17T13:33+09:00 | 2024-05-17T13:33+09:00 |
| jvndb-2024-003187 | Multiple vulnerabilities in Field Logic DataCube | 2024-05-17T12:05+09:00 | 2024-05-17T12:05+09:00 |
| jvndb-2023-003913 | Multiple vulnerabilities in JTEKT ELECTRONICS OnSinView2 | 2023-10-18T14:13+09:00 | 2024-05-16T17:28+09:00 |
| jvndb-2023-003788 | Out-of-bounds read vulnerability in Keyence KV STUDIO and KV REPLAY VIEWER | 2023-10-11T15:23+09:00 | 2024-05-16T17:09+09:00 |
| jvndb-2023-000093 | Pyramid vulnerable to directory traversal | 2023-09-11T13:53+09:00 | 2024-05-16T16:52+09:00 |
| jvndb-2023-000102 | Multiple vulnerabilities in JustSystems products | 2023-10-19T15:16+09:00 | 2024-05-16T16:44+09:00 |
| jvndb-2023-000087 | SYNCK GRAPHICA Mailform Pro CGI vulnerable to Regular expression Denial-of-Service (ReDoS) | 2023-08-24T14:12+09:00 | 2024-05-15T17:12+09:00 |