Hitachi FOXMAN-UN 信任管理问题漏洞

Hitachi FOXMAN-UN is a powerful toolset for a comprehensive NMS suite from Hitachi, Japan. A security vulnerability exists in Hitachi FOXMAN-UN, which stems from the fact that its message queue contains hard-coded credentials that allow an attacker to access data from the internal message queue...

Hitachi Energy UNEM

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: UNEM Vulnerabilities: Inadequate Encryption Strength, Use of Hard-coded Cryptographic Key, Cleartext Transmission of Sensitive Information. 2. RISK EVALUATION Successful...

PT-2025-37586

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak was identified in the init mqueue fs function within the Linux kernel. Specifically, when the setup mq sysctls function failed during the initialization process, the mqueue...

PT-2022-35049 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: A potential memory leak issue was identified in the init mqueue fs function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions pri...

CVE-2022-40230

"IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 235532."...

IBM MQ 输入验证错误漏洞

IBM MQ IBM WebSphere MQ is a messaging middleware product from International Business Machines IBM, Inc. The product provides a reliable, authenticated messaging backbone primarily for service-oriented architectures SOA.IBM MQ has an input validation error vulnerability that could be exploited by...

Vulnerabilities fixed in IBM MQ

Vulnerabilities have been fixed in IBM MQ. The vulnerabilities allow a malicious party to bypass a command measure bypass and perform a denial-of-service DoS. IBM has released updates to fix the vulnerabilities in MQ. For more information, see: https://www.ibm.com/support/pages/node/6823767...

Vulnerability fixed in IBM MQ

IBM has fixed a vulnerability in IBM MQ. Through an XML External Entity Injection XXE, a malicious party can cause a Denial-of-Service by running the MQ environment out of memory run, or gain access to sensitive information. IBM has released updates to fix the vulnerability in MQ 8.0, 9.1 and 9.2...

IBM MQ 代码问题漏洞

IBM MQ IBM WebSphere MQ is a messaging middleware product from IBM. It provides a reliable and proven messaging backbone for Service Oriented Architecture SOA. A security vulnerability exists in IBM MQ that stems from an attacker being able to transfer malicious XML data to IBM MQ via the Explore...

CVE-2021-35095

Improper serialization of message queue client registration can lead to race condition allowing multiple gunyah message clients to register with same label in Snapdragon Connectivity, Snapdragon Mobile...

Race condition

Improper serialization of message queue client registration can lead to race condition allowing multiple gunyah message clients to register with same label in Snapdragon Connectivity, Snapdragon Mobile...

CVE-2021-35095

Improper serialization of message queue client registration can lead to race condition allowing multiple gunyah message clients to register with same label in Snapdragon Connectivity, Snapdragon Mobile...

CVE-2021-35095

CVE-2021-35095 is a Qualcomm/Qualcomm-derived issue affecting Snapdragon components (Snapdragon Connectivity and Snapdragon Mobile) where improper serialization of message queue client registrations can cause a race condition, allowing multiple gunyah message clients to register with the same lab...

PT-2022-10415 · Qualcomm · Snapdragon Mobile +1

Name of the Vulnerable Software and Affected Versions: Snapdragon Connectivity, Snapdragon Mobile affected versions not specified Description: The issue is related to improper serialization of message queue client registration, which can cause a race condition. This condition allows multiple guny...

CVE-2022-22325

IBM MQ IBM MQ for HPE NonStop 8.1.0 can inadvertently disclose sensitive information under certain circumstances to a local user from a stack trace. IBM X-Force ID: 218853...

IBM MQ Appliance 安全漏洞

IBM MQ Appliance is an all-in-one appliance for rapid deployment of enterprise-class messaging middleware from IBM USA. A security vulnerability exists in IBM MQ Appliance that originates from a vulnerability that can be exploited by an attacker to read IBM MQ Appliance files via insufficient...

CVE-2022-25136

A command injection vulnerability in the function meshSlaveUpdate of TOTOLINK Technology routers T6 V3Firmware T6V3V4.1.5cu.748B20211015 and T10 V2Firmware V4.1.8cu.5207B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet...

CVE-2022-25137

A command injection vulnerability in the function recvSlaveUpgstatus of TOTOLINK Technology routers T6 V3Firmware T6V3V4.1.5cu.748B20211015 and T10 V2Firmware V4.1.8cu.5207B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet...

TotoLink routers 命令注入漏洞

TOTOLink T6 is a wireless dual-band router from TotoLink, China.TOTOLink T10 is a wireless network system router from TotoLink, China.A command injection vulnerability exists in the meshSlaveUpdate function of TOTOLINK Technology Routers T6 and T10. An attacker can exploit this vulnerability to...

The vulnerability of the IBM WebSphere MQ messaging software for HPE NonStop operating systems, related to authentication procedures that allow attackers to escalate their privileges.

The vulnerability of the IBM WebSphere MQ messaging software for HPE NonStop operating systems is related to deficiencies in the authentication process when the SharedBindingsUserId attribute is used. Exploiting this vulnerability can allow attackers to gain increased privileges...