CVE-2025-69208

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. Versions prior to 1.4.1 contain an Improper Error Handling vulnerability with Information Exposure. All deployments of free5GC using the NnefPfdManagement service may be...

Fedora: Security Advisory (FEDORA-2025-909f303a85)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2024-20346 · Prestashop · Hipresta Gift Wrapping Pro

Name of the Vulnerable Software and Affected Versions: HiPresta Gift Wrapping Pro module for PrestaShop versions prior to 1.4.1 Description: The issue allows remote attackers to escalate privileges and obtain sensitive information via the...

PT-2023-31802 · Hertzbeat · Hertzbeat

Name of the Vulnerable Software and Affected Versions: Hertzbeat versions prior to 1.4.1 Description: Hertzbeat is an open-source, real-time monitoring system that uses aviatorscript to evaluate alert expressions. Due to improper sanitization for alert expressions, a malicious user can use a...

Security Bulletin: IBM Security QRadar Analyst Workflow add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2015-9251 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...

PT-2020-19742 · Npm · Node-Oojs

Name of the Vulnerable Software and Affected Versions: node-oojs versions prior to 1.4.1 Description: The issue concerns Prototype Pollution via the setPath function. This allows for potential manipulation of object properties, which could lead to various security issues. Recommendations: For...

Impress CMS 1.4.0 Cross Site Scripting

Author: AppleBois Homepage: https://sourceforge.net/projects/impresscms/ Affected Version: 1.4.0 Stored XSS Allows an attacker to execute arbitrary HTML and JavaScript code Solution: Update to 1.4.1 More information : https://github.com/ImpressCMS/impresscms/issues/659 Payload = alert'AppleBois';...

GHSA-XM7F-X4WX-WMGV Out-of-bounds Read in byte

Versions of byte before 1.4.1 allocate uninitialized buffers and read data from them past the initialized length Recommendation Update to version 1.4.1 or later...

GHSA-6QQF-VVCR-7QRV Cryptographically Weak PRNG in generate-password

Affected versions of generate-password generate random values that are biased towards certain characters depending on the chosen character sets. This may result in guessable passwords. Recommendation Update to version 1.4.1 or later...