Security update for the Linux Kernel (Live Patch 19 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.84 fixes one security issue The following security issue was fixed: CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management bsc1259859. Patch Instructions: To install this SUSE update use the SUSE...

Security Bulletin: Multiple Vulnerabilities in IBM Guardium Key Lifecycle Manager (CVE-2025-68161, CVE-2026-1726)

Summary Security Vulnerabilities have been addressed in IBM Guardium Key Lifecycle Manager Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even wh...

CVE-2025-24863

Improper privilege management for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable data exposure. This result...

EUVD-2021-12325

Malware in sbrugna...

EUVD-2018-20449

Malware in sbrugna...

EUVD-2023-58080

Malicious code in bioql PyPI...

EUVD-2023-41778

Malicious code in bioql PyPI...

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in kafka-clients-3.4.0.jar

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of kafka-clients-3.4.0.jar Vulnerability Details CVEID:CVE-2024-31141 DESCRIPTION: Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kafka Clients. Apache Kafka Clients...

Citrix Workspace app for Windows 安全漏洞

Citrix Workspace app for Windows is a client software from Citrix, Inc. that is used to access an organization's hosted applications and desktops. A security vulnerability exists in the Citrix Workspace app for Windows that stems from improper privilege management and could result in a...

PT-2025-24714 · Fortinet +1 · Fortiproxy +3

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 7.6.0 through 7.6.1 Fortinet FortiOS versions 7.4.0 through 7.4.6 Fortinet FortiOS versions 7.2.0 through 7.2.10 Fortinet FortiOS versions 7.0.0 through 7.0.16 Fortinet FortiOS version before 6.4.15 FortiProxy versio...

PT-2025-23747

Name of the Vulnerable Software and Affected Versions ThemeManager versions prior to SMR Jun-2025 Release 1 Description The issue is related to improper privilege management, allowing local privileged attackers to reuse trial items. This could potentially be exploited by attackers with local...

CVE-2024-29150

An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 86x8NOE-R300.1.40.12.4180 and SIP deskphones through 86x8SIP-R200.1.01.10.728. Because of improper privilege management, an authenticated attacker is able to create symlinks to sensitive and protected data in locations that are...

CVE-2023-45083

An Improper Privilege Management vulnerability exists in HyperCloud that will impact the ability for a user to authenticate against the management plane. An authenticated admin-level user may be able to delete the "admin" or "serveradmin" users, which prevents authentication from subsequently...

CVE-2022-43927

IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. IBM X-Force ID: 241671...

CVE-2022-36329

An improper privilege management issue that could allow an attacker to cause a denial of service over the OTA mechanism was discovered in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before...

CVE-2022-30735

Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the accesstoken without permission...

CVE-2020-9141

There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity...

SonicWall NetExtender Windows Client Multiple Vulnerabilities

1 CVE-2025-23008 - SonicWall NetExtender Improper Privilege Management VulnerabilityAn improper privilege management vulnerability in the SonicWall NetExtender Windows 32 and 64 bit client allows a low privileged attacker to modify configurations. CVSS Score: 7.2 CVSS Vector:...

Security Bulletin: There is a vulnerability in kafka-clients-3.6.0.jar used by IBM Maximo Asset Management application (CVE-2024-31141)

Summary There is a vulnerability in kafka-clients-3.6.0.jar used by IBM Maximo Asset Management application CVE-2024-31141 Vulnerability Details CVEID:CVE-2024-31141 DESCRIPTION: Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kafka...

Security Bulletin: Vulnerability in Apache Kafka Clients affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.

Summary Potential vulnerability in Apache Kafka Clients has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. The vulnerability have been addressed. Refer to details for additional information...