Cleartext Storage of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information via ignoreApplyConfigs. An attacker can access sensitive information, such as credentials or secrets, by retrieving unencrypted values through API calls if they have GET or LIST permissions on...

Rancher Fleet Helm Values are stored inside BundleDeployment in plain text

Impact A vulnerability has been identified when using Fleet to manage Helm charts where sensitive information is passed through BundleDeployment.Spec.Options.Helm.Values may be stored in plain text. This can result in: 1. Unauthorized disclosure of sensitive data: Any user with GET or LIST...

GHSA-6H9X-9J5V-7W9H Rancher Fleet Helm Values are stored inside BundleDeployment in plain text

Impact A vulnerability has been identified when using Fleet to manage Helm charts where sensitive information is passed through BundleDeployment.Spec.Options.Helm.Values may be stored in plain text. This can result in: 1. Unauthorized disclosure of sensitive data: Any user with GET or LIST...

Incorrect Authorization

Overview contao/core-bundle is an Open Source PHP Content Management System for people who want a professional website that is easy to maintain. Affected versions of this package are vulnerable to Incorrect Authorization due to table access voter improper verification of a user permissions to...

Incorrect Authorization

Overview contao/core-bundle is an Open Source PHP Content Management System for people who want a professional website that is easy to maintain. Affected versions of this package are vulnerable to Incorrect Authorization in the fragments rendering process. An attacker can access sensitive...

Incorrect Authorization

Overview contao/core-bundle is an Open Source PHP Content Management System for people who want a professional website that is easy to maintain. Affected versions of this package are vulnerable to Incorrect Authorization in the page and article edit fields. An attacker can modify content without...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper filtering protected news archives. An attacker can access sensitive information by retrieving protected news items that are unintentionally included in the public RSS feed. Workaround This...

Cisco UCS Manager Software Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. For more information about these...

Linux Distros Unpatched Vulnerability : CVE-2020-1770

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: OTRS Community Edition: 5.0.41 an...

CVE-2025-43240

creationtimestamp| type| source ---|---|--- 2025-08-26 08:16:53+00:00| seen| https://vulnerability.circl.lu/bundle/c1aa3b44-ae54-436b-b3c3-a88194ecb70e...

CVE-2025-43211

creationtimestamp| type| source ---|---|--- 2025-08-26 08:16:53+00:00| seen| https://vulnerability.circl.lu/bundle/c1aa3b44-ae54-436b-b3c3-a88194ecb70e...

CVE-2025-24188

creationtimestamp| type| source ---|---|--- 2025-08-26 08:16:53+00:00| seen| https://vulnerability.circl.lu/bundle/c1aa3b44-ae54-436b-b3c3-a88194ecb70e...

CVE-2025-31273

creationtimestamp| type| source ---|---|--- 2025-08-26 08:16:53+00:00| seen| https://vulnerability.circl.lu/bundle/c1aa3b44-ae54-436b-b3c3-a88194ecb70e 2026-04-02 22:17:44+00:00| seen| Telegram/KPFmBxULTPwA3hDhoR9h9PMgAu8sVTpVxH6h4m-4yWjc...

CVE-2025-43212

creationtimestamp| type| source ---|---|--- 2025-08-26 08:16:53+00:00| seen| https://vulnerability.circl.lu/bundle/c1aa3b44-ae54-436b-b3c3-a88194ecb70e...

CVE-2025-43213

creationtimestamp| type| source ---|---|--- 2025-08-26 08:16:53+00:00| seen| https://vulnerability.circl.lu/bundle/c1aa3b44-ae54-436b-b3c3-a88194ecb70e...

ROS-20250826-04

Vulnerability of Wireshark computer network traffic analyzer related to insufficient validation of user data in the column utility module of the Dissection engine. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in the CBOR...

Linux Distros Unpatched Vulnerability : CVE-2019-10909

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, validation messages are not escaped, which can lead...

Linux Distros Unpatched Vulnerability : CVE-2025-48385

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to...

Malicious code in website-bundle (npm)

The package website-bundle was found to contain malicious code...

Malicious code in runtime-bundle-armi (npm)

The package runtime-bundle-armi was found to contain malicious code...