EUVD-2025-24035

Malicious code in bioql PyPI...

CVE-2025-54999

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, when using OpenBao's userpass auth method, user enumeration was possible due to timing difference between non-existent users an...

PT-2025-32381 · Openbao · Openbao

Name of the Vulnerable Software and Affected Versions: OpenBao versions 0.1.0 through 2.3.1 Description: OpenBao is a software solution designed for managing, storing, and distributing sensitive data, including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, user enumeration was...

PT-2024-9918 · Apache +2 · Apache Kafka +2

Name of the Vulnerable Software and Affected Versions: Apache Kafka versions 0.10.2.0 through 3.9.0 Description: The issue is related to the incorrect implementation of the Salted Challenge Response Authentication Mechanism SCRAM in Apache Kafka. Specifically, the server does not verify that the...

Siemens Mendix Runtime

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

CVE-2020-9482

If NiFi Registry 0.1.0 to 0.5.0 uses an authentication mechanism other than PKI, when the user clicks Log Out, NiFi Registry invalidates the authentication token on the client side but not on the server side. This permits the user's client-side token to be used for up to 12 hours after logging ou...