EUVD-2025-29568

Malicious code in bioql PyPI...

CVE-2025-48709

An issue was discovered in BMC Control-M 9.0.21.300. When Control-M Server has a database connection, it runs DBUStatus.exe frequently, which then calls dbuconnectiondetails.vbs with the username, password, database hostname, and port written in cleartext, which can be seen in event and process...

CVE-2025-48709

BMC Control-M/Server 9.0.21.300 displays cleartext database credentials in process lists and logs. An authenticated attacker with shell access could observe these credentials and use them to log in to the database server. For example, when Control-M/Server on Windows has a database connection on,...

CVE-2025-48709 BMC Control-M/Server cleartext database credentials in process lists and logs

BMC Control-M/Server 9.0.21.300 displays cleartext database credentials in process lists and logs. An authenticated attacker with shell access could observe these credentials and use them to log in to the database server. For example, when Control-M/Server on Windows has a database connection on,...

BMC Control-M/Agent Arbitrary File Download Vulnerability

Control-M is one of BMC's most important automation control products, and is the world's leading integrated business scheduling solution for cross-platform and cross-application job scheduling. A security vulnerability exists in BMC Control-M/Agent and Control-M/Server communication when using th...