@bnsights/bbsf-admin-portal (>=1.1.66 <=1.1.93-beta.5), @bnsights/bbsf-controls (>=1.0.170 <=1.0.194-beta.10) +3 more potentially affected by unknown CVE via ng2-file-upload (=7.0.1)

ng2-file-upload NPM version =7.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on ng2-file-upload and may be impacted: - @bnsights/bbsf-admin-portal =1.1.66, =1.0.170, =1.0.194-beta.10 - @ux-aspects/ux-aspects-docs =11.0.0 - angular-mvp =1.3.16-A18 -...

@crowdstrike/ember-oss-docs (>=1.0.1 <=1.1.8) potentially affected by unknown CVE via ember-url-hash-polyfill (=1.0.11)

ember-url-hash-polyfill NPM version =1.0.11 is affected by a known vulnerability. The following packages have a transitive dependency on ember-url-hash-polyfill and may be impacted: - @crowdstrike/ember-oss-docs =1.0.1, =1.1.8 Source cves: unknown CVE Source advisory:...

MAL-2025-46999 Malicious code in @amazon-bedrock-agents-healthcare-lifesciences/docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ecf7f917126f8a71d26227e7f55cdabe99eed6831cb23345e4045192f6a36446 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-58462

OPEXUS FOIAXpress Public Access Link PAL before version 11.13.1.0 allows SQL injection via SearchPopularDocs.aspx. A remote, unauthenticated attacker could read, write, or delete any content in the underlying database...

CVE-2025-10116

The CVE-2025-10116 entry concerns SiempreCMS

Malicious code in arbutus-docs (npm)

The package arbutus-docs was found to contain malicious code...

MAL-2025-43487 Malicious code in arbutus-docs (npm)

The package arbutus-docs was found to contain malicious code...

Malicious code in fusionjs-docs (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-41988 Malicious code in fusionjs-docs (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

Important: Red Hat Security Advisory: Red Hat Developer Hub 1.6.4 release.

Red Hat Developer Hub 1.6.4 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

@antonyfaris/prefix-node-builtins (>=1.0.0 <=1.0.1), @awesome-myst/myst-awesome (>=0.0.1 <=0.0.7) +7 more potentially affected by CVE-2025-55303 via astro (>=5.0.0-beta.5 <=5.13.10)

astro NPM version =5.0.0-beta.5, =1.0.0, =0.0.1, =0.0.1, =0.1.8, =0.0.1, =0.0.1, =1.249.8, =1.267.0 Source cves: CVE-2025-55303 Source advisory: SNYK:JS-ASTRO-12027668...

Important: Red Hat Security Advisory: Red Hat Developer Hub 1.7.0 release.

Red Hat Developer Hub 1.7.0 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

Linux Distros Unpatched Vulnerability : CVE-2023-49921

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered by Elastic whereby Watcher search input logged the search query results on DEBUG log level. This could lead to raw contents of documents...

CVE-2025-7499 BetterDocs <= 4.1.1 - Missing Authorization to Private And Password-Protected Posts Information Disclosure

The BetterDocs – Advanced AI-Driven Documentation, FAQ & Knowledge Base Tool for Elementor & Gutenberg with Encyclopedia, AI Support, Instant Answers plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getresponse function in all versions up ...

CVE-2025-55199 vulnerabilities

Vulnerabilities for packages: zarf, cilium-cli, cluster-api-helm-controller, kots, kargo, cert-manager-cmctl, chart-testing, kuma, flux-helm-controller, flux, envoy-gateway, cerbos, k9s, chartmuseum, tw, teleport, flux-source-controller, eksctl, headlamp, istio, pluto, k8ssandra-client, consul-k8...

CVE-2025-55198 vulnerabilities

Vulnerabilities for packages: zarf, cilium-cli, cluster-api-helm-controller, kots, kargo, cert-manager-cmctl, chart-testing, kuma, flux-helm-controller, flux, envoy-gateway, cerbos, k9s, chartmuseum, teleport, flux-source-controller, eksctl, headlamp, istio, pluto, k8ssandra-client, consul-k8s,...

GHSA-F9F8-9PMF-XV68 vulnerabilities

Vulnerabilities for packages: zarf, cilium-cli, cluster-api-helm-controller, kots, kargo, cert-manager-cmctl, chart-testing, kuma, flux-helm-controller, flux, envoy-gateway, cerbos, k9s, chartmuseum, teleport, flux-source-controller, eksctl, headlamp, istio, pluto, k8ssandra-client, consul-k8s,...

GHSA-9H84-QMV7-982P vulnerabilities

Vulnerabilities for packages: zarf, cilium-cli, cluster-api-helm-controller, kots, kargo, cert-manager-cmctl, chart-testing, kuma, flux-helm-controller, flux, envoy-gateway, cerbos, k9s, chartmuseum, tw, teleport, flux-source-controller, eksctl, headlamp, istio, pluto, k8ssandra-client, consul-k8...

CVE-2025-31987

HCL Connections Docs may mishandle validation of certain uploaded documents leading to denial of service due to resource exhaustion...

artery-routes-docs (>=0.0.2 <=0.0.25), arteryjs (=0.0.0) +5 more potentially affected by unknown CVE via to-slug (=0.0.0)

to-slug NPM version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on to-slug and may be impacted: - artery-routes-docs =0.0.2, =0.2.0, =0.0.0, =1.0.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-37002...