105 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-2900
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that when...
CVE-2026-2900
GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that when instance-level approval rule editing prevention was enabled, could have allowed an authenticated user with Maintainer permissions to modify or dele...
CVE-2026-2900 Missing Authorization in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that when instance-level approval rule editing prevention was enabled, could have allowed an authenticated user with Maintainer permissions to modify or dele...
GitLab 16.10 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-2900)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Missing Authorization in GitLab CVE-2026-2900 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenabl...
Security Bulletin: Vulnerabilities in IBM Semeru Runtime affect Host on Demand.
Summary There are vulnerabilities in IBM Semeru Runtime used by Host on Demand. Host on Demand has provided fixes for the applicable CVEs. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote...
Security Bulletin: IBM SPSS Statistics Java SE Vulnerability Updates
Summary Denial of service, unauthorized access and buffer size vulnerabilities have been addressed. Addresses Java CVEs: CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925, CVE-2026-1188, CVE-2025-2900 and CVE-2025-4447. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE ...
EUVD-2026-2900
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3. An app may be able to enumerate a user's installed apps...
EUVD-1999-1110
Malware in sbrugna...
EUVD-2012-3862
Malware in sbrugna...
Security Bulletin: OpenPages is vulnerable to IBM Semeru Runtime Quarterly CPU - Apr 2025 - Includes OpenJDK April 2025 CPU plus two additional CVEs
Summary Security Bulletin: OpenPages is vulnerable to IBM Semeru Runtime Quarterly CPU - Apr 2025 - Includes OpenJDK April 2025 CPU with CVEs CVE-2025-21587, CVE-2025-30698, CVE-2025-2900, and CVE-2025-4447 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...
Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to issues in IBM Semeru Runtime version 17
Summary There are vulnerabilities in IBM Semeru Runtime version 17 used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability i...
Linux Distros Unpatched Vulnerability : CVE-2017-2900
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer overflow exists in the PNG loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.png'...
Security Bulletin: Multiple vulnerabilities disclosed in IBM Semeru Runtime affect IBM SPSS Collaboration and Deployment Services
Summary Multiple vulnerabilities disclosed in IBM Semeru Runtime affect IBM SPSS Collaboration and Deployment Services CVE-2025-21587, CVE-2025-30698, CVE-2025-2900, CVE-2025-4447. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An...
Security Bulletin: IBM Sterling Connect:Direct FTP+ is vulnerable to various attacks due to IBM Runtime Environment Java Technology Edition Version 17
Summary IBM Java 17 is used by IBM Sterling Connect:Direct FTP+ on AIX, Linux, and Windows platforms in product configuration and data transmission. IBM Sterling Connect:Direct FTP+ on AIX, Linux, and Windows platforms is impacted by vulnerabilities in IBM Java 17. IBM Sterling Connect:Direct FTP...
CVE-2023-2900
A vulnerability was found in NFine Rapid Development Platform 20230511. It has been classified as problematic. Affected is an unknown function of the file /Login/CheckLogin. The manipulation leads to use of weak hash. It is possible to launch the attack remotely. The complexity of an attack is...
CVE-2020-2900
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM component: Tools. Supported versions that are affected are 19.3.1 and 20.0.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle GraalVM...
CVE-2025-2900
creationtimestamp| type| source ---|---|--- 2025-05-14 19:33:15+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16389...
CVE-2025-2900
IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation...
CVE-2025-2900
IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation...
CVE-2025-2900 IBM Semeru Runtime denial of service
IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation...