Lucene search
+L

130 matches found

vulnrichment
vulnrichment
added 2026/05/25 5:28 a.m.10 views

CVE-2026-25193

Insertion of Sensitive Information into Log File CWE-532 in some Command Centre Service installers could lead to Service Account credentials exposure. Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account not the default Network Service account are...

8.1CVSS5.8AI score0.00132EPSS
Exploits0References1
osv
osv
added 2026/04/21 9:7 a.m.8 views

CLSA-2026-1776762459 harfbuzz: Fix of CVE-2023-25193

CVE-2023-25193: optimize looking back for base glyphs in hb-ot-layout-gsubgpos-private.hh...

7.5CVSS6.8AI score0.01812EPSS
Exploits0References1
circl
circl
added 2026/03/06 1:59 p.m.9 views

CVE-2018-25193

creationtimestamp| type| source ---|---|--- 2026-03-06 13:59:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgfhuc7awt2e 2026-04-23 12:45:22+00:00| seen| https://infosec.exchange/users/certvde/statuses/116454085232361431 2026-04-23 12:49:00+00:00| seen|...

8.7CVSS5.7AI score0.00339EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/03/06 12:19 p.m.3 views

CVE-2018-25193 Mongoose Web Server 6.9 Denial of Service via Socket Connection

Mongoose Web Server 6.9 contains a denial of service vulnerability that allows remote attackers to crash the service by establishing multiple socket connections. Attackers can repeatedly create connections to the default port and send malformed data to exhaust server resources and cause service...

8.7CVSS5.8AI score0.00339EPSS
Exploits0References2
osv
osv
added 2026/01/29 1:19 p.m.2 views

ROOT-OS-DEBIAN-12-CVE-2023-25193 CVE-2023-25193 in rootio-harfbuzz - Patched by Root

Root has patched CVE-2023-25193 in the rootio-harfbuzz package for Root:Debian:12. Multiple fixed versions available...

7.5CVSS6.7AI score0.01812EPSS
Exploits0
nessus
nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : java-17-openjdk-17.0.8.0.7-2.el9.ML.1 (AXSA:2023-6268:14)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6268:14 advisory. OpenJDK: ZIP file parsing infinite loop 8302483 CVE-2023-22036 OpenJDK: weakness in AES implementation 8308682 CVE-2023-22041 OpenJDK: improper...

7.5CVSS8.6AI score0.01812EPSS
Exploits0References8
nessus
nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 7 : harfbuzz-1.7.5-2.0.1.el7.AXS7 (AXSA:2024-8760:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8760:03 advisory. CVE-2023-25193: optimize looking back for base glyphs in hb-ot-layout-gsubgpos-private.hh CVEs: CVE-2023-25193 hb-ot-layout-gsubgpos.hh in HarfBuzz through...

7.5CVSS8.4AI score0.01812EPSS
Exploits0References2
nessus
nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : harfbuzz-2.7.4-10.el9 (AXSA:2024-7815:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7815:01 advisory. harfbuzz: allows attackers to trigger On^2 growth via consecutive marks CVE-2023-25193 Tenable has extracted the preceding description block directly from th...

7.5CVSS8.4AI score0.01812EPSS
Exploits0References2
nessus
nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 8 : java-11-openjdk-11.0.20.0.8-2.el8 (AXSA:2023-6262:16)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6262:16 advisory. OpenJDK: ZIP file parsing infinite loop 8302483 CVE-2023-22036 OpenJDK: weakness in AES implementation 8308682 CVE-2023-22041 OpenJDK: improper...

7.5CVSS6.7AI score0.01812EPSS
Exploits0References7
ibm
ibm
added 2025/11/26 10:19 a.m.13 views

Security Bulletin: IBM Maximo Application Suite - Manage component uses softwares IBM WebSphere Liberty Server 25.0.0.2 and IBM DB2 version 11.5.9 which is vulnerable to CVE-2025-25193, CVE-2024-52894

Summary IBM Maximo Application Suite - Manage component uses softwares IBM WebSphere Liberty Server 25.0.0.2 and IBM DB2 version 11.5.9 which is vulnerable to CVE-2025-25193, CVE-2024-52894. This security bulletine contains details of affected and remediated versions of the same. Vulnerability...

