React Router vulnerable to Denial of Service via reflected user input in single-fetch

A DoS vulnerability exists in the React Router v7 Framework Mode, as well as Remix v2.9.0+ with Single Fetch enabled. In some scenarios the underlying serialization algorithm can become a bottleneck when encoding specific types of data into server responses. Please upgrade to React Router v7.14.0...

CLEANSTART-2026-IW91368 Security fixes for CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499 applied in versions: 7.14.0-r0

Multiple security vulnerabilities affect the kubernetes-dashboard-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

Keylime has a hardcoded attestation challenge nonce that allows replay attacks

CVE-2026-6420: Hardcoded attestation challenge nonce allows replay attacks Impact The CertificationParameters.generatechallenge method in the push attestation protocol uses a hardcoded challenge nonce instead of generating a cryptographically random value. This removes the nonce-based replay...

Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.14.0 release and security update

Red Hat AMQ Broker 7.14.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

EUVD-2025-23893

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-6782

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in Calibre 6.9.0 7.14.0 allow unauthenticated attackers to achieve remote code execution. CVE-2024-6782 Note that Nessus relies on the...

CVE-2025-54784

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. There is a Cross Site Scripting XSS vulnerability in the email viewer in versions 7.14.0 through 7.14.6. An external attacker could send a prepared message to the inbox of the SuiteCRM-instance...

CVE-2025-54784

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. There is a Cross Site Scripting XSS vulnerability in the email viewer in versions 7.14.0 through 7.14.6. An external attacker could send a prepared message to the inbox of the SuiteCRM-instance...

Exploit for CVE-2024-6782

CVE-2024-6782-PoC Usage: python3 ca...

DEBIAN-CVE-2024-6782

Improper access control in Calibre 6.9.0 7.14.0 allow unauthenticated attackers to achieve remote code execution...

CVE-2024-6781

Path traversal in Calibre = 7.14.0 allow unauthenticated attackers to achieve arbitrary file read...

PT-2024-5838 · Calibre · Calibre

Name of the Vulnerable Software and Affected Versions: Calibre versions prior to 7.14.0 Description: The issue is related to path traversal in the software, allowing unauthenticated attackers to achieve arbitrary file read. This is due to incorrect restriction of the directory path name with...

PT-2024-5692 · Calibre · Calibre

Name of the Vulnerable Software and Affected Versions: Calibre versions 6.9.0 through 7.14.0 Description: The issue is related to improper access control in the software, which allows unauthenticated attackers to achieve remote code execution. This is due to a vulnerability associated with...

Atlassian Confluence 7.14.0 < 7.19.8 < Remote Code Execution

According to its self-reported version number, the Atlassian Confluence application running on the remote host is 6.1.0 prior to 7.13.20, 6.1.0 prior to 7.19.8 or 6.1.0 prior to 8.2.0. It is, therefore, affected by a Remote Code Execution flaw which permits remote attackers to execute arbitary co...

CVE-2023-22503

Affected versions of Atlassian Confluence Server and Data Center allow anonymous remote attackers to view the names of attachments and labels in a private Confluence space. This occurs via an Information Disclosure vulnerability in the macro preview feature. This vulnerability was reported by Roj...

CVE-2023-22503

Affected versions of Atlassian Confluence Server and Data Center allow anonymous remote attackers to view the names of attachments and labels in a private Confluence space. This occurs via an Information Disclosure vulnerability in the macro preview feature. This vulnerability was reported by Roj...

Kibana 7.14.0 HTML Injection

According to its self-reported version number, the Kibana application running on the remote host is prior to 7.14.1. It is, therefore, affected by : - A code execution vulnerability due to an older version of js-yaml CVE-2021-22150 - An HTML Injection due to a lack of sanitization of document...

An Atlassian product has a security vulnerability.

Affected versions of Atlassian Confluence Server allow remote authenticated attackers to view sensitive information in the hidden attachments of custom content on reindexing via an Information Disclosure vulnerability in the search page. The affected versions are before version 7.13.12, from...

Elastic Kibana Code Execution Vulnerability (ESA-2021-21)

Elastic Kibana is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elastic:kibana";...

Elastic Kibana HTML Injection Vulnerability (ESA-2021-23)

Elastic Kibana is prone to an HTML injection vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elastic:kibana";...