80 matches found
Security Bulletin: Dirty COW Vulnerability (CVE-2016-5195)
Question Security Bulletin: Dirty COW Vulnerability CVE-2016-5195 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All Versions","Edition":"","Line of...
CVE-2025-32007
Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may potentially occur via local access when attac...
CVE-2025-35998
Missing protection mechanism for alternate hardware interface in the IntelR Quick Assist Technology for some IntelR Platforms within Ring 0: Kernel may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of...
CVE-2025-27940
CVE-2025-27940 : Out-of-bounds read affecting some TDX Module before version tdx1.5 within Ring 0: Hypervisor. The issue may allow an information disclosure under a local attack by a software side channel adversary with privileged user and high attack complexity, requiring no user interaction. Im...
PT-2026-7221
Name of the Vulnerable Software and Affected Versions SAP Solution Tools Plug-In affected versions not specified Description The SAP Solution Tools Plug-In ST-PI includes a function module lacking proper authorization checks for authenticated users, potentially leading to the disclosure of...
CVE-2025-15541
Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk...
CVE-2025-30182
Uncontrolled search path for some IntelR Distribution for Python software installers before version 2025.2.0 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalati...
CVE-2025-27710
Untrusted pointer dereference for some IntelR QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an information disclosure. System software adversary with an authenticated user combined with a low complexity attack may enable data exposure. This result may...
CVE-2025-20614
External control of file name or path for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable escalation of privileg...
EUVD-2025-24211
Malicious code in bioql PyPI...
EUVD-2025-24215
Malicious code in bioql PyPI...
Security Bulletin: An unspecified vulnerability in Java SE related to the Server, which affects IBM watsonx.data
Summary An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and high integrity impact. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java S...
CVE-2025-42935
The SAP NetWeaver Application Server ABAP and ABAP Platform Internet Communication Manager ICM permits authorized users with admin privileges and local access to log files to read sensitive information, resulting in information disclosure. This leads to high impact on the confidentiality of the...
CVE-2025-42946
CVE-2025-42946 is a directory traversal vulnerability in SAP S/4HANA Bank Communication Management. An attacker with high privileges and access to a specific transaction/method could read or delete sensitive operating-system files, causing high confidentiality impact and low integrity impact; ava...
CVE-2025-42946 Directory Traversal vulnerability in SAP S/4HANA (Bank Communication Management)
Due to directory traversal vulnerability in SAP S/4HANA Bank Communication Management, an attacker with high privileges and access to a specific transaction and method in Bank Communication Management could gain unauthorized access to sensitive operating system files. This could allow the attacke...
CVE-2025-42943
CVE-2025-42943 affects SAP GUI for Windows. The vulnerability involves leakage of NTLM hashes when UNC paths are used with certain ABAP frontend services, triggered by user-side execution of SAP GUI for Windows. The underlying issue is exposure of credentials during automatic NTLM authentication,...
Security Bulletin: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality. (CVE-2025-21587, CVE-2025-30698, CVE-2025-4447) affect IBM PowerVM Novalink.
Summary An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and high integrity impact. IBM PowerVM Novalink has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecifie...
CVE-2025-43000 Information Disclosure Vulnerability in SAP Business Objects Business Intelligence Platform (PMW)
Under certain conditions Promotion Management Wizard PMW allows an attacker to access information which would otherwise be restricted.This has High impact on Confidentiality with Low impact on Integrity and Availability of the application...
CVE-2024-51954
There is an improper access control issue in ArcGIS Server versions 11.3 and below on Windows and Linux, which under unique circumstances, could potentially allow a remote, low privileged authenticated attacker to access secure services published a standalone Unfederated ArcGIS Server instance. I...
CVE-2024-51961
There is a local file inclusion vulnerability in ArcGIS Server 11.3 and below that may allow a remote, unauthenticated attacker to craft a URL that could potentially disclose sensitive configuration information by reading internal files from the remote server. Due to the nature of the files...