5.5CVSS6.4AI score0.00384EPSS
Exploits0Affected Software1
ibm
ibm
added 2025/10/07 7:41 a.m.8 views

Security Bulletin: IBM Maximo Application Suite uses WebSphere Application Server Liberty V.25.0.0.2, flask-3.1.0-py3-none-any.whl form-data-2.5.1.tgz and golang.org/x/net which is vulnerable to multiple CVEs

Summary IBM Maximo Application Suite uses WebSphere Application Server Liberty V.25.0.0.2, flask-3.1.0-py3-none-any.whl form-data-2.5.1.tgz and golang.org/x/net which is vulnerable to CVE-2025-36097, CVE-2025-7783, CVE-2025-25193, CVE-2025-47278, CVE-2025-23184, CVE-2025-22872 and CVE-2024-56339...

9.4CVSS6.6AI score0.01941EPSS
Exploits1Affected Software1
nessus
nessus
added 2025/08/20 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-25193

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsafe reading of...

5.5CVSS6.6AI score0.00384EPSS
Exploits0References2
ibm
ibm
added 2025/08/14 8:38 a.m.16 views

Security Bulletin: Due to use of IBM WebSphere Application Server Liberty, IBM Tivoli Application Dependency Discovery Manager is vulnerable to disclosure of information.

Summary IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to Netty CVE-2024-47535CVE-2025-25193 Vulnerability Details CVEID:CVE-2024-47535 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high...

5.5CVSS6.4AI score0.00408EPSS
Exploits1Affected Software1
ibm
ibm
added 2025/08/07 12:27 a.m.8 views

Security Bulletin: Vulnerabilities in Netty affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Netty has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-25193 DESCRIPTION: Netty, an...

5.5CVSS7AI score0.00384EPSS
Exploits0Affected Software1
ibm
ibm
added 2025/08/06 5:12 p.m.4 views

Security Bulletin: Multiple security vulnerabilities in WebSphere Liberty may affect IBM Business Automation Workflow - CVE-2025-25193, CVE-2025-23184

Summary IBM Business Automation Workflow traditional includes optional components running on WebSphere Liberty: User Management Service and Process Federation Service. IBM Business Automation Workflow on Containers builds upon WebSphere Liberty. Multiple security vulnerabilies have been reported...

7.5CVSS6.9AI score0.01941EPSS
Exploits0Affected Software2
ibm
ibm
added 2025/08/04 6:36 a.m.6 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2025-25193)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera, and...

5.5CVSS7.1AI score0.00384EPSS
Exploits0Affected Software11
ibm
ibm
added 2025/07/10 9:1 a.m.3 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in netty-common-4.1.115.Final.jar

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of netty-common-4.1.115.Final.jar Vulnerability Details CVEID:CVE-2025-25193 DESCRIPTION: Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. ...

5.5CVSS6.8AI score0.00384EPSS
Exploits0Affected Software1
ibm
ibm
added 2025/07/07 9:56 a.m.5 views

Security Bulletin: Multiple Vulnerabilities in IBM Event Streams

Summary Multiple vulnerabilities were addressed in IBM Event Streams version 11.8.1. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU...

8.7CVSS8AI score0.02112EPSS
Exploits2Affected Software1
ibm
ibm
added 2025/06/25 4:24 p.m.5 views

Security Bulletin: Denial of service vulnerability in IBM WebSphere Application Server Liberty affects IBM Storage Protect Operations Center (CVE-2025-25193).

Summary IBM Storage Protect Operations Center is affected by denial of service due to Netty used by IBM WebSphere Application Server Liberty. Vulnerability Details CVEID:CVE-2025-25193 DESCRIPTION: Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions...

5.5CVSS6.5AI score0.00384EPSS
Exploits0Affected Software1
nessus
nessus
added 2025/06/16 12:0 a.m.3 views

TencentOS Server 3: harfbuzz (TSSA-2024:0183)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0183 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

7.5CVSS6.4AI score0.01812EPSS
Exploits0References2
Rows per page
Query Builder