1637 matches found
Security Bulletin: Vulnerability in NX-OS Firmware and DCNM Software used by IBM c-type SAN directors and switches.
Summary Public disclosed OpenSSL vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches. The vulnerability has been addressed and can be resolved by applying the NX-OS code and NDFC code levels listed below. Vulnerability Details CVEID:CVE-2022-4304 DESCRIPTION: A timing...
IGEL OS Privilege Escalation (via systemd service)
Escalate privileges for IGEL OS Workspace Edition sessions, by modifying network-manager.service using setupcmd SUID and network, then restarting the service. Module Options msf use exploit/linux/local/igelnetworkprivesc msf exploitigelnetworkprivesc show targets ...targets... msf...
📄 IGEL OS Privilege Escalation
This Metasploit module escalates privileges for IGEL OS Workspace Edition sessions by modifying network-manager.service using setupcmd SUID and network and then restarting the service. This module requires Metasploit: https://metasploit.com/download Current source:...
CLSA-2025-1763419211 NetworkManager-libreswan: Fix of CVE-2024-9050
CVE-2024-9050: sanitize VPN configuration input to prevent local privilege escalation via malicious 'leftupdown' key value...
Security update for warewulf4 (important)
openSUSE security update: security update for warewulf4 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20031-1 Rating: important References: bsc1227465 bsc1227686 bsc1246082 bsc1248768 bsc1248906 Cross-References: CVE-2025-58058 CVSS scores:...
Security Bulletin: Due to use of IBM WebSphere Application Server, IBM Tivoli Network Manager (ITNM) IP Edition is affected by a denial of service vulnerability.
Summary WebSphere Application Server, used by IBM Tivoli Network Manager ITNM IP Edition, is affected by a denial of service vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions...
CVE-2025-34155
Tibbo AggreGate Network Manager 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or not, allowing an unauthenticated remote attacker to infer valid account identifiers. This can...
CVE-2025-34156
Tibbo AggreGate Network Manager 6.40.05 exposes sensitive system information through an unauthenticated endpoint at /cwmp/happyaxis.jsp. The page discloses Java system properties, server path details, and version information to unauthorized users, resulting in information disclosure that could ai...
EUVD-2025-35704
Tibbo AggreGate Network Manager 6.40.05 exposes sensitive system information through an unauthenticated endpoint at /cwmp/happyaxis.jsp. The page discloses Java system properties, server path details, and version information to unauthorized users, resulting in information disclosure that could ai...
CVE-2025-34155
Tibbo AggreGate Network Manager 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or not, allowing an unauthenticated remote attacker to infer valid account identifiers. This can...
CVE-2025-34156 Tibbo AggreGate Network Manager < 6.40.05 System Information Exposure
Tibbo AggreGate Network Manager 6.40.05 exposes sensitive system information through an unauthenticated endpoint at /cwmp/happyaxis.jsp. The page discloses Java system properties, server path details, and version information to unauthorized users, resulting in information disclosure that could ai...
CVE-2025-34156
CVE-2025-34156 concerns Tibbo AggreGate Network Manager versions before 6.40.05, where an unauthenticated endpoint at /cwmp/happyaxis.jsp exposes sensitive system information. The page discloses Java system properties, server path details, and version information to unauthorized users, creating i...
CVE-2025-34155
CVE-2025-34155 affects Tibbo AggreGate Network Manager versions prior to 6.40.05. The issue is an observable discrepancy in login failure messages that reveals whether a provided username exists, enabling unauthenticated remote user enumeration and potentially aiding targeted brute-force/credenti...
CVE-2025-34155 Tibbo AggreGate Network Manager < 6.40.05 Login Functionality User Enumeration
Tibbo AggreGate Network Manager 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or not, allowing an unauthenticated remote attacker to infer valid account identifiers. This can...
Security Bulletin: A Prototype Pollution vulnerability in jquery.dataTables affects IBM Tivoli Network Manager IP Edition (ITNM) (CVE-2020-28458)
Summary A Prototype Pollution vulnerability in jquery.dataTables was addressed in ITNM version 4.2 Fix Pack 23 4.2.0.23 Vulnerability Details CVEID:CVE-2020-28458 DESCRIPTION: All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for...
Tibbo AggreGate Network Manager 安全漏洞
Tibbo AggreGate Network Manager is a network monitoring and IT management platform from Tibbo. A security vulnerability exists in Tibbo AggreGate Network Manager versions prior to 6.40.05, which stems from an observable response discrepancy in the login function that could lead to user enumeratio...
CISCO-SA-20150401-DCNM
creationtimestamp| type| source ---|---|--- 2025-10-22 01:44:36+00:00| seen| Telegram/7Y6xRPttz6yg5mhYf8lGc69MunkWLUZZfWY4ZXqRbESpzn4...
JLSEC-2025-165 An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based...
rust-network-mgr (>=0.1.0 <=0.1.4) potentially affected by unknown CVE via nftnl (=0.7.0)
nftnl CARGO version =0.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on nftnl and may be impacted: - rust-network-mgr =0.1.0, =0.1.4 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0126...
CVE-2025-27259
Ericsson Network Manager versions prior to ENM 25.2 GA contain a vulnerability that, if exploited, can exfiltrate limited data or redirect victims to other sites or domains...