Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-54320 | N/A | In Ascertia SigningHub through 8.6.8, there is a … |
n/a |
n/a |
2025-11-18T00:00:00.000Z | 2025-11-18T18:43:58.198Z |
| cve-2025-54321 | N/A | In Ascertia SigningHub through 8.6.8, there is a … |
n/a |
n/a |
2025-11-18T00:00:00.000Z | 2025-11-18T18:40:53.675Z |
| cve-2025-46776 | 6.3 (v3.1) | A buffer copy without checking size of input ('cl… |
Fortinet |
FortiExtender |
2025-11-18T17:01:17.437Z | 2025-11-18T18:34:05.679Z |
| cve-2025-46775 | 5.2 (v3.1) | A debug messages revealing unnecessary informatio… |
Fortinet |
FortiExtender |
2025-11-18T17:01:17.364Z | 2025-11-18T18:33:37.068Z |
| cve-2025-63955 | N/A | A Cross-Site Request Forgery (CSRF) vulnerability… |
n/a |
n/a |
2025-11-18T00:00:00.000Z | 2025-11-18T18:33:04.812Z |
| cve-2025-63749 | N/A | pnetlab 5.3.11 is vulnerable to Command Injection… |
n/a |
n/a |
2025-11-18T00:00:00.000Z | 2025-11-18T18:31:03.142Z |
| cve-2025-54770 | 4.9 (v3.1) | Grub2: use-after-free in net_set_vlan |
Red Hat |
Red Hat Enterprise Linux 10 |
2025-11-18T18:30:10.347Z | 2025-11-18T18:30:10.347Z |
| cve-2025-60455 | N/A | Unsafe Deserialization vulnerability in Modular M… |
n/a |
n/a |
2025-11-18T00:00:00.000Z | 2025-11-18T18:27:38.617Z |
| cve-2025-33183 | 7.8 (v3.1) | NVIDIA Isaac-GR00T for all platforms contains a v… |
NVIDIA |
NVIDIA Isaac-GR00T N1.5 |
2025-11-18T16:57:19.482Z | 2025-11-18T18:25:11.004Z |
| cve-2025-34324 | 7 (v4.0) | GoSign Desktop < 2.4.1 Insecure Update Mechanism RCE |
Tinexta InfoCert S.p.A. |
GoSign Desktop |
2025-11-18T16:33:05.469Z | 2025-11-18T18:24:11.777Z |
| cve-2025-13345 | SourceCodester Train Station Ticketing System ajax.php… |
SourceCodester |
Train Station Ticketing System |
2025-11-18T12:02:08.105Z | 2025-11-18T18:23:48.029Z | |
| cve-2025-53360 | pluginsGLPI's Database Inventory Plugin allows any aut… |
pluginsGLPI |
databaseinventory |
2025-11-18T16:12:15.116Z | 2025-11-18T18:22:25.605Z | |
| cve-2025-61664 | 4.9 (v3.1) | Grub2: missing unregister call for normal_exit command… |
Red Hat |
Red Hat Enterprise Linux 10 |
2025-11-18T18:20:55.212Z | 2025-11-18T18:20:55.212Z |
| cve-2025-61663 | 4.9 (v3.1) | Grub2: missing unregister call for normal commands may… |
Red Hat |
Red Hat Enterprise Linux 10 |
2025-11-18T18:20:52.865Z | 2025-11-18T18:20:52.865Z |
| cve-2025-61661 | 4.8 (v3.1) | Grub2: out-of-bounds write |
Red Hat |
Red Hat Enterprise Linux 10 |
2025-11-18T18:20:42.151Z | 2025-11-18T18:20:42.151Z |
| cve-2025-54771 | 4.9 (v3.1) | Grub2: use-after-free in grub_file_close() |
Red Hat |
Red Hat Enterprise Linux 10 |
2025-11-18T18:20:40.350Z | 2025-11-18T18:20:40.350Z |
| cve-2025-63693 | N/A | The comment editing template (dzz/comment/templat… |
n/a |
n/a |
2025-11-18T00:00:00.000Z | 2025-11-18T18:16:59.431Z |
| cve-2025-63695 | N/A | DzzOffice v2.3.7 and before is vulnerable to Arbi… |
n/a |
n/a |
2025-11-18T00:00:00.000Z | 2025-11-18T18:12:28.924Z |
| cve-2025-64756 | glob CLI: Command injection via -c/--cmd executes matc… |
isaacs |
node-glob |
2025-11-17T17:29:08.029Z | 2025-11-18T18:11:43.358Z | |
| cve-2025-63994 | N/A | An arbitrary file upload vulnerability in the /ph… |
