222 matches found
CVE-2025-36222
IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through 2.10.0, and IBM Fusion HCI for watsonx 2.8.2 through 2.10.0 uses insecure default configurations that could expose AMQStreams without client authentication that could allow an attacker to perform unauthorized actions...
CVE-2025-36222 IBM Fusion insecure default configuration
IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through 2.10.0, and IBM Fusion HCI for watsonx 2.8.2 through 2.10.0 uses insecure default configurations that could expose AMQStreams without client authentication that could allow an attacker to perform unauthorized actions...
CVE-2025-36222
IBM Fusion and IBM Fusion HCI products are affected by CVE-2025-36222 due to insecure default configurations that could expose AMQStreams without client authentication, enabling unauthorized actions. Affected versions: IBM Fusion 2.2.0–2.10.1, IBM Fusion HCI 2.2.0–2.10.0, and IBM Fusion HCI for w...
CVE-2025-36222 IBM Fusion insecure default configuration
IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through 2.10.0, and IBM Fusion HCI for watsonx 2.8.2 through 2.10.0 uses insecure default configurations that could expose AMQStreams without client authentication that could allow an attacker to perform unauthorized actions...
Security Bulletin: There are multiple vulnerabilities that can affect IBM Fusion
Summary Multiple vulnerabilities affecting IBM Fusion and IBM Fusion HCI could have resulted in reduced security. These issues have since been resolved. CVE-2025-36222, CVE-2025-47273, CVE-2025-26791, CVE-2025-22870, CVE-2025-27817, CVE-2024-31141, CVE-2025-27818, CVE-2024-47081, CVE-2025-48379,...
PT-2025-37265
Name of the Vulnerable Software and Affected Versions: IBM Fusion versions 2.2.0 through 2.10.1 IBM Fusion HCI versions 2.2.0 through 2.10.0 IBM Fusion HCI for watsonx versions 2.8.2 through 2.10.0 Description: IBM Fusion, IBM Fusion HCI, and IBM Fusion HCI for watsonx utilize insecure default...
IBM多款产品 安全漏洞
IBM Fusion and others are a hybrid cloud application data platform from International Business Machines IBM. A security vulnerability exists in various IBM products that stems from the use of insecure default configurations that could lead to an attacker performing unauthorized operations. The...
Improper Check or Handling of Exceptional Conditions
Overview datahihi1/tiny-env is a simple environment variable loader for PHP applications Affected versions of this package are vulnerable to Improper Check or Handling of Exceptional Conditions due to the loading of environment variables without requiring the .env file to exist. An attacker can...
GHSA-3J7M-5G4Q-GFPC TinyEnv: Missing .env file not required — may cause unexpected behavior
Impact TinyEnv did not require the .env file to exist when loading environment variables. This could lead to unexpected behavior where the application silently ignores missing configuration, potentially causing insecure defaults or deployment misconfigurations. Affected versions: - 1.0.1 → 1.0.2 ...
CVE-2025-58758
TinyEnv is an environment variable loader for PHP applications. In versions 1.0.1, 1.0.2, 1.0.9, and 1.0.10, TinyEnv did not require the .env file to exist when loading environment variables. This could lead to unexpected behavior where the application silently ignores missing configuration,...
CVE-2025-58758
CVE-2025-58758 affects TinyEnv, a PHP environment-variable loader. Versions 1.0.1, 1.0.2, 1.0.9, and 1.0.10 do not require the .env file to exist when loading variables, enabling the application to run with missing or insecure defaults. The issue has been fixed in version 1.0.11. Mitigation provi...
PT-2025-36952
Name of the Vulnerable Software and Affected Versions: TinyEnv versions 1.0.1 through 1.0.2 TinyEnv versions 1.0.9 through 1.0.10 Description: TinyEnv did not require the .env file to exist when loading environment variables. This could lead to unexpected behavior where the application silently...
Bender多款产品 安全漏洞
Bender CC612 and others are products of Bender, Germany.Bender CC612 is a charge controller.Bender CC613 is a charge controller.Bender ICC15xx is an insulation monitoring device. A security vulnerability exists in several Bender products, which stems from an insecure default configuration that...
Intel® Distribution for Python Software Installer Advisory
Summary: A potential security vulnerability for some Intel® Distribution for Python software installers may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-26470 Description: Incorrect default...
CVE-2025-25271
An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface...
CVE-2025-25271
CVE-2025-25271 describes an authentication-related misconfiguration in Phoenix Contact CHARX SEC OCPP implementations where an unauthenticated, network-adjacent attacker can configure a new OCPP backend due to insecure default settings in the configuration interface. Multiple sources (including N...
CVE-2025-25271 OCPP Backend Configuration via Insecure Defaults
An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface...
CVE-2025-25271 OCPP Backend Configuration via Insecure Defaults
An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface...
PT-2025-28348 · Phoenix Contact · Charx Sec-3000 +7
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An unauthenticated adjacent attacker can configure a new OCPP backend due to insecure defaults for the configuration interface. Recommendations: At the moment, there is no information about ...
CVE-2023-33806
Insecure default configurations in Hikvision Interactive Tablet DS-D5B86RB/B V2.3.0 build220119, allows attackers to execute arbitrary commands...