5058 matches found
CVE-2025-14010 Ansible-collection-community-general: ansible-collection-community-general: keycloak user module leaks credentials in verbose output
A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure IE of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and...
CVE-2025-14010
CVE-2025-14010 affects the Ansible Community General collection, where a flaw in ansible-collection-community-general can cause information exposure of sensitive credentials (plaintext passwords) via verbose output when Ansible runs with debug. This means attackers with access to logs could poten...
CVE-2025-14010 Ansible-collection-community-general: ansible-collection-community-general: keycloak user module leaks credentials in verbose output
A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure IE of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an uninitialized sccindex, which could lead to a garbage collection error...
Linux Distros Unpatched Vulnerability : CVE-2025-40214
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - afunix: Initialise sccindex in unixaddedge. Quang Le reported that the AFUNIX GC could garbage- collect a receive queue of an alive in-flight socket, with a nic...
Community General Collection 安全漏洞
Community General Collection is a collection of automation tools open-sourced by Ansible Collections. A security vulnerability exists in ansible-collection-community-general, which stems from exporting sensitive credentials in debug mode, which could lead to information disclosure...
PT-2026-7416
Name of the Vulnerable Software and Affected Versions MongoDB affected versions not specified Description The internal locking mechanism within the MongoDB server utilizes an internal encoding of resources to determine which lock to acquire. A collision can occur where collections inadvertently...
PT-2025-49009
Name of the Vulnerable Software and Affected Versions ansible-collection-community-general affected versions not specified Description A flaw exists in ansible-collection-community-general that can lead to information exposure of sensitive credentials, specifically plaintext passwords. This occur...
Linux Distros Unpatched Vulnerability : CVE-2025-14010
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure IE of sensitive credentials, specifically plaintext...
CVE-2025-65097
RomM ROM Manager allows users to scan, enrich, browse and play their game collections with a clean and responsive interface. Prior to 4.4.1 and 4.4.1-beta.2, an Authenticated User can delete collections belonging to other users by directly sending a DELETE request to the collection endpoint. No...
CVE-2025-65097 Insecure Direct Object Reference (IDOR) Allows Unauthorized Deletion of User Collections
RomM ROM Manager allows users to scan, enrich, browse and play their game collections with a clean and responsive interface. Prior to 4.4.1 and 4.4.1-beta.2, an Authenticated User can delete collections belonging to other users by directly sending a DELETE request to the collection endpoint. No...
Romm 安全漏洞
Romm is a beautiful, powerful, self-hostable ROM manager and player open-sourced by The RomM Project. A security vulnerability exists in Romm versions prior to 4.4.1 and prior to 4.4.1-beta.2, which stems from a lack of ownership validation and could lead to the deletion of other users' collectio...
Exploits
Exploi...
EUVD-2025-199485
Malicious code in @oku-ui/collection npm...
Malicious code in @oku-ui/collection (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 881324e8071cf3faabccf492103c5280af893332c6a40845e781826209b86b0f The package @oku-ui/collection was found to contain malicious code. Source: google-open-source-security...
EUVD-2025-198918
Malicious code in @postman/postman-collection-fork npm...
MAL-2025-190907 Malicious code in @postman/postman-collection-fork (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64948ce72be9099e788f3fd4ab6f5a1a67d0012429ae4e198bc7baa85a5197dd The package @postman/postman-collection-fork was found to contain malicious code. Source: google-open-source-security...
Malicious code in @postman/postman-collection-fork (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64948ce72be9099e788f3fd4ab6f5a1a67d0012429ae4e198bc7baa85a5197dd The package @postman/postman-collection-fork was found to contain malicious code. Source: google-open-source-security...
CGA-C922-4FVP-6GQG
Bulletin has no description...
TencentOS Server 3: thunderbird (TSSA-2023:0054)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0054 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...