CVE-2025-14376 Verve Asset Manager – Plaintext Storage Vulnerabilities

A security issue was discovered within the legacy ADI server component of Verve Asset Manager, caused by plaintext secrets stored in environment variables on the ADI server. This component has been retired and has been optional since the 1.36 release in 2024...

CVE-2024-34663

Integer overflow in libSEF.quram.so prior to SMR Oct-2024 Release 1 allows local attackers to write out-of-bounds memory...

IBM Concert Encryption Issues Vulnerabilities

IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform released in May 2024 by IBM. IBM Concert suffers from a cryptographic issue vulnerability that stems from the use of weak encryption algorithms, which can ...

IBM Concert Output Neutralization Malpractice Vulnerability

IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform released in May 2024 by IBM. IBM Concert suffers from an improper output neutralization vulnerability that can be exploited by an attacker to cause a forge...

IBM Concert 安全漏洞

IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform released in May 2024 by IBM. IBM Concert suffers from an information disclosure vulnerability that stems from uncontrolled recursive directory replication,...

IBM Concert 跨站脚本漏洞

IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform released in May 2024 by IBM. IBM Concert suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering an...

CVE-2024-14003

Nagios XI versions prior to 2024R1.2 are vulnerable to remote code execution (RCE) through NRDP server plugins, due to insufficient validation of inbound NRDP request parameters that can reach command execution paths on the underlying host in the context of the web/Nagios service. Connected advis...

CVE-2024-58272

This CVE-2024-58272 entry is rejected/withdrawn as a duplicate of CVE-2023-7323.

CVE-2023-7322

Affected software: Nagios Log Server, versions prior to 2024R1. Vulnerability: incorrect authorization in API handling could allow authenticated but non-privileged users to read or modify resources via the API beyond their rights. Root cause: insufficient authorization checks on API endpoints. Im...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI prior to version 2024R1, which stems from a lack of access...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2024R1.1.3 that stems from a password change th...

PT-2025-44498

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2024R1.1.2 Description Nagios XI versions prior to 2024R1.1.2 may disclose sensitive user account information, including API keys and hashed passwords, to authenticated users who should not have access to this data...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2024R1.1.3 that stems from insufficient...

EUVD-2024-18589

Malicious code in bioql PyPI...

EUVD-2024-18571

Malicious code in bioql PyPI...

EUVD-2024-18580

Malicious code in bioql PyPI...

EUVD-2024-18574

Malicious code in bioql PyPI...

EUVD-2024-18597

Malicious code in bioql PyPI...

EUVD-2024-16716

Malicious code in bioql PyPI...

CVE-2025-9001

A vulnerability was determined in LemonOS up to nightly-2024-07-12 on LemonOS. Affected by this issue is the function HTTPGet of the file /Applications/Steal/main.cpp of the component HTTP Client. The manipulation of the argument chunkSize leads to stack-based buffer overflow. The attack may be...