BELL-CVE-2025-21950

Bulletin has no description...

BELL-CVE-2025-21991

Bulletin has no description...

Citrix Workspace App for MAC - Intermittent sign in failure, browser access works

Administrators may notice that the Mac end points intermittently fail sign into workspace app. Visiting the store via browser would work consistently...

SNMP for Power Supply configured but alerts not receiving

SNMP configured for Power Supply but alerts not receiving...

GHSA-929M-PHJG-QWCC Duplicate Advisory: MathLive's Lack of Escaping of HTML allows for XSS

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-qwj6-q94f-8425. This link is maintained to preserve external references. Original Description Cross Site Scripting vulnerability in arnog MathLive Versions v0.103.0 and before fixed in 0.104.0 allows an attacker...

WordPress WordPress Galleria plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by johska in WordPress Plugin WordPress Galleria versions = 1.4...

WordPress Content Manager Light plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Content Manager Light versions = 3.2...

Drupal Link field display mode formatter Cross-Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Link field display mode formatter allows Cross-Site Scripting XSS. This issue affects Link field display mode formatter: from 0.0.0 before 1.6.0...

CGA-VR42-XF3W-MQH8

Bulletin has no description...

CGA-7H72-423X-QHQR

Bulletin has no description...

Licensed uberAgent still shows Evaluation Version splash screen at login

An operating system with uberAgent installed continues to show a splash screen during user login, stating the agent is running an Evaluation Version. The uberAgent.log file shows messages similar to the following: 2024-12-06 13:50:25.560 +0100,INFO ,WORKGROUP,SRV2016$,6372,LicenseCheck,Starting...

BELL-CVE-2025-21877

Bulletin has no description...

BELL-CVE-2025-21887

Bulletin has no description...

BELL-CVE-2023-53018

Bulletin has no description...

Citrix : ADC: Netscaler VPX vs ESXi compatibility version

Netscaler VPX on ESXi got rebooted automatically...

CVE-2025-27837

An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for base/gpmswin.c and base/winrtsup.cpp...

Cart Manipulation

sylius/paypal-plugin is vulnerable to cart manipulation. The vulnerability is due to improper order validation and enforcement after PayPal payment authorization, allowing users to alter their cart contents before finalizing the order...

PT-2025-12096 · Unknown · Automatic1111/Stable-Diffusion-Webui

Name of the Vulnerable Software and Affected Versions: automatic1111/stable-diffusion-webui version 1.10.0 Description: An open redirect vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a...

Azure Linux 3.0 Security Update: kernel (CVE-2024-56648)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56648 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound...

MAL-2025-2490 Malicious code in @theoretical123/ethers (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38f44d0e1293ff85f758987b79eb290ef0efac3652257af79e2c30e98267c89a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...