Security Bulletin: Vulnerabilities in httpd library (CVE-2025-58098, CVE-2025-65082, CVE-2025-66200) affect Power HMC.

Summary The httpd library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-58098 DESCRIPTION: Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escape...

Security Bulletin: Vulnerability in net-snmp library (CVE-2025-68615) affects Power HMC.

Summary The net-snmp library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-68615 DESCRIPTION: net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet ...

Security Bulletin: Vulnerability in kernel library (CVE-2022-50865) affects Power HMC.

Summary The kernel library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-50865 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcpaddbacklog Th...

Security Bulletin: Vulnerabilities in Apache Tomcat Server (CVE-2025-61795, CVE-2025-66614, CVE-2026-24733, CVE-2026-24734) affect Power HMC.

Summary The Apache Tomcat Server is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-61795 DESCRIPTION: Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred including exceeding limits...

Security Bulletin: Vulnerability in expat library (CVE-2025-59375) affects Power HMC.

Summary The expat library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-59375 DESCRIPTION: libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is...

Security Bulletin: Vulnerability in sssd library (CVE-2025-11561) affects Power HMC.

Summary The sssd library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-11561 DESCRIPTION: A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In defaul...

Security Bulletin: Vulnerabilities in libsoup library (CVE-2025-4945, CVE-2025-11021) affect Power HMC.

Summary The libsoup library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-4945 DESCRIPTION: A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The...

Security Bulletin: Vulnerability in openssh and libssh libraries (CVE-2023-28709) affects Power HMC

Summary The openssh and libssh libraries are used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: OpenSSH is vulnerable to a machine-in-the-middle attack, caused by a flaw in the extension negotiation process ...

Security Bulletin: Vulnerabilities in httpd library (CVE-2024-47252, CVE-2025-23048, CVE-2025-49630) affect Power HMC.

Summary The httpd library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-47252 DESCRIPTION: Insufficient escaping of user-supplied data in modssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS...

Security Bulletin: Vulnerability in libxml2 library (CVE-2025-32415) affects Power HMC.

Summary The libxml2 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-32415 DESCRIPTION: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer...

Security Bulletin: Vulnerabilities in pam library (CVE-2025-6020, CVE-2025-8941) affect Power HMC.

Summary The pam library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-6020 DESCRIPTION: A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing...

EUVD-2014-0913

Malware in sbrugna...

Security Bulletin: Vulnerabilities in glib2 library (CVE-2024-52533, CVE-2025-4373) affect Power HMC.

Summary The glib2 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-52533 DESCRIPTION: gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4CONNMSGLEN...

Security Bulletin: Vulnerabilities in libxml2 library (CVE-2025-6021, CVE-2025-49794, CVE-2025-49796) affect Power HMC.

Summary The libxml2 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-6021 DESCRIPTION: A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a...

Security Bulletin: Vulnerability in sudo library (CVE-2025-32462) affects Power HMC.

Summary The sudo library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-32462 DESCRIPTION: Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows liste...

Security Bulletin: Vulnerability in pam library (CVE-2025-6020) affects Power HMC.

Summary The pam library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-6020 DESCRIPTION: A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing...

Security Bulletin: Vulnerability in libxml2 library (CVE-2025-32414) affects Power HMC.

Summary The libxml2 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-32414 DESCRIPTION: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings...

Security Bulletin: Vulnerabilities in libsoup library (CVE-2025-32050, CVE-2025-32052, CVE-2025-32053, CVE-2025-32906, CVE-2025-32911, CVE-2025-32913, CVE-2025-46420, CVE-2025-46421) affect Power HMC.

Summary The libsoup library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-32050 DESCRIPTION: A flaw was found in libsoup. The libsoup appendparamquoted function may contain an overflow bug resulting in a buffer...

Security Bulletin: Vulnerabilities in IBM Semeru SDK (CVE-2025-21587, CVE-2025-30698, CVE-2025-2900) affect Power HMC.

Summary The IBM Semeru SDK is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high...

Security Bulletin: Vulnerability in expat library (CVE-2024-8176) affects Power HMC.

Summary The expat library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-8176 DESCRIPTION: A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML...