Linux Distros Unpatched Vulnerability : CVE-2018-4117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes...

CVE-2025-49391

Cross-Site Request Forgery CSRF vulnerability in Fetch Designs Sign-up Sheets sign-up-sheets allows Cross Site Request Forgery.This issue affects Sign-up Sheets: from n/a through = 2.3.3...

CVE-2025-49391 WordPress Sign-up Sheets Plugin <= 2.3.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Fetch Designs Sign-up Sheets sign-up-sheets allows Cross Site Request Forgery.This issue affects Sign-up Sheets: from n/a through = 2.3.3...

PT-2025-33935 · Fetch Designs · Fetch Designs Sign-Up Sheets

Name of the Vulnerable Software and Affected Versions: Fetch Designs Sign-up Sheets versions through 2.3.3 Description: The vulnerability allows for Cross-Site Request Forgery CSRF. This issue affects the Sign-up Sheets functionality. Recommendations: At the moment, there is no information about ...

CVE-2025-38584

The CVE-2025-38584 issue is a Linux kernel vulnerability in the padata subsystem. A race condition/use-after-free could occur in padata_reorder after a padata item is enqueued but before the next item is prepared, potentially allowing premature dereference of the pd reference. The fix updates the...

Linux Distros Unpatched Vulnerability : CVE-2019-12456

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the MPT3COMMAND case in ctlioctlmain in drivers/scsi/mpt3sas/mpt3sasctl.c in the Linux kernel through 5.1.5. It allows local users to...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49138: Bluetooth: hcievent: Fix checking conn for leconncompleteevt bsc1238160. CVE-2023-52923: netfilter: nftables: split async and sync catchall in two...

Linux Distros Unpatched Vulnerability : CVE-2022-2596

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10. CVE-2022-2596 Note that Nessus relies on the presence of t...

Linux Distros Unpatched Vulnerability : CVE-2018-6091

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Service Workers can intercept any request made by an or tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2025-097)

The version of kernel installed on the remote host is prior to 5.10.238-234.956. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-097 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix -anonvma race...

Linux Distros Unpatched Vulnerability : CVE-2022-41404

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the fetch method in the BasicProfile class of org.ini4j through version v0.5.4 allows attackers to cause a Denial of Service DoS via unspecified...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a recursive fetch of rtnllock during probing, which could result in a deadlock...

GHSA-3X3Q-GHCP-WHF7 Template Secret leakage in logs in Scaffolder when using `fetch:template`

A logging flaw in Backstage Scaffolder’s fetch:template action up to @backstage/plugin-scaffolder-backend 2.1.0 may write template secrets to logs. The action emitted a duplicate, pre-redaction copy of input parameters, so values provided via the secrets bag could appear in local/server logs when...

Template Secret leakage in logs in Scaffolder when using `fetch:template`

A logging flaw in Backstage Scaffolder’s fetch:template action up to @backstage/plugin-scaffolder-backend 2.1.0 may write template secrets to logs. The action emitted a duplicate, pre-redaction copy of input parameters, so values provided via the secrets bag could appear in local/server logs when...

Insertion of Sensitive Information into Log File

Overview @backstage/plugin-scaffolder-backend is a The Backstage backend plugin that helps you create new things Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the fetch:template action, which duplicates logging of the input values. An...

CVE-2025-55285

@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. Prior to version 2.1.1, duplicate logging of the input values in the fetch:template action in the Scaffolder meant that some of the secrets were not properly redacted. If $ secrets.x is not passed...

CVE-2025-55285 @backstage/plugin-scaffolder-backend Template Secret Leakage in Logs in Scaffolder When Using `fetch:template`

@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. Prior to version 2.1.1, duplicate logging of the input values in the fetch:template action in the Scaffolder meant that some of the secrets were not properly redacted. If $ secrets.x is not passed...

CVE-2025-55285

The CVE-2025-55285 issue affects the Backstage scaffolder-backend plugin. Before version 2.1.1, the fetch:template action could duplicate the input log path, causing some secrets passed via the {{ secrets }} bag to be written to logs instead of being redacted. Affected product: @backstage/plugin-...

CVE-2025-55285 @backstage/plugin-scaffolder-backend Template Secret Leakage in Logs in Scaffolder When Using `fetch:template`

@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. Prior to version 2.1.1, duplicate logging of the input values in the fetch:template action in the Scaffolder meant that some of the secrets were not properly redacted. If $ secrets.x is not passed...

CVE-2025-55285 @backstage/plugin-scaffolder-backend Template Secret Leakage in Logs in Scaffolder When Using `fetch:template`

@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. Prior to version 2.1.1, duplicate logging of the input values in the fetch:template action in the Scaffolder meant that some of the secrets were not properly redacted. If $ secrets.x is not passed...