IBM Operations Analytics-Log Analysis 安全漏洞

IBM Operations Analytics-Log Analysis is a semi-structured data analysis solution provided by the American multinational company International Business Machines IBM. This product is primarily used for application log analysis and problem diagnosis. There is a security vulnerability in IBM...

IBM MQ Operator和IBM supplied MQ Advanced container images 日志信息泄露漏洞

IBM MQ Operator and IBM supplied MQ Advanced container images are products of International Business Machines Corporation IBM. IBM MQ Operator is a tool used to manage the lifecycle of IBM MQ queue managers. IBM supplied MQ Advanced container images are Docker/OCI container images. Both IBM MQ...

IBM App Connect Enterprise 安全漏洞

IBM App Connect Enterprise is an operating system developed by IBM Corporation. IBM App Connect Enterprise combines existing, industry-trusted IBM Integration Bus technology with IBM App Connect Professional and new cloud-native technologies, providing a platform that meets the comprehensive...

IBM Operations Analytics - Log Analysis 安全漏洞

IBM Operations Analytics - Log Analysis is a log analysis software developed by the American multinational company International Business Machines IBM. There is a security vulnerability in IBM Operations Analytics - Log Analysis, which stems from the use of default passwords during the...

dalfox 代码问题漏洞

Dalfox is an automated cross-site script scanning tool developed by HAHWUL. Versions of Dalfox prior to 2.13.0 contained code vulnerabilities. These vulnerabilities stemmed from the REST API server mode, where the output, output-all, and debug fields were deserialized directly from the attacker’s...

pam_usb 代码问题漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.1 contained code vulnerabilities. This vulnerability stemmed from the fact that the src/log.c file contained a process-level static pointer; each PAM ca...

UFO³ 安全漏洞

UFO³ is an open-source cross-device collaboration multi-agent task orchestration tool developed by Microsoft. Version UFO³ 3.0.1-4-ge2626659 contains a security vulnerability. This vulnerability stems from the use of user-controlled taskname values to construct session log path names, which may...

PT-2026-43890

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow exists in the create dirty log function within the dm mirror component. The calculation args used = 2 + param count occurs before validating against argc. If a user...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of validation of the log metadata payload size in md/raid5 implementations. This...

PT-2026-43844

In the Linux kernel, the following vulnerability has been resolved: fbnic: close fw log race between users and teardown Fixes a theoretical race on fw log between the teardown path and fw log write functions. fw log is written inside fbnic fw log write and can be reached from the mailbox handler...

PT-2026-43684

Name of the Vulnerable Software and Affected Versions IBM Operations Analytics - Log Analysis versions 1.3.5.0 through 1.3.5.3 IBM Operations Analytics - Log Analysis versions 1.3.6.0 through 1.3.6.1 IBM Operations Analytics - Log Analysis versions 1.3.7.0 through 1.3.7.2 IBM Operations Analytics...

PT-2026-44090

pam usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/log.c contains a process-wide static pointer that is written on every PAM invocation with the address of a stack-local variable. This violates the PAM re-entrancy requirement and creates a data...

gryph 安全漏洞

Gryph is an AI-based coding proxy activity auditing and debugging tool developed by SafeDep. Versions of Gryph prior to 0.7.0 contained security vulnerabilities. These vulnerabilities stemmed from the default log level being set to standard rather than minimum. As a result, sensitive file write...

CVE-2026-25444

creationtimestamp| type| source ---|---|--- 2026-05-26 22:32:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mms2cbsmp42t...

CVE-2026-5072

A bitwise shift vulnerability in Zephyr's PTP subsystem allows a remote attacker to cause undefined behavior and potential system crashes. An attacker sends a crafted PTPMSGMANAGEMENT message to set an unvalidated negative logannounceinterval value in the port's data set. When a subsequent...

CVE-2026-25193

Insertion of Sensitive Information into Log File CWE-532 in some Command Centre Service installers could lead to Service Account credentials exposure. Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account not the default Network Service account are...

DEBIAN-CVE-2026-48695

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the MikroTik router integration plugin. The log function in src/mikrotikplugin/fastnetmonmikrotik.php lines 107-108 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

CVE-2025-13755

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes DB2 Connect Server stores potentially sensitive information in log files that could be read by a local user...

CVE-2026-48687

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

DEBIAN-CVE-2026-48687

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...