Security Bulletin: Improper Access Control and Exposure of Information Through Directory Listing vulnerabilities affect IBM Cloud Pak System[CVE-2023-38265, CVE-2023-38005]

Summary Improper Access Control and Exposure of Information Through Directory Listing vulnerabilities affect Cloud Pak System respectively. IBM Cloud Pak System could allow an authenticated user to perform unauthorized tasks due to improper access controls , and disclose folder location informati...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38265)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38265 advisory. - In the Linux kernel, the following vulnerability has been resolved: serial: jsm: fix NPE during...

MAL-2025-38265 Malicious code in vetiver (npm)

The package vetiver was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2025-38265

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: serial: jsm: fix NPE during jsmuartportinit No device was set which caused serialbasectrladd...

CVE-2021-38265

Cross-site scripting XSS vulnerability in the Asset module in Liferay Portal 7.3.4 through 7.3.6 allow remote attackers to inject arbitrary web script or HTML when creating a collection page via the comliferayassetlistwebportletAssetListPortlettitle parameter...

CVE-2024-38265

Windows Routing and Remote Access Service RRAS Remote Code Execution Vulnerability...

CVE-2024-38265 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

...

CVE-2024-38265 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

...

CVE-2022-38265

creationtimestamp| type| source ---|---|--- 2022-09-09 00:15:32+00:00| seen| https://t.me/cibsecurity/49476...

CVE-2022-38265

Apartment Visitor Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at /avms/edit-apartment.php...

CVE-2022-38265

Apartment Visitor Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at /avms/edit-apartment.php...

CVE-2022-38265

CVE-2022-38265 affects Apartment Visitor Management System v1.0. A SQL injection vulnerability is reachable via the editid parameter in /avms/edit-apartment.php. Documents consistently name this issue and provide no official patch details; PT-2022-24321 offers a temporary workaround (restricting ...

CVE-2021-38265

Cross-site scripting XSS vulnerability in the Asset module in Liferay Portal 7.3.4 through 7.3.6 allow remote attackers to inject arbitrary web script or HTML when creating a collection page via the comliferayassetlistwebportletAssetListPortlettitle parameter...

CVE-2021-38265

Cross-site scripting XSS vulnerability in the Asset module in Liferay Portal 7.3.4 through 7.3.6 allow remote attackers to inject arbitrary web script or HTML when creating a collection page via the comliferayassetlistwebportletAssetListPortlettitle parameter...

CVE-2021-38265

CVE-2021-38265 is an XSS vulnerability in the Asset module of Liferay Portal, affecting version 7.3.4–7.3.6. An attacker can remotely inject arbitrary web script or HTML when creating a collection page using the parameter _com_liferay_asset_list_web_portlet_AssetListPortlet_title. The connected d...