CVE-2025-21028

Improper privilege management in ThemeManager prior to SMR Sep-2025 Release 1 allows local privileged attackers to reuse trial items...

MAL-2025-29835 Malicious code in project-4h5ip-ugli (npm)

The package project-4h5ip-ugli was found to contain malicious code...

MAL-2025-17366 Malicious code in com.unity.timeline (npm)

The package com.unity.timeline was found to contain malicious code...

MAL-2025-22019 Malicious code in gstmain (npm)

The package gstmain was found to contain malicious code...

MAL-2025-12047 Malicious code in @zalastax/nolb-ipe (npm)

The package @zalastax/nolb-ipe was found to contain malicious code...

MAL-2025-18626 Malicious code in domotina (npm)

The package domotina was found to contain malicious code...

MAL-2025-30836 Malicious code in pulsar-kapok-nzom (npm)

The package pulsar-kapok-nzom was found to contain malicious code...

MAL-2025-10748 Malicious code in @zalastax/nolb-az0 (npm)

The package @zalastax/nolb-az0 was found to contain malicious code...

MAL-2025-17379 Malicious code in combiner (npm)

The package combiner was found to contain malicious code...

MAL-2025-22409 Malicious code in hexapong (npm)

The package hexapong was found to contain malicious code...

MAL-2025-32979 Malicious code in serenade_5ti9p_yiirq_molecule (npm)

The package serenade5ti9pyiirqmolecule was found to contain malicious code...

MAL-2025-28894 Malicious code in pasquack (npm)

The package pasquack was found to contain malicious code...

MAL-2025-16361 Malicious code in buritos (npm)

The package buritos was found to contain malicious code...

BELL-CVE-2025-38137

Bulletin has no description...

CVE-2025-48467

Successful exploitation of the vulnerability could allow an attacker to cause repeated reboots, potentially leading to remote denial-of-service and system unavailability...

CVE-2025-29873

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Station 5...

BELL-CVE-2025-5025 CVE-2025-5025 does not affect BellSoft software

Bulletin has no description...

Important: java-11-openjdk

Issue Overview: Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerabilit...

CVE-2023-35817

DevExpress before 23.1.3 allows AsyncDownloader SSRF...

CVE-2025-30254

An unauthenticated attacker can obtain a serial number of a smart meters using its owner's username...