Lucene search
K

1637 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/12/01 9:15 p.m.5 views

Security Bulletin: Vulnerability in NX-OS Firmware and DCNM Software used by IBM c-type SAN directors and switches.

Summary Public disclosed OpenSSL vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches. The vulnerability has been addressed and can be resolved by applying the NX-OS code and NDFC code levels listed below. Vulnerability Details CVEID:CVE-2022-4304 DESCRIPTION: A timing...

7.5CVSS6.9AI score0.59501EPSS
Exploits0Affected Software1
Metasploit
Metasploit
added 2025/11/26 6:53 p.m.408 views

IGEL OS Privilege Escalation (via systemd service)

Escalate privileges for IGEL OS Workspace Edition sessions, by modifying network-manager.service using setupcmd SUID and network, then restarting the service. Module Options msf use exploit/linux/local/igelnetworkprivesc msf exploitigelnetworkprivesc show targets ...targets... msf...

5.8AI score
Exploits0
Packet Storm
Packet Storm
added 2025/11/26 12:0 a.m.165 views

📄 IGEL OS Privilege Escalation

This Metasploit module escalates privileges for IGEL OS Workspace Edition sessions by modifying network-manager.service using setupcmd SUID and network and then restarting the service. This module requires Metasploit: https://metasploit.com/download Current source:...

7AI score
Exploits0
OSV
OSV
added 2025/11/17 10:40 p.m.7 views

CLSA-2025-1763419211 NetworkManager-libreswan: Fix of CVE-2024-9050

CVE-2024-9050: sanitize VPN configuration input to prevent local privilege escalation via malicious 'leftupdown' key value...

7.8CVSS5.8AI score0.00452EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2025/11/11 12:0 a.m.2 views

Security update for warewulf4 (important)

openSUSE security update: security update for warewulf4 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20031-1 Rating: important References: bsc1227465 bsc1227686 bsc1246082 bsc1248768 bsc1248906 Cross-References: CVE-2025-58058 CVSS scores:...

6.9CVSS6.6AI score0.00385EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/06 7:22 a.m.3 views

Security Bulletin: Due to use of IBM WebSphere Application Server, IBM Tivoli Network Manager (ITNM) IP Edition is affected by a denial of service vulnerability.

Summary WebSphere Application Server, used by IBM Tivoli Network Manager ITNM IP Edition, is affected by a denial of service vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions...

6.5AI score
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/24 5:33 p.m.16 views

CVE-2025-34155

Tibbo AggreGate Network Manager 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or not, allowing an unauthenticated remote attacker to infer valid account identifiers. This can...

6.9CVSS7AI score0.00647EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/24 5:33 p.m.16 views

CVE-2025-34156

Tibbo AggreGate Network Manager 6.40.05 exposes sensitive system information through an unauthenticated endpoint at /cwmp/happyaxis.jsp. The page discloses Java system properties, server path details, and version information to unauthorized users, resulting in information disclosure that could ai...

6.9CVSS6.3AI score0.00338EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/23 6:31 p.m.4 views

EUVD-2025-35704

Tibbo AggreGate Network Manager 6.40.05 exposes sensitive system information through an unauthenticated endpoint at /cwmp/happyaxis.jsp. The page discloses Java system properties, server path details, and version information to unauthorized users, resulting in information disclosure that could ai...

6.9CVSS5.9AI score0.00338EPSS
Exploits0References4
NVD
NVD
added 2025/10/23 5:15 p.m.3 views

CVE-2025-34155

Tibbo AggreGate Network Manager 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or not, allowing an unauthenticated remote attacker to infer valid account identifiers. This can...

6.9CVSS0.00647EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/23 4:30 p.m.8 views

CVE-2025-34156 Tibbo AggreGate Network Manager < 6.40.05 System Information Exposure

Tibbo AggreGate Network Manager 6.40.05 exposes sensitive system information through an unauthenticated endpoint at /cwmp/happyaxis.jsp. The page discloses Java system properties, server path details, and version information to unauthorized users, resulting in information disclosure that could ai...

6.9CVSS0.00338EPSS
Exploits0References3
CVE
CVE
added 2025/10/23 4:30 p.m.11 views

CVE-2025-34156

CVE-2025-34156 concerns Tibbo AggreGate Network Manager versions before 6.40.05, where an unauthenticated endpoint at /cwmp/happyaxis.jsp exposes sensitive system information. The page discloses Java system properties, server path details, and version information to unauthorized users, creating i...

6.9CVSS6AI score0.00338EPSS
Exploits0References3
CVE
CVE
added 2025/10/23 4:30 p.m.12 views

CVE-2025-34155

CVE-2025-34155 affects Tibbo AggreGate Network Manager versions prior to 6.40.05. The issue is an observable discrepancy in login failure messages that reveals whether a provided username exists, enabling unauthenticated remote user enumeration and potentially aiding targeted brute-force/credenti...

6.9CVSS6.7AI score0.00647EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/23 4:30 p.m.9 views

CVE-2025-34155 Tibbo AggreGate Network Manager < 6.40.05 Login Functionality User Enumeration

Tibbo AggreGate Network Manager 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or not, allowing an unauthenticated remote attacker to infer valid account identifiers. This can...

6.9CVSS0.00647EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/23 11:6 a.m.11 views

Security Bulletin: A Prototype Pollution vulnerability in jquery.dataTables affects IBM Tivoli Network Manager IP Edition (ITNM) (CVE-2020-28458)

Summary A Prototype Pollution vulnerability in jquery.dataTables was addressed in ITNM version 4.2 Fix Pack 23 4.2.0.23 Vulnerability Details CVEID:CVE-2020-28458 DESCRIPTION: All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for...

7.5CVSS6.6AI score0.0367EPSS
Exploits2Affected Software1
CNNVD
CNNVD
added 2025/10/23 12:0 a.m.6 views

Tibbo AggreGate Network Manager 安全漏洞

Tibbo AggreGate Network Manager is a network monitoring and IT management platform from Tibbo. A security vulnerability exists in Tibbo AggreGate Network Manager versions prior to 6.40.05, which stems from an observable response discrepancy in the login function that could lead to user enumeratio...

6.9CVSS6.6AI score0.00647EPSS
Exploits0References3
Circl
Circl
added 2025/10/22 1:44 a.m.4 views

CISCO-SA-20150401-DCNM

creationtimestamp| type| source ---|---|--- 2025-10-22 01:44:36+00:00| seen| Telegram/7Y6xRPttz6yg5mhYf8lGc69MunkWLUZZfWY4ZXqRbESpzn4...

4.8AI score
Exploits0
OSV
OSV
added 2025/10/19 10:31 p.m.3 views

JLSEC-2025-165 An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1

An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based...

5.2CVSS6.8AI score0.00756EPSS
Exploits1References16
vulnersOsv
vulnersOsv
added 2025/10/18 12:0 p.m.3 views

rust-network-mgr (>=0.1.0 <=0.1.4) potentially affected by unknown CVE via nftnl (=0.7.0)

nftnl CARGO version =0.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on nftnl and may be impacted: - rust-network-mgr =0.1.0, =0.1.4 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0126...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/10/14 6:44 a.m.8 views

CVE-2025-27259

Ericsson Network Manager versions prior to ENM 25.2 GA contain a vulnerability that, if exploited, can exfiltrate limited data or redirect victims to other sites or domains...

2.4CVSS6.8AI score0.0019EPSS
Exploits0References1
Rows per page
Query Builder