23343 matches found
[R1] Tenable Identity Exposure Version 3.77.11 Fixes Multiple Vulnerabilities
R1 Tenable Identity Exposure Version 3.77.11 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 04/30/2025 - 00:26 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. Several of the third-party components Erlang OTP, OpenSSL were found to contain...
Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to denial of service due to OpenSSL (CVE-2022-0778)
Summary OpenSSL is used by DataStage on Cloud Pak for Data as part of secure network communication. Vulnerability Details CVEID:CVE-2022-0778 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw in the BNmodsqrt function when parsing certificates. By using a specially-craft...
Security Bulletin: Multiple vulnerabilities in multiple dependencies affect IBM MessageGateway/ MessageSight
Summary There are multiple vulnerabilities in Liberty, IBM Runtime Environment Java Version 8.0, Dojo and OpenSSL used by IBM MessageGateway/ MessageSight Vulnerability Details CVEID:CVE-2022-21365 DESCRIPTION: An unspecified vulnerability in Java SE related to the ImageIO component could allow a...
Security Bulletin: Security vulnerabilities affect multiple packages shipped with IBM CICS TX Advanced.
Summary IBM CICS TX Advanced is impacted by security vulnerabilities found in packages GLib2.0, libxml2, glibc , krb5 Kerberos, libtasn1-6, Expat, OpenSSL, GnuTLS and curl. These are shipped as part of the product. Vulnerability Details CVEID:CVE-2024-12133 DESCRIPTION: A flaw in libtasn1 causes...
CVE-2025-23253
NVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could exploit a hard-coded constant issue by copying a malicious DLL in a hard-coded path. A successful exploit of this vulnerability might lead to code execution, denial of service,...
Return of Wrong Status Code
Overview Affected versions of this package are vulnerable to Return of Wrong Status Code from the chacha20poly1305setkey function, when returning a ChaCha20 initialization error from the OpenSSL backend. An attacker can potentially impact confidentiality, integrity, and availability by exploiting...
CVE-2025-2769
Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system i...
CVE-2025-2768
Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system i...
CVE-2025-2768
Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system i...
CVE-2025-2769
Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system i...
CVE-2025-2768
Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system i...
CVE-2025-2769 Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system i...
CVE-2025-2769 Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system i...
CVE-2025-2769
CVE-2025-2769 affects Bdrive NetDrive. The issue is an Uncontrolled Search Path Element leading to Local Privilege Escalation. The root cause is the OpenSSL configuration being loaded from an unsecured location, enabling an attacker who can run low-privileged code to escalate to SYSTEM and execut...
CVE-2025-2768
CVE-2025-2768 affects Bdrive NetDrive. Root cause: OpenSSL configuration is loaded from an unsecured location, creating an uncontrolled search path element that enables local privilege escalation. Exploitation requires the attacker to execute low-privilege code on the target system; successful ex...
CVE-2025-2768 Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system i...
CVE-2025-2768 Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system i...
Bdrive NetDrive 代码问题漏洞
Bdrive NetDrive is a network drive from Bdrive that connects to various cloud services or remote file storage. A code issue vulnerability exists in Bdrive NetDrive that stems from loading an OpenSSL configuration file from a non-secure location, which could result in local elevation of privilege...
CVE-2025-23253
NVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could exploit a hard-coded constant issue by copying a malicious DLL in a hard-coded path. A successful exploit of this vulnerability might lead to code execution, denial of service,...
CVE-2025-23253
CVE-2025-23253 affects NVIDIA NvContainer service for Windows, where a hard-coded path in OpenSSL usage could be exploited by copying a malicious DLL to a fixed path, potentially enabling code execution, DoS, privilege escalation, information disclosure, or data tampering. Affected product: NVIDI...