Security Bulletin: IBM Semeru Runtime Quarterly CPU - Oct 2025 - Includes OpenJDK October 2025 CPU (includes CVE-2025-53057, CVE-2025-53066)

Summary Db2 Query Management Facility is vulnerable to IBM Semeru Runtime Quarterly CPU - Oct 2025 - Includes OpenJDK October 2025 CPU includes CVE-2025-53057, CVE-2025-53066 Vulnerability Details CVEID:CVE-2025-53057 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security...

CVE-2025-58059

Valtimo scripting engine vulnerability (CVE-2025-58059) affects Valtimo BPM platform prior to 12.16.0.RELEASE and 13.0.0.RELEASE to before 13.1.2.RELEASE. An admin who can create/modify and execute process definitions could access sensitive data or resources on the host (e.g., executing host exec...

Valtimo 安全漏洞

Valtimo is a low-code platform for business process automation open-sourced by Valtimo in the Netherlands. A security vulnerability exists in Valtimo versions prior to 12.16.0.RELEASE and 13.1.2.RELEASE, which stems from the possibility that an administrator may access sensitive data or resources...

CVE-2020-9910

Multiple issues were addressed with improved logic. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker with arbitrary read and write capability may be able t...

Adobe Substance 3D Designer Out-of-Bounds Write Vulnerability

Adobe Substance 3D Designer is a 3D design software from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Substance 3D Designer version 13.1.2 and earlier versions, which can be exploited by an attacker to execute arbitrary code in the context of the curren...

PT-2024-29605 · Adobe · Substance3D - Designer

Name of the Vulnerable Software and Affected Versions: Substance3D - Designer versions 13.1.2 and earlier Description: The issue is an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...

Adobe Substance 3D Designer 缓冲区错误漏洞

Adobe Substance 3D Designer is a 3D design software from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Substance 3D Designer version 13.1.2 and earlier versions, which can be exploited by an attacker to execute arbitrary code in the context of the curren...

Foxit PDF Editor < 13.1.2 Vulnerability

According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 13.1.2. It is, therefore affected by vulnerability: - A privilege escalation vulnerability exists in the Foxit Reader 2024.2.0.25138. The vulnerability...

GitLab 12.9 < 12.10.13 / 13.0 < 13.0.8 / 13.1 < 13.1.2 (CVE-2020-13322)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A vulnerability was discovered in GitLab versions after 12.9. Due to improper verification of permissions, an unauthorized user can create and delete deploy tokens. CVE-2020-13322 Note that Nessus has...

Safari < 13.1.2 Multiple Vulnerabilities

Binary data 701463.pasl...

WordPress WP Statistics Plugin < 13.1.2 CSRF Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:veronalabs:wpstatistics"; ifdescription...

CVE-2020-9942

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, Safari 13.1.2. Visiting a malicious website may lead to address bar spoofing...

Design/Logic Flaw

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, Safari 13.1.2. Visiting a malicious website may lead to address bar spoofing...

CVE-2020-9916

A URL Unicode encoding issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker may be able to conceal the...

CVE-2020-9910

Multiple issues were addressed with improved logic. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker with arbitrary read and write capability may be able t...

CVE-2020-9911

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy...

CVE-2020-9903

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. A malicious attacker may cause Safari to suggest a password for the wrong domain...

CVE-2020-9895

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected...

CVE-2020-9912

A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1.2. A malicious attacker may be able to change the origin of a frame for a download in Safari Reader mode...

CVE-2020-9911

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy...