AZL-73319 CVE-2025-15284 affecting package nodejs-nodemon 2.0.3-5

Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...

Ubuntu: Security Advisory (USN-7936-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-12018 MembershipWorks <= 6.14 - Authenticated (Admin+) Stored Cross-Site Scripting

The MembershipWorks – Membership, Events & Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 6.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

PT-2025-46568

Name of the Vulnerable Software and Affected Versions MembershipWorks – Membership, Events & Directory plugin for WordPress versions prior to 6.14 Description The plugin is susceptible to Stored Cross-Site Scripting through admin settings due to inadequate input sanitization and output escaping...

Ubuntu: Security Advisory (USN-7860-5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7860-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2025-20024

Malicious code in bioql PyPI...

EUVD-2024-34619

Malicious code in bioql PyPI...

Ubuntu: Security Advisory (USN-7722-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7724-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2025-27722

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.14.0-rc7+ Description: A vulnerability in the Linux kernel has been resolved, specifically in the renesas usbhs module. The issue arises from the incorrect ordering of clock handling and power management in th...

CVE-2024-34090

An issue was discovered in Archer Platform 6 before 2024.04. There is a stored cross-site scripting XSS vulnerability. The login banner in the Archer Control Panel ACP did not previously escape content appropriately. 6.14 P3 6.14.0.3 is also a fixed release...

RHSA-2023:6818 Red Hat Security Advisory: Satellite 6.14 security and bug fix update

Bulletin has no description...

CVE-2024-7012

An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's modproxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing...

RHEL 8 : Satellite 6.14 (RHSA-2023:6818)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6818 advisory. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring...

Archer Platform Security Vulnerability

Archer Platform is a modern integrated risk management solution from Archer, Inc. A security vulnerability exists in Archer Platform version 6.x prior to 6.14 P2 HF2 6.14.0.2.2, which stems from the presence of a sensitive information disclosure vulnerability, whereby an unauthenticated attacker...

CVE-2023-48642

Archer Platform 6.x before 6.13 P2 6.13.0.2 contains an authenticated HTML content injection vulnerability. A remote authenticated malicious Archer user could potentially exploit this to store malicious HTML code in a trusted application data store. When victim users access the data store through...

CVE-2023-48641

Archer Platform 6.x before 6.14 P1 HF2 6.14.0.1.2 contains an insecure direct object reference vulnerability. An authenticated malicious user in a multi-instance installation could potentially exploit this vulnerability by manipulating application resource references in user requests to bypass...

PT-2023-30866 · Rsa · Archer Platform

Name of the Vulnerable Software and Affected Versions: Archer Platform versions 6.x through 6.14 P1 HF2 6.14.0.1.2 Description: The issue allows an authenticated malicious user in a multi-instance installation to potentially exploit it by manipulating application resource references in user...

Satellite 6.14 security and bug fix update

An update is available for libdb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rocky Enterprise Software Foundation Satellite is a systems management tool for...