africa.absa:inception-application (>=1.0.0 <=1.2.0), app.fmgp:scala-did-docs_3 (>=0.1.0-M16 <=0.1.0-M33) +3479 more potentially affected by CVE-2024-3884 via io.undertow:undertow-core (>=1.0.0.Alpha1 <=2.2.38.Final)

io.undertow:undertow-core MAVEN version =1.0.0.Alpha1, =1.0.0, =0.1.0-M16, =1.0.0, =0.4.0, =2.0.0, =1.0.2, =1.0.0, =1.2.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1 and more Source cves: CVE-2024-3884 Source advisory: OSV:GHSA-6H4F-PJ3G-Q8FQ...

Malicious code in leafygreen-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59f7fae370136d1686b52bfce441170148b5370d9bc737f0426895d826f2933e The package leafygreen-docs was found to contain malicious code...

EUVD-2025-200054

Malicious code in leafygreen-docs npm...

MAL-2025-191515 Malicious code in leafygreen-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59f7fae370136d1686b52bfce441170148b5370d9bc737f0426895d826f2933e The package leafygreen-docs was found to contain malicious code...

Important: Red Hat Security Advisory: Red Hat Developer Hub 1.7.3 release.

Red Hat Developer Hub 1.7.3 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

CVE-2025-13507 Time-series operations may cause internal BSON size limit to be exceed

Inconsistent object size validation in time series processing logic may result in later processing of oversized BSON documents leading to an assert failing and process termination. This issue impacts MongoDB Server v7.0 versions prior to 7.0.26, v8.0 versions prior to 8.0.16 and MongoDB server v8...

Malicious code in @browserbasehq/stagehand-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba1d760d2f3ab2322b527554b05f55f9d8ceb73868da963ea4d060a1a5a5134f The package @browserbasehq/stagehand-docs was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199335

Malicious code in @browserbasehq/stagehand-docs npm...

This Week in Spring - Spring Boot 4 edition! - November 25th, 2025

Hi, Spring fans! Welcome to another illustrious installment of This Week in Spring! It’s Thanksgiving week here in the United States. Thanksgiving is traditionally celebrated with friends and family every fourth Thursday of November, gathered around a table full of food and, usually, a giant...

ONLYOFFICE Docs 信任管理问题漏洞

ONLYOFFICE Docs is an online office software from ONLYOFFICE, Inc. A trust management issue vulnerability exists in ONLYOFFICE Docs versions 22.11 through prior to 25.05 and prior to 25.11, which stems from the use of a hard-coded key to protect the file cache, which could lead to accessing known...

PT-2025-53379

Name of the Vulnerable Software and Affected Versions ONLYOFFICE Docs versions prior to 9.2.1 Description The software contains a flaw that allows for Cross-Site Scripting XSS within the textarea of the comment editing form. This issue is related to the DocumentServer component. Recommendations...

PT-2025-53412

Name of the Vulnerable Software and Affected Versions ONLYOFFICE Docs versions prior to 9.2.1 Description ONLYOFFICE Docs contains a flaw that allows for Cross-Site Scripting XSS through the Color theme name within DocumentServer. Recommendations Update to version 9.2.1 or later...

PT-2025-53411

Name of the Vulnerable Software and Affected Versions ONLYOFFICE Docs versions prior to 9.2.1 Description The software contains a flaw that allows for cross-site scripting XSS. This occurs through manipulation of the Font field within the Multilevel list settings window. The issue is related to t...

MAL-2025-105313 Malicious code in lonely_weasel-apptea (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68f870f98bee0713b3610f28c00373696af773766599d6afbc2e2d25c1299ddc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Moderate: Red Hat Security Advisory: Red Hat Developer Hub 1.8.0 release.

Red Hat Developer Hub 1.8.0 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

CVE-2025-56230

Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the update component...

CVE-2025-56230

Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the update component...

CVE-2025-56230

Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the update component...

CVE-2025-56230

Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the update component...

CVE-2025-56230

Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the update component...