report-anonymizer

🛡️ Report Anonymizer Local LLM anonymizer for penetration-t...

Resource Injection

Overview Affected versions of this package are vulnerable to Resource Injection in the NuGetGallery backend job’s handling of .nuspec files within NuGet packages. An attacker can bypass intended validation by supplying specially crafted package metadata IDs or versions. Remediation Upgrade...

CVE-2026-24775

OpenProject is an open-source, web-based project management software. In the new editor for collaborative documents based on BlockNote, OpenProject maintainers added a custom extension in OpenProject version 17.0.0 that allows to mention OpenProject work packages in the document. To show work...

CVE-2025-36229

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 could allow authenticated users to enumerate sensitive information of data due by enumerating package identifiers...

CVE-2025-36229

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 could allow authenticated users to enumerate sensitive information of data due by enumerating package identifiers...

CVE-2025-36229

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 could allow authenticated users to enumerate sensitive information of data due by enumerating package identifiers...

CVE-2025-36229

IBM Aspera Faspex 5.x (versions 5.0.0–5.0.14.1) is affected by CVE-2025-36229. Authenticated users may enumerate package identifiers to reveal sensitive data due to an information exposure issue. This is specific to Faspex 5 and arises from the way package metadata can be enumerated, enabling dis...

EUVD-2025-205440

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 could allow authenticated users to enumerate sensitive information of data due by enumerating package identifiers...

CVE-2025-36229 Exposure of Sensitive System Information to an Unauthorized Control Sphere in IBM Aspera Faspex

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 could allow authenticated users to enumerate sensitive information of data due by enumerating package identifiers...

PT-2025-53587

Name of the Vulnerable Software and Affected Versions IBM Aspera Faspex 5 versions 5.0.0 through 5.0.14.1 Description Authenticated users may be able to enumerate sensitive information regarding data due dates by enumerating package identifiers. The issue involves the potential disclosure of data...

IBM Aspera Faspex 安全漏洞

IBM Aspera Faspex is an International Business Machines IBM solution for rapid global person-to-person file delivery and collaboration. A security vulnerability exists in IBM Aspera Faspex 5 5.0.14.1 and prior versions, which originates from an authenticated user who may be able to enumerate...