Security Bulletin: A heap-based buffer overflow flaw affects CICS Transaction Gateway for Multiplatforms container (CVE-2022-0185)

Summary A heap-based buffer overflow flaw affects CICS Transaction Gateway for Multiplatforms container. CICS Transaction Gateway for Multiplatforms container has documented how to address the applicable vulnerability. Vulnerability Details CVEID:CVE-2022-0185 DESCRIPTION: A heap-based buffer...

CVE-1999-0185

In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution...

EUVD-2026-0185

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

Alibaba Cloud Linux 3 : 0185: mariadb:10.5 (ALINUX3-SA-2025:0185)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0185 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-52969: MariaDB Server 10.4 throug...

Security Bulletin: IBM Fusion Data Catalog Service is vulnerable to elevated container linux kernel privileges (CVE-2022-0185)

Summary IBM Fusion's Data Catalog Service containers previously required certain elevated linux kernel privileges. CVE-2022-0185. Vulnerability Details CVEID:CVE-2022-0185 DESCRIPTION: A heap-based buffer overflow flaw was found in the way the legacyparseparam function in the Filesystem Context...

TencentOS Server 3: kernel (TSSA-2022:0015)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0015 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2020-0185

In avrcparsbrowsingcmd of avrcparstg.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Androi...

CVE-2019-0185

Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor families; IntelR XeonR Processor E3-1500 v5 and v6 families; IntelR XeonR E-2100 and E-2200 Processor families with IntelR Processor Graphics may allow a privileged user ...

CVE-2025-0185

creationtimestamp| type| source ---|---|--- 2025-03-20 12:48:48+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114194836439440121 2025-03-20 13:13:22+00:00| seen| https://t.me/cvedetector/20725 2025-08-11 18:27:49+00:00| seen| MISP/3e4b778d-5810-4171-a915-f1d106684af4...

CVE-2025-0185

A vulnerability in the Dify Tools' Vanna module of the langgenius/dify repository allows for a Pandas Query Injection in the latest version. The vulnerability occurs in the function vn.gettrainingplangenericdfinformationschema, which does not properly sanitize user inputs before executing queries...

CVE-2025-0185 Pandas Query Injection in langgenius/dify

A vulnerability in the Dify Tools' Vanna module of the langgenius/dify repository allows for a Pandas Query Injection in the latest version. The vulnerability occurs in the function vn.gettrainingplangenericdfinformationschema, which does not properly sanitize user inputs before executing queries...

CVE-2025-0185 Pandas Query Injection in langgenius/dify

A vulnerability in the Dify Tools' Vanna module of the langgenius/dify repository allows for a Pandas Query Injection in the latest version. The vulnerability occurs in the function vn.gettrainingplangenericdfinformationschema, which does not properly sanitize user inputs before executing queries...

Linux Distros Unpatched Vulnerability : CVE-2014-0185

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sapi/fpm/fpm/fpmunix.c in the FastCGI Process Manager FPM in PHP before 5.4.28 and 5.5.x before 5.5.12 uses 0666 permissions for the UNIX socket, which allows...

CERT-UA Warns of Phishing Attacks Targeting Ukraine's Defense and Security Force

The Computer Emergency Response Team of Ukraine CERT-UA has warned of a new set of cyber attacks that it said were aimed at defense companies in the country as well as its security and defense forces. The phishing attacks have been attributed to a Russia-linked threat actor called UAC-0185 aka...

Photon OS 5.0: Openresty PHSA-2024-5.0-0185

An update of the openresty package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0185. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Openssl PHSA-2022-4.0-0185

An update of the openssl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-4.0-0185. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Exploit for Integer Overflow or Wraparound in Linux Linux_Kernel

CVE-2022-0185-Case-Study This case study is a result of an as...

China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws

A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of delivering additional backdoors on compromised Linux hosts as part of an "aggressive" campaign. Google-owned Mandiant is tracking the activity under its...

CVE-2019-0185

creationtimestamp| type| source ---|---|--- 2024-02-14 10:56:53+00:00| seen| https://t.me/ctinow/184540...

openSUSE 15 Security Update : python-Pillow (SUSE-SU-2024:0185-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:0185-1 advisory. - Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which...