Security Bulletin: Due to use of Netty, IBM Operations Analytics - Log Analysis is affected by denial of service, information disclosure, and HTTP request smuggling

Summary Netty in Apache ZooKeeper and Logstash is used by IBM Operations Analytics - Log Analysis as part of the client/server network transport layer, and network-related plugins for protocol and event transport. CVE-2014-0193, CVE-2014-3488, CVE-2015-2156, CVE-2019-20444, CVE-2024-47535,...

CVE-2026-2156

CVE-2026-2156 affects code-projects’ Online Student Management System version 1.0, specifically the Announcement Management Module . The vulnerability exists in an unknown function within the file /admin/announcement/index.php?view=add, enabling remote cross-site scripting through manipulation of...

EUVD-2026-2156

Absolute path traversal in Windows Shell allows an unauthorized attacker to perform spoofing with a physical attack...

Linux Distros Unpatched Vulnerability : CVE-2015-2156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow...

CVE-2021-2156

Vulnerability in the Oracle Customers Online product of Oracle E-Business Suite component: Customer Tab. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Customers...

CVE-2002-2156

Buffer overflow in Trillian 0.73 allows remote IRC servers to execute arbitrary code via a long PING response...

CVE-2025-2156

creationtimestamp| type| source ---|---|--- 2025-04-30 22:06:19+00:00| seen| https://t.me/cvedetector/24148...

SUSE: Security Advisory (SUSE-SU-2023:3391-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in Netty affect watsonx.data

Summary Netty is vulnerable to denial of service attacks and remote attack via restrictions bypass. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2015-2156 DESCRIPTION: Netty could allow a remote attacker to bypass restrictions, caused by the improper validation of characters in ...

ISC DHCP Zero Length ClientID Denial of Service Module

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ISC DHCP Zero Length ClientID Denial of Service Module', 'Description' = %q This module performs a Denial of Service Attack against the ISC DHCP...

Oracle Linux 9 : frr (ELSA-2024-2156)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2156 advisory. 8.5.3-4 - Resolves: RHEL-14825 - crafted BGP UPDATE message leading to a crash 8.5.3-3 - Resolves: RHEL-14822 - mishandled malformed data leading to a...

RHEL 9 : frr (RHSA-2024:2156)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2156 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR,...

CVE-2024-2156

creationtimestamp| type| source ---|---|--- 2024-03-04 02:21:38+00:00| seen| https://t.me/ctinow/198954...

CVE-2024-2156

A vulnerability was found in SourceCodester Best POS Management System 1.0. It has been classified as critical. Affected is an unknown function of the file adminclass.php. The manipulation of the argument img leads to sql injection. It is possible to launch the attack remotely. The exploit has be...

CVE-2024-2156

CVE-2024-2156 affects SourceCodester Best POS Management System 1.0. The vulnerability is a SQL injection in an unknown function within admin_class.php, triggered by manipulating the img argument. The issue can be exploited remotely and a public exploit exists. Multiple connected sources corrobor...

openSUSE: Security Advisory for the Linux Kernel (Live Patch 2 for SLE 15 SP5) (SUSE-SU-2023:3658-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:3376-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for the Linux Kernel (Live Patch 8 for SLE 15 SP4) (SUSE-SU-2023:3644-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for the Linux Kernel (Live Patch 11 for SLE 15 SP4) (SUSE-SU-2023:3647-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for the Linux Kernel RT (Live Patch 1 for SLE 15 SP5) (SUSE-SU-2023:3676-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...