Security Bulletin: IBM QRadar SIEM is vulnerable to information disclosures and cross-site scripting

Summary Several potential Cross-Site Scripting and Information Disclosure issues addressed in IBM QRadar SIEM 7.5.0 UP15 Vulnerability Details CVEID:CVE-2025-13995 DESCRIPTION: IBM QRadar SIEM could allow an attacker with access to one tenant to access hostname data from another tenant's account...

CVE-2025-36051 IBM QRadar SIEM Information Disclosure

IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 stores potentially sensitive information in configuration files that could be read by a local user...

CVE-2020-36051

Directory traversal vulnerability in pageedit.php in MiniCMS V1.10 allows remote attackers to read arbitrary files via the state parameter...

Linux Distros Unpatched Vulnerability : CVE-2021-36051

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XMP Toolkit SDK version 2020.1 and earlier is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of th...

CVE-2024-36051

creationtimestamp| type| source ---|---|--- 2024-10-10 15:55:21+00:00| seen| https://t.me/cvedetector/7602...

CVE-2024-36051

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2024-38365. Reason: This record is a duplicate of CVE-2024-38365. Notes: All CVE users should reference CVE-2024-38365 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage...

CVE-2024-36051

...

[SECURITY] [DLA 3585-1] exempi security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3585-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès September 25, 2023 https://wiki.debian.org/LTS -...

CVE-2022-36051

creationtimestamp| type| source ---|---|--- 2022-09-01 02:37:15+00:00| seen| https://t.me/cibsecurity/49152...

CVE-2022-36051

ZITADEL’s CVE-2022-36051 refers to a Broken Authorization in Actions, where users with role ORG_OWNER could create Javascript Code invoked during login to grant authorizations for projects owned by other organizations within the same instance. The issue stems from a missing authorization check in...

CVE-2022-36051 Broken Authorization in ZITADEL Actions

ZITADEL combines the ease of Auth0 and the versatility of Keycloak.Actions, introduced in ZITADEL 1.42.0 on the API and 1.56.0 for Console, is a feature, where users with role.ORGOWNER are able to create Javascript Code, which is invoked by the system at certain points during the login. Actions,...

Updated exempi packages fix security vulnerability

XMP Toolkit SDK versions 2020.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Exempi vulnerabilities (USN-5483-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5483-1 advisory. It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a...

CVE-2021-36051

creationtimestamp| type| source ---|---|--- 2021-10-04 18:18:52+00:00| seen| https://t.me/cibsecurity/29878...

CVE-2021-36051

CVE-2021-36051 is a heap-based buffer overflow in Exempi (XMP Toolkit SDK 2020.1 and earlier) that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a crafted file, e.g., .cpp). Affected component: exempi (XMP Toolkit). P...

CVE-2021-36051 XMP Toolkit SDK Buffer Overflow Could Lead To Arbitrary Code Execution

XMP Toolkit SDK version 2020.1 and earlier is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a specially-crafted .cpp file...

CVE-2020-36051

Directory traversal vulnerability in pageedit.php in MiniCMS V1.10 allows remote attackers to read arbitrary files via the state parameter...

CVE-2020-36051

Directory traversal vulnerability in pageedit.php in MiniCMS V1.10 allows remote attackers to read arbitrary files via the state parameter...

CVE-2020-36051

CVE-2020-36051 affects MiniCMS V1.10. The vulnerability is a directory traversal flaw in page_edit.php via the state parameter, allowing remote attackers to read arbitrary files on the affected system. Impact is read access to sensitive files; no exploit details or in-the-wild exploitation are pr...