20 matches found
Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses pyasn1 which is vulnerable to CVE-2026-30922
Summary IBM Maximo Application Suite - Visual Inspection component uses pyasn1 which is vulnerable to CVE-2026-30922, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-30922 DESCRIPTION: pyasn1 is a generic ASN.1 library for...
Security Bulletin: IBM Edge Data Collector uses pyasn1-0.6.1.tar.gz which is vulnerable to CVE-2026-23490.
Summary IBM Edge Data Collector uses pyasn1-0.6.1.tar.gz which is vulnerable to CVE-2026-23490. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-23490 DESCRIPTION: pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Servic...
EUVD-2025-29566
Malicious code in bioql PyPI...
EUVD-2025-29567
Malicious code in bioql PyPI...
CVE-2025-55111
Certain files with overly permissive permissions were identified in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions as well as in newer versions which were upgraded from an affected version. These files contain keys and passwords relating ...
CVE-2025-55116
A buffer overflow in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the system running the Agent. This vulnerability impacts the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions...
CVE-2025-55115
A path traversal in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the system running the Agent. This vulnerability impacts the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions. This vulnerability wa...
CVE-2025-55116
A buffer overflow in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the system running the Agent. This vulnerability impacts the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions...
CVE-2025-55111
Certain files with overly permissive permissions were identified in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions as well as in newer versions which were upgraded from an affected version. These files contain keys and passwords relating ...
CVE-2025-55116 BMC Control-M/Agent buffer overflow local privilege escalation
A buffer overflow in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the system running the Agent. This vulnerability impacts the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions...
CVE-2025-55115 BMC Control-M/Agent path traversal local privilege escalation
A path traversal in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the system running the Agent. This vulnerability impacts the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions. This vulnerability wa...
CVE-2025-55115
CVE-2025-55115 affects BMC Control-M/Agent versions 9.0.18–9.0.20 (and potentially earlier unsupported builds). The vulnerability is a path traversal in the Control-M/Agent that can enable local privilege escalation when an attacker has access to the system running the Agent. Impact is described ...
CVE-2025-55112 BMC Control-M/Agent hardcoded Blowfish keys
Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions that are configured to use the non-default Blowfish cryptography algorithm use a hardcoded key. An attacker with access to network traffic and to this key could decrypt network traffic between th...
CVE-2025-55109 BMC Control-M/Agent default SSL/TLS configuration authenticated bypass
An authentication bypass vulnerability exists in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions when using an empty or default kdb keystore or a default PKCS12 keystore. A remote attacker with access to a signed third-party or demo...
PT-2025-37941
Name of the Vulnerable Software and Affected Versions Control-M/Agent versions 9.0.18 through 9.0.20 Description Files with overly permissive permissions were identified, potentially exposing keys and passwords related to SSL files, keystores, and policies. An attacker with local access to the...
PT-2025-37946
Name of the Vulnerable Software and Affected Versions: Control-M/Agent versions 9.0.18 through 9.0.20 Description: A buffer overflow in Control-M/Agent can lead to local privilege escalation when an attacker has access to the system running the Agent. Recommendations: Update Control-M/Agent...
BMC Control-M 安全漏洞
BMC Control-M is an application from BMC, Inc. simplifies application and data workflow orchestration locally or as a service. A security vulnerability exists in BMC Control-M versions 9.0.18 through 9.0.20 and prior unsupported versions, which stems from an overly generous file permission settin...
BMC Control-M 安全漏洞
BMC Control-M is an application from BMC Inc. simplifies application and data workflow orchestration locally or as a service. A security vulnerability exists in BMC Control-M/Agent versions 9.0.18 through 9.0.20, which stems from a path traversal issue that could result in local elevation of...
OPENSUSE-SU-2021:3665-1 Security update for drbd-utils
This update for drbd-utils fixes the following issues: - make all binaries position independent basc1185132. - Upgrade to 9.0.18 bsc1189363 build: remove rpm related targets drbdsetup,v84: fix minor compile warnings systemd: resource specific activation systemd: drbd-reactor promoter templates do...
Apache Tomcat XSS Vulnerability (May 2019) - Windows
Apache Tomcat is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat"; i...