Security Bulletin: IBM MQ Appliance is affected by a default password vulnerability (CVE-2025-14917)

Summary IBM MQ Appliance has addressed a default password vulnerability. Vulnerability Details CVEID:CVE-2025-14917 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when...

PT-2025-49311

Dell CloudBoost Virtual Appliance, versions 19.13.0.0 and prior, contains an Improper Restriction of Excessive Authentication Attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access...

EUVD-2019-2908

Malware in sbrugna...

EUVD-2011-0487

Malware in sbrugna...

EUVD-2025-30262

Malicious code in bioql PyPI...

CVE-2025-34221

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.2.169 and Application prior to version 25.2.1518 VA/SaaS deployments expose every internal Docker container to the network because firewall rules allow unrestricted traffic to the Docker bridge network. Because no...

CVE-2025-34211

Vasion Print Virtual Appliance Host (pre-22.0.1049) and Application (pre-20.0.2786) store a private SSL key and its public certificate in cleartext, using the same pl-local.com key across all deployments. With container access, an attacker can read the key to decrypt TLS traffic, perform MITM, or...

PT-2024-33691 · Ibm · Ibm Security Verify Access Appliance

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance versions 10.0.0 through 10.0.8 Description: The issue concerns hard-coded credentials, such as a password or cryptographic key, used by the appliance for its own inbound authentication, outbound...

IBM Security Verify Access 信任管理问题漏洞

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as web, mobile, IoT and cloud technologies through the use of risk-based access, single sign-on, integrated acce...

CVE-2024-31872

IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to conduct a man in the middle attack when deploying Open Source scripts due to missing certificate validation. IBM X-Force ID: 287316...

CVE-2024-31871

IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to conduct a man in the middle attack when deploying Python scripts due to improper certificate validation. IBM X-Force ID: 287306...

PT-2024-12254 · Ibm · Ibm Security Verify Access Appliance +1

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance versions 10.0.0.0 through 10.0.6.1 IBM Security Verify Access Docker versions 10.0.0.0 through 10.0.6.1 Description: The issue could allow a remote attacker to gain access to the underlying system using...

CVE-2022-34451

PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send arbitrary requests to...

CVE-2022-22465

IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 could allow a local user to obtain elevated privileges due to improper access permissions. IBM X-Force ID: 225082...

CVE-2022-22463

IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 22507...

CVE-2022-22464

IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225081...

IBM Security Access Manager Appliance SQL注入漏洞

The IBM Security Access Manager Appliance ISAM Appliance is a network appliance-based security solution from IBM of the United States. The product is primarily used for access control and Web-based threat protection, providing system performance monitoring, log analysis, and diagnostics.IBM...

CVE-2022-22465

IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 could allow a local user to obtain elevated privileges due to improper access permissions. IBM X-Force ID: 225082...

CVE-2019-11207 TIBCO LogLogic Log Management Intelligence Multiple Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) Vulnerabilities

The web server component of TIBCO Software Inc.'s TIBCO LogLogic Enterprise Virtual Appliance, and TIBCO LogLogic Log Management Intelligence contains multiple vulnerabilities that theoretically allow persistent and reflected cross-site scripting XSS attacks, as well as cross-site request forgery...

CVE-2018-11062

Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 contain undocumented accounts named 'support' and 'admin' that are protected with default passwords. These accounts have limited privileges and can access certain system files only. A malicious user with the knowledge of the default...