Lucene search
K

80 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 5:57 p.m.51 views

Security Bulletin: Dirty COW Vulnerability (CVE-2016-5195)

Question Security Bulletin: Dirty COW Vulnerability CVE-2016-5195 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All Versions","Edition":"","Line of...

7.2CVSS7.1AI score0.83524EPSS
Exploits81Affected Software1
NVD
NVD
added 2026/02/10 5:16 p.m.9 views

CVE-2025-32007

Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may potentially occur via local access when attac...

5.6CVSS0.00115EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/10 4:26 p.m.3 views

CVE-2025-35998

Missing protection mechanism for alternate hardware interface in the IntelR Quick Assist Technology for some IntelR Platforms within Ring 0: Kernel may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of...

7.9CVSS5.3AI score0.00151EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 4:25 p.m.14 views

CVE-2025-27940

CVE-2025-27940 : Out-of-bounds read affecting some TDX Module before version tdx1.5 within Ring 0: Hypervisor. The issue may allow an information disclosure under a local attack by a software side channel adversary with privileged user and high attack complexity, requiring no user interaction. Im...

5.6CVSS5.3AI score0.00098EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.23 views

PT-2026-7221

Name of the Vulnerable Software and Affected Versions SAP Solution Tools Plug-In affected versions not specified Description The SAP Solution Tools Plug-In ST-PI includes a function module lacking proper authorization checks for authenticated users, potentially leading to the disclosure of...

7.7CVSS5.4AI score0.00209EPSS
Exploits0References6
OSV
OSV
added 2026/01/29 7:16 p.m.10 views

CVE-2025-15541

Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk...

6.3CVSS5.8AI score0.00253EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/12 5:7 p.m.6 views

CVE-2025-30182

Uncontrolled search path for some IntelR Distribution for Python software installers before version 2025.2.0 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalati...

6.7CVSS6.5AI score0.00103EPSS
Exploits0References1
NVD
NVD
added 2025/11/11 5:15 p.m.3 views

CVE-2025-27710

Untrusted pointer dereference for some IntelR QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an information disclosure. System software adversary with an authenticated user combined with a low complexity attack may enable data exposure. This result may...

6.8CVSS0.00122EPSS
Exploits0References1
OSV
OSV
added 2025/11/11 5:15 p.m.5 views

CVE-2025-20614

External control of file name or path for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable escalation of privileg...

5.6CVSS5.7AI score0.00126EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.26 views

EUVD-2025-24211

Malicious code in bioql PyPI...

4.5CVSS6.5AI score0.00289EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-24215

Malicious code in bioql PyPI...

4.1CVSS6.5AI score0.00125EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/01 2:51 p.m.5 views

Security Bulletin: An unspecified vulnerability in Java SE related to the Server, which affects IBM watsonx.data

Summary An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and high integrity impact. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java S...

7.4CVSS6.3AI score0.0073EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/08/14 2:24 a.m.10 views

CVE-2025-42935

The SAP NetWeaver Application Server ABAP and ABAP Platform Internet Communication Manager ICM permits authorized users with admin privileges and local access to log files to read sensitive information, resulting in information disclosure. This leads to high impact on the confidentiality of the...

4.1CVSS6.5AI score0.00125EPSS
Exploits0References1
CVE
CVE
added 2025/08/12 2:7 a.m.20 views

CVE-2025-42946

CVE-2025-42946 is a directory traversal vulnerability in SAP S/4HANA Bank Communication Management. An attacker with high privileges and access to a specific transaction/method could read or delete sensitive operating-system files, causing high confidentiality impact and low integrity impact; ava...

6.9CVSS7.1AI score0.00858EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/12 2:7 a.m.12 views

CVE-2025-42946 Directory Traversal vulnerability in SAP S/4HANA (Bank Communication Management)

Due to directory traversal vulnerability in SAP S/4HANA Bank Communication Management, an attacker with high privileges and access to a specific transaction and method in Bank Communication Management could gain unauthorized access to sensitive operating system files. This could allow the attacke...

6.9CVSS0.00858EPSS
Exploits0References2
CVE
CVE
added 2025/08/12 2:5 a.m.26 views

CVE-2025-42943

CVE-2025-42943 affects SAP GUI for Windows. The vulnerability involves leakage of NTLM hashes when UNC paths are used with certain ABAP frontend services, triggered by user-side execution of SAP GUI for Windows. The underlying issue is exposure of credentials during automatic NTLM authentication,...

4.5CVSS7.3AI score0.00289EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/13 11:3 a.m.5 views

Security Bulletin: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality. (CVE-2025-21587, CVE-2025-30698, CVE-2025-4447) affect IBM PowerVM Novalink.

Summary An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and high integrity impact. IBM PowerVM Novalink has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecifie...

7.8CVSS6.6AI score0.0073EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/13 12:17 a.m.6 views

CVE-2025-43000 Information Disclosure Vulnerability in SAP Business Objects Business Intelligence Platform (PMW)

Under certain conditions Promotion Management Wizard PMW allows an attacker to access information which would otherwise be restricted.This has High impact on Confidentiality with Low impact on Integrity and Availability of the application...

7.9CVSS7.9AI score0.00142EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/05 8:57 p.m.7 views

CVE-2024-51954

There is an improper access control issue in ArcGIS Server versions 11.3 and below on Windows and Linux, which under unique circumstances, could potentially allow a remote, low privileged authenticated attacker to access secure services published a standalone Unfederated ArcGIS Server instance. I...

8.5CVSS7.3AI score0.00294EPSS
Exploits0References3
NVD
NVD
added 2025/03/03 8:15 p.m.13 views

CVE-2024-51961

There is a local file inclusion vulnerability in ArcGIS Server 11.3 and below that may allow a remote, unauthenticated attacker to craft a URL that could potentially disclose sensitive configuration information by reading internal files from the remote server. Due to the nature of the files...

7.5CVSS0.00434EPSS
Exploits0References1
Rows per page
Query Builder