Security Bulletin: IBM Maximo Application Suite - Predict Component uses WebSphere Application Server Liberty was affected by server-side request forgery (CVE-2026-1561)

Summary Security Bulletin: IBM Maximo Application Suite - Predict Component uses WebSphere Application Server Liberty was affected by server-side request forgery CVE-2026-1561. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-156...

Security Bulletin: IBM Maximo Application Suite - Predict Component uses WebSphere Application Server Liberty, that could provide weaker than expected security (CVE-2025-14923)

Summary Security Bulletin: IBM Maximo Application Suite - Predict Component uses WebSphere Application Server Liberty ,that could provide weaker than expected security CVE-2025-14923. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

Fedora 42 : dotnet9.0 (2026-ac43e01af9)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ac43e01af9 advisory. Update to .NET SDK 9.0.116 and Runtime 9.0.15 Fixes: CVE-2026-26171, CVE-2026-32178, CVE-2026-32203, CVE-2026-33116 Release Notes: - SDK:...

Oracle Linux 8 : .NET / 9.0 (ELSA-2026-8475)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8475 advisory. 9.0.116-1.0.1 - Add support for Oracle Linux 9.0.116-1 - Update to .NET SDK 9.0.116 and Runtime 9.0.15 - Resolves: RHEL-163389 Tenable has extracted th...

RHEL 9 : .NET 9.0 (RHSA-2026:8474)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:8474 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.116 and .NET Runtime...

GHSA-37GX-XXP4-5RGX Microsoft Security Advisory CVE-2026-33116 – .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

Executive Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in System.Security.Cryptography.Xml. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in...

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...

2026-04 .NET 9.0.15 Security Update for x64 Client (KB5086097)

2026-04 .NET 9.0.15 Security Update for x64 Client KB5086097...

Security Bulletin: IBM Edge Data Collector uses http-proxy-middleware - 2.0.7 which is vulnerable to CVE-2025-32996, CVE-2025-32997.

Summary IBM Edge Data Collector uses http-proxy-middleware - 2.0.7 which is vulnerable to CVE-2025-32996, CVE-2025-32997. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-32996 DESCRIPTION: In http-proxy-middleware before 2.0.8 and 3.x before...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses csvtojson-2.0.10.tgz which is vulnerable to CVE-2025-57350.

Summary IBM Maximo Application Suite - Monitor Component uses csvtojson-2.0.10.tgz which is vulnerable to CVE-2025-57350. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-57350 DESCRIPTION: The csvtojson package, a tool for...

CVE-2025-36386

CVE-2025-36386 affects IBM Maximo Application Suite: MAS Manage component versions 9.0.0–9.0.15 and 9.1.0–9.1.4, where a flaw in MXCSP integration with Cognos Analytics allows a remote attacker to bypass authentication and gain full access. The vulnerability is linked to authentication bypass by ...

WordPress Plugin WP Google Maps 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

Service Update 0.15 for Microsoft Dynamics 365 9.0

Service Update 0.15 for Microsoft Dynamics 365 9.0 INTRODUCTION Service Update 9.0.15 for Microsoft Dynamics CRM on-premises 9.0 is now available. This article describes the hotfixes and updates that are included in Service Update 9.0.15. MORE INFORMATION Update package| Version number ---|---...

ServersCheck Monitoring Software 9.0.12 / 9.0.14 - Stored XSS

No description provided by source. Author: loneferret of Offensive Security Product: ServersCheck Monitoring Software Version: 9.0.12 - 9.0.14 some versions of 9.0.15 Vendor Site: http://www.serverscheck.com Software Download: http://www.serverscheck.com/monitoringsoftware/download.asp Note: Olde...

ServersCheck Monitoring Software 9.0.129.0.14 - Persistent Cross-Site Scripting

ServersCheck Monitoring Software 9.0.129.0.14 - Persistent Cross-Site Scripting Author: loneferret of Offensive Security Product: ServersCheck Monitoring Software Version: 9.0.12 - 9.0.14 some versions of 9.0.15 Vendor Site: http://www.serverscheck.com Software Download:...

ServersCheck Monitoring Software v9.0.12 / 9.0.14 - Stored XSS

Exploit for multiple platform in category web applications Author: loneferret Product: ServersCheck Monitoring Software Version: 9.0.12 - 9.0.14 some versions of 9.0.15 Vendor Site: http://www.serverscheck.com Software Download: http://www.serverscheck.com/monitoringsoftware/download.asp Note:...

[SA15738] Contelligent Preview Privilege Escalation Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...