EUVD-2025-11111

Malicious code in bioql PyPI...

Security Bulletin: Multiple vulnerabilities identified in VMWare ESXi shipped with IBM Cloud Pak System

Summary Vulnerabilties in VMware ESXi affect IBM Cloud Pak System. IBM Cloud Pak System has addressed these vulnerabilities. Vulnerability Details CVEID:CVE-2022-26373 DESCRIPTION: VMware ESXi could allow a local authenticated attacker to obtain sensitive information, caused by a...

CVE-2022-47701

COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting XSS...

CVE-2022-47699

COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Incorrect Access Control...

CVE-2022-47700

COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Incorrect Access Control. Improper authentication allows requests to be made to back-end scripts without a valid session or authentication...

PT-2023-15460 · Comfast · Comfast Cf-Wr623N Router

Name of the Vulnerable Software and Affected Versions: COMFAST CF-WR623N Router firmware versions V2.3.0.1 and before Description: The issue allows anyone to reset the password of the admin accounts, leading to account takeover. Recommendations: For COMFAST CF-WR623N Router firmware versions...

Shenzhen Sihai Zhonglian Network Technology COMFAST CF-WR623N 安全漏洞

The Shenzhen Sihai Zhonglian Network Technology COMFAST CF-WR623N is a wireless router from Shenzhen Sihai Zhonglian Network Technology Shenzhen, China. A security vulnerability exists in firmware version V2.3.0.1 of the Shenzhen Sihai Zhonglian Network Technology COMFAST CF-WR623N, which...

Shenzhen Sihai Zhonglian Network Technology COMFAST CF-WR623N 跨站脚本漏洞

The Shenzhen Sihai Zhonglian Network Technology COMFAST CF-WR623N is a wireless router from Shenzhen Sihai Zhonglian Network Technology Shenzhen, China. A security vulnerability exists in firmware version V2.3.0.1 of the Shenzhen Sihai Zhonglian Network Technology COMFAST CF-WR623N, which...

Security Bulletin: Vulnerability identified in docker for Red Hat Enterprise Linux

Summary Vulnerability identified in docker package for Red Hat Enterprise Linux potentially impact IBM Cloud Pak System. Vulnerability Details CVEID: CVE-2020-14300 DESCRIPTION: Docker package for Red Hat Enterprise Linux could allow a remote attacker to execute arbitrary code on the system, caus...

Security Bulletin: IBM Cloud Pak System is vulnerable to Intel Microarchitectural Data Sampling (MDS) Vulnerabilites

Summary Potential security vulnerabilities in CPUs may allow information disclosure. Vulnerability Details CVEID: CVE-2019-11091 DESCRIPTION: Microarchitectural Data Sampling Uncacheable Memory MDSUM: Uncacheable memory on some microprocessors utilizing speculative execution may allow an...

IBM Cloud Pak System Cross-Site Request Forgery Vulnerability

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. The product supports deploying, managing and moving application environments across hybrid clouds. A cross-site request forgery vulnerability exists in IBM Cloud Pak System...

CVE-2019-4467

IBM Cloud Pak System Platform System Manager (Cloud Pak System) is affected by CVE-2019-4467, with vulnerable versions 2.3 and 2.3.0.1. The issue is a cross-site scripting (XSS) vulnerability in the Web UI that can allow an attacker to embed arbitrary JavaScript, potentially leading to credential...

CVE-2019-4098

CVE-2019-4098 affects IBM Cloud Pak System 2.3 and 2.3.0.1, with a cross-site scripting vulnerability in the Web UI that could allow an attacker to embed arbitrary JavaScript and potentially disclose credentials within a trusted session. The IBM advisory (and related IBM X-Force reference) confir...

IBM Cloud Pak System Platform System Manager Cross-Site Scripting Vulnerability

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. The product supports deploying, managing and moving application environments across hybrid clouds. A cross-site scripting vulnerability exists in Platform System Manager in IBM...

IBM Cloud Pak System Platform System Manager Information Disclosure Vulnerability

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. The product supports deploying, managing and moving application environments across hybrid clouds. An information disclosure vulnerability exists in Platform System Manager in I...

IBM Cloud Pak System Cross-Site Scripting Vulnerability (CNVD-2019-44556)

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. The product supports deploying, managing and moving application environments across hybrid clouds. A cross-site scripting vulnerability exists in IBM Cloud Pak System versions 2...

IBM Cloud Pak System CVE-2019-4098 Cross Site Scripting Vulnerability

Description IBM Cloud Pak System is prone to an cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication...

CVE-2017-3537

Vulnerability in the Oracle Real-Time Scheduler component of Oracle Utilities Applications subcomponent: Mobile Communications Platform. Supported versions that are affected are 2.2.0.3.13, 2.3.0.0 and 2.3.0.1. Easily "exploitable" vulnerability allows unauthenticated attacker with network access...