n/a |
n/a |
2025-11-18T00:00:00.000Z | 2025-11-18T18:06:36.071Z |
| cve-2025-64076 | Multiple vulnerabilities exist in cbor2 through v… |
n/a |
n/a |
2025-11-18T00:00:00.000Z | 2025-11-18T17:58:47.616Z | |
| cve-2025-63694 | N/A | DzzOffice v2.3.7 and before is vulnerable to SQL … |
n/a |
n/a |
2025-11-18T00:00:00.000Z | 2025-11-18T17:58:09.002Z |
| cve-2025-56643 | N/A | Requarks Wiki.js 2.5.307 does not properly revoke… |
n/a |
n/a |
2025-11-18T00:00:00.000Z | 2025-11-18T17:42:16.393Z |
| cve-2025-9312 | 9.8 (v3.1) | Improper Certificate-Based Authentication Enforcement … |
WSO2 |
WSO2 API Manager |
2025-11-18T12:05:22.207Z | 2025-11-18T17:38:15.686Z |
| cve-2025-30398 | 8.1 (v3.1) | Nuance PowerScribe 360 Information Disclosure Vulnerability |
Microsoft |
Nuance PowerScribe 360 version 4.0.5 |
2025-11-11T17:59:51.398Z | 2025-11-18T17:37:03.342Z |
| cve-2025-62453 | 5 (v3.1) | GitHub Copilot and Visual Studio Code Security Feature… |
Microsoft |
Visual Studio Code |
2025-11-11T17:59:50.831Z | 2025-11-18T17:37:02.765Z |
| cve-2025-60721 | 7.8 (v3.1) | Windows Administrator Protection Elevation of Privileg… |
Microsoft |
Windows 11 Version 25H2 |
2025-11-11T17:59:50.261Z | 2025-11-18T17:37:02.200Z |
| cve-2025-62449 | 6.8 (v3.1) | Microsoft Visual Studio Code CoPilot Chat Extension Se… |
Microsoft |
Microsoft Visual Studio Code CoPilot Chat Extension |
2025-11-11T17:59:49.768Z | 2025-11-18T17:37:01.603Z |
| cve-2025-62222 | 8.8 (v3.1) | Agentic AI and Visual Studio Code Remote Code Executio… |
Microsoft |
Microsoft Visual Studio Code CoPilot Chat Extension |
2025-11-11T17:59:49.273Z | 2025-11-18T17:37:00.967Z |
| cve-2025-62213 | 7 (v3.1) | Windows Ancillary Function Driver for WinSock Elevatio… |
Microsoft |
Windows 10 Version 1809 |
2025-11-11T17:59:48.693Z | 2025-11-18T17:37:00.352Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-000100 | Multiple Roboticsware products register Windows services with unquoted file paths | 2025-11-04T14:17+09:00 | 2025-11-04T14:17+09:00 |
| jvndb-2025-000098 | Optical Disc Archive Software (for Windows) registers a Windows service with an unquoted file path | 2025-11-04T13:51+09:00 | 2025-11-04T13:51+09:00 |
| jvndb-2025-000099 | Progress Flowmon vulnerable to authenticated OS command injection | 2025-11-04T12:47+09:00 | 2025-11-04T12:47+09:00 |
| jvndb-2025-000096 | Installer of WTW EAGLE (for Windows) may insecurely load Dynamic Link Libraries | 2025-10-29T14:17+09:00 | 2025-10-29T14:17+09:00 |
| jvndb-2025-000095 | MZK-DP300N uses hard-coded credentials | 2025-10-28T14:04+09:00 | 2025-10-28T14:04+09:00 |
| jvndb-2025-014793 | NIHON KOHDEN Central Monitor CNS-6201 vulnerable to NULL pointer dereference | 2025-10-01T11:35+09:00 | 2025-10-27T12:28+09:00 |
| jvndb-2025-000093 | Multiple stored cross-site scripting vulnerabilities in Pleasanter | 2025-10-24T15:11+09:00 | 2025-10-24T15:11+09:00 |
| jvndb-2025-000084 | GROWI vulnerable to cross-site scripting | 2025-10-22T15:44+09:00 | 2025-10-22T15:44+09:00 |
| jvndb-2025-000090 | Multiple stored cross-site scripting vulnerabilities in Movable Type | 2025-10-22T13:54+09:00 | 2025-10-22T13:54+09:00 |
| jvndb-2025-000088 | Lanscope Endpoint Manager (On-Premises) vulnerable to improper verification of source of a communication channel | 2025-10-20T16:17+09:00 | 2025-10-22T10:06+09:00 |
| jvndb-2025-000092 | ETERNUS SF vulnerable to incorrect default permissions | 2025-10-20T14:20+09:00 | 2025-10-20T14:20+09:00 |
| jvndb-2025-000089 | Installer of AutoDownloader may insecurely load Dynamic Link Libraries | 2025-10-17T13:38+09:00 | 2025-10-17T13:38+09:00 |
| jvndb-2025-000074 | Multiple vulnerabilities in desknet's NEO | 2025-10-16T17:30+09:00 | 2025-10-16T17:30+09:00 |
| jvndb-2025-000076 | Multiple vulnerabilities in ChatLuck | 2025-10-16T17:17+09:00 | 2025-10-16T17:17+09:00 |
| jvndb-2025-000087 | Ruijie Networks RG-EST300 undocumented SSH functionality | 2025-10-16T14:19+09:00 | 2025-10-16T14:19+09:00 |
| jvndb-2025-016124 | Buffalo Wi-Fi router WXR9300BE6P series vulnerable to path traversal | 2025-10-16T11:16+09:00 | 2025-10-16T11:16+09:00 |
| jvndb-2025-000085 | Multiple RSUPPORT products may insecurely load Dynamic Link Libraries | 2025-10-15T15:55+09:00 | 2025-10-15T15:55+09:00 |
| jvndb-2025-000086 | Phoenix Contact CHARX SEC-3xxx vulnerable to code injection | 2025-10-15T15:54+09:00 | 2025-10-15T15:54+09:00 |
| jvndb-2025-000083 | BUFFALO NAS Navigator2 registers a Windows service with an unquoted file path | 2025-10-10T13:56+09:00 | 2025-10-10T13:56+09:00 |
| jvndb-2025-015451 | Multiple vulnerabilities in FUJI Electric V-SFT | 2025-10-09T13:39+09:00 | 2025-10-09T13:39+09:00 |
| jvndb-2025-000081 | DataSpider Servista improper restriction of XML external entity references | 2025-09-29T14:44+09:00 | 2025-10-07T16:54+09:00 |
| jvndb-2025-000082 | The installers of DENSO TEN drive recorder viewer may insecurely load Dynamic Link Libraries | 2025-10-06T15:38+09:00 | 2025-10-06T15:38+09:00 |
| jvndb-2025-015061 | Trend Micro Antivirus for Mac vulnerable to Local Privilege Escalation | 2025-10-06T13:52+09:00 | 2025-10-06T13:52+09:00 |
| jvndb-2025-000044 | Denial-of-service (DoS) vulnerabilities in multiple Apache products | 2025-06-26T14:41+09:00 | 2025-10-01T14:18+09:00 |
| jvndb-2025-014642 | Multiple vulnerabilities in Canon Printer Drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers | 2025-09-30T11:50+09:00 | 2025-09-30T11:50+09:00 |
| jvndb-2025-000066 | Improper file access permission settings in multiple i-FILTER products | 2025-08-27T19:50+09:00 | 2025-09-29T13:45+09:00 |
| jvndb-2025-000077 | RICOH Streamline NX vulnerable to tampering with operation history | 2025-09-08T13:42+09:00 | 2025-09-24T16:53+09:00 |
| jvndb-2025-007519 | Multiple vulnerabilities in multiple BROTHER products | 2025-06-26T18:15+09:00 | 2025-09-22T10:16+09:00 |
| jvndb-2025-014105 | OMRON SOCIAL SOLUTIONS Uninterruptible Power Supply (UPS) management application registers a Windows service with an unquoted file path | 2025-09-19T16:21+09:00 | 2025-09-19T16:21+09:00 |
| jvndb-2025-014104 | Multiple vulnerabilities in I-O DATA wireless LAN routers | 2025-09-19T14:58+09:00 | 2025-09-19T14:58+09:00 |
| ID | Description |
|---|---|
| ts-2022-005 | TS-2022-005 |
| ts-2022-004 | TS-2022-004 |
| ts-2022-003 | TS-2022-003 |
| ts-2022-002 | TS-2022-002 |
| ts-2022-001 | TS-2022-001 |