PT-2025-47294

Name of the Vulnerable Software and Affected Versions versions affected versions not specified Description A webserver misconfiguration allows an unauthenticated remote attacker to read the source code of PHP modules. Recommendations At the moment, there is no information about a newer version th...

CVE-2025-36299

IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in further attacks against the system...

CVE-2025-36299

IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in further attacks against the system...

CVE-2025-36299

CVE-2025-36299 affects IBM Planning Analytics Local 2.1.0–2.1.14. The advisory states that these versions store sensitive information in source code, which could be leveraged in subsequent attacks against the system. The Fix/Remediation recommends upgrading to IBM Planning Analytics Local 2.1.15 ...

CVE-2025-36299 IBM Planning Analytics Information Disclosure

IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in further attacks against the system...

[SECURITY] Fedora 41 Update: xmedcon-0.25.3-1.fc41

This project stands for Medical Image Conversion and is released under the GNU's LGPL license. It bundles the C source code, a library, a flexible command-line utility and a graphical front-end based on the amazing Gtk+ toolkit. Its main purpose is image conversion while preserving valuable medic...

[SECURITY] Fedora 43 Update: xmedcon-0.25.3-1.fc43

This project stands for Medical Image Conversion and is released under the GNU's LGPL license. It bundles the C source code, a library, a flexible command-line utility and a graphical front-end based on the amazing Gtk+ toolkit. Its main purpose is image conversion while preserving valuable medic...

Wapiti Web Application Vulnerability Scanner 3.2.10 Source Code

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the source code release...

PT-2025-47205

Name of the Vulnerable Software and Affected Versions IBM Planning Analytics Local versions 2.1.0 through 2.1.14 Description IBM Planning Analytics Local versions 2.1.0 through 2.1.14 stores sensitive information within its source code. This could potentially be leveraged in subsequent attacks...

CVE-2025-9982

A vulnerability exists in QuickCMS version 6.8 where sensitive admin credentials are hardcoded in a configuration file and stored in plaintext. This flaw allows attackers with access to the source code or the server file system to retrieve authentication details, potentially leading to privilege...

HSEC-2024-0002 out-of-bounds write when there are many bzip2 selectors

out-of-bounds write when there are many bzip2 selectors A malicious bzip2 payload may produce a memory corruption resulting in a denial of service and/or remote code execution. Network services or command line utilities decompressing untrusted bzip2 payloads are affected. Note that the exploitati...

Wazuh 4.14.1

Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...

TOR Virtual Network Tunneling Tool 0.4.8.20

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...

[SECURITY] Fedora 43 Update: python-inline-snapshot-0.30.1-1.fc43

Golden master/snapshot/approval testing library which puts the values right into your source code...

Origin Validation Error

@parcel/reporter-dev-server is vulnerable to an Origin Validation Error. The vulnerability is due to the server failing to verify and enforce the Origin header for XMLHttpRequests. An attacker can host a malicious webpage that issues cross-origin XMLHttpRequests to a developer's running dev serve...

CVE-2025-54471

NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data...

CVE-2025-54471 NeuVector is shipping cryptographic material into its binary

NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data...

CVE-2025-54471 NeuVector is shipping cryptographic material into its binary

NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data...

Wapiti Web Application Vulnerability Scanner 3.2.8 Source Code

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the source code release...

Security Bulletin: IBM Security QRadar Network Threat Analytics app for IBM QRadar SIEM includes a component with known vulnerabilities (CVE-2025-29927 & CVE-2025-48068)

Summary The product includes a vulnerable component e.g., framework library that may be identified and exploited with automated tools. IBM Security QRadar Network Threat Analytics app for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-29927 DESCRIPTION:...