The vulnerability of the Call History module in the iPadOS and iOS operating systems allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Call History module in iPadOS and iOS operating systems is related to insufficient protection for sensitive data. Exploiting this vulnerability can allow an attacker who operates remotely to gain unauthorized access to protected information...

The vulnerability of the CoreText component in iPadOS, iOS, tvOS, and MacOS operating systems allows attackers to gain unauthorized access to protected information.

The vulnerability of the CoreText component in iPadOS, iOS, tvOS, and MacOS operating systems relates to reading data beyond the permitted range of memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Important: Red Hat Security Advisory: mod_auth_openidc security update

An update for modauthopenidc is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

The vulnerability of the Backup & Restore module of the Device Admin app for the ctrlX OS operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Backup & Restore module of the Device Admin app for the ctrlX OS operating system is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information by...

The vulnerability of the IBM Maximo Application Suite, a platform for managing corporate assets based on artificial intelligence, relates to the unlimited download of dangerous files. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the IBM Maximo Application Suite, a platform for managing corporate assets based on artificial intelligence, lies in its ability to allow unlimited uploading of sensitive files. Exploiting this vulnerability could enable an attacker operating remotely to gain unauthorized...

The vulnerability of the org.xwiki.platform:xwiki-platform-repository-rest-server component of the XWiki Platform, a platform for creating collaborative web applications. This vulnerability allows attackers to gain unauthorized access to protected information.

The vulnerability of the “org.xwiki.platform:xwiki-platform-repository-rest-server” component of the XWiki Platform relates to the absence of authentication. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the web interface of the cloud platform for automating business processes in IBM Cloud Pak for Business Automation allows a attacker to disclose protected information.

The vulnerability of the web interface of the IBM Cloud Pak for Business Automation cloud platform relates to the lack of protective measures for the website structure. Exploiting this vulnerability can allow a malicious actor to disclose the protected information remotely...

The vulnerability of the org.xwiki.platform:xwiki-platform-security-authentication-ui component of the XWiki Platform, a platform for creating collaborative web applications. This vulnerability allows an attacker to gain unauthorized access to protected information.

The vulnerability of the “org.xwiki.platform:xwiki-platform-security-authentication-ui” component of the XWiki Platform involves the absence of authentication. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the PCMan FTP Server relates to the occurrence of operations beyond the buffer boundaries in memory. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the PCMan FTP Server relates to the issue of operations going beyond the buffer boundaries during the processing of the append parameter. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of ZIP files stored in the Apache Solr search server allows attackers to gain unauthorized access to protected information or cause service failures.

The vulnerability of ZIP files processed by the Apache Solr search server is related to errors in processing the relative path to the directory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures...

Updated apache-mod_auth_openidc packages fix security vulnerability

modauthopenidc allows OIDCProviderAuthRequestMethod POSTs to leak protected data. CVE-2025-31492...

The vulnerability of the hv_uio_probe() function in the drivers/uio/uio_hvgeneric.c module of the Linux kernel allows a hacker to gain access to protected information.

The vulnerability of the hvuioprobe function in the drivers/uio/uiohvgeneric.c module of the Linux kernel is related to security configuration errors. Exploiting this vulnerability can allow an attacker to gain access to protected information...

The vulnerability of the Dell ECS storage platform, related to errors in the authentication process, allows an intruder to gain unauthorized access to protected information.

The vulnerability of the Dell ECS storage platform is related to errors in the certificate validation process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the mod_data module in the virtual training environment Moodle, which allows a intruder to gain unauthorized access to protected information

The vulnerability of the moddata module in the virtual training environment Moodle is related to the disclosure of information through query strings. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the virtual learning environment Moodle, related to insufficient protection of operational data, allows a hacker to disclose protected information.

The vulnerability in the virtual learning environment Moodle is related to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

The vulnerability of the LockSmtpSettings method in the software for managing and monitoring remote devices in telemetry