151 matches found
PT-2024-33694 · Ibm · Ibm Security Guardium Key Lifecycle Manager
Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Key Lifecycle Manager versions 4.1 through 4.2.1 Description: The issue concerns the storage of user credentials in configuration files by IBM Security Guardium Key Lifecycle Manager. These credentials can be accessed by...
PT-2024-4163 · Dell · Dell Bios
Name of the Vulnerable Software and Affected Versions: Dell BIOS affected versions not specified Description: The issue is related to improper input validation in the Dell BIOS, which can be exploited by a local authenticated malicious user with admin privileges. This exploitation can lead to the...
kernel: vmwgfx: race condition leading to information disclosure vulnerability
A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context o...
kernel: refcount leak in ctnetlink_create_conntrack()
A memory leak problem was found in ctnetlinkcreateconntrack in net/netfilter/nfconntracknetlink.c in the Linux Kernel. This issue may allow a local attacker with CAPNETADMIN privileges to cause a denial of service DoS attack due to a refcount overflow...
CVE-2023-28077
Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user...
IBM Informix Dynamic Server 12.10.x, 14.10.x Buffer Overflow (7070188)
The version of IBM Informix Dynamic Server installed on the remote is either 12.10.x or 14.10.x prior to 14.10.FC10W1. It is, therefore, affected by a buffer overflow, caused by improper bounds checking. A local privileged user could overflow a buffer and execute arbitrary code on the system or...
CVE-2023-38719
IBM Db2 11.5 could allow a local user with special privileges to cause a denial of service during database deactivation on DPF. IBM X-Force ID: 261607...
CVE-2023-35013
IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. IBM X-Force ID: 257769...
CVE-2023-35013
IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. IBM X-Force ID: 257769...
IBM DB2 Input Validation Error Vulnerability
IBM DB2 is a relational database management system from International Business Machines IBM. The system is implemented in UNIX, Linux, IBMi, z/OS, and Windows server versions. An input validation error vulnerability exists in IBM DB2 version 11.5, which stems from a vulnerability that could allow...
CVE-2023-35013 IBM Security Verify Governance information disclosure
IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. IBM X-Force ID: 257769...
CVE-2023-35013 IBM Security Verify Governance information disclosure
IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. IBM X-Force ID: 257769...
IBM Security Verify Governance Security Breach
IBM Security Verify Governance is an intelligent identity access platform from International Business Machines IBM, Inc. provides organizations with a platform to analyze, define and control user access and access risk. A security vulnerability exists in IBM Security Verify Governance version 10....
CVE-2023-40682
IBM App Connect Enterprise 12.0.1.0 through 12.0.8.0 contains an unspecified vulnerability that could allow a local privileged user to obtain sensitive information from API logs. IBM X-Force ID: 263833...
CVE-2023-40682 IBM App Connect Enterprise information disclosure
IBM App Connect Enterprise 12.0.1.0 through 12.0.8.0 contains an unspecified vulnerability that could allow a local privileged user to obtain sensitive information from API logs. IBM X-Force ID: 263833...
CVE-2023-40682 IBM App Connect Enterprise information disclosure
IBM App Connect Enterprise 12.0.1.0 through 12.0.8.0 contains an unspecified vulnerability that could allow a local privileged user to obtain sensitive information from API logs. IBM X-Force ID: 263833...
CVE-2022-42451
Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely and could be exposed to a local privileged user...
CVE-2022-42451 HCL BigFix Patch Management is vulnerable to insecurely stored credentials
Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely and could be exposed to a local privileged user...
PT-2023-14116 · Ibm · Bigfix Patch Management
Name of the Vulnerable Software and Affected Versions: BigFix Patch Management affected versions not specified Description: The issue concerns certain credentials within the BigFix Patch Management Download Plug-ins being stored insecurely. This could potentially expose them to a local privileged...
CVE-2023-33951
A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context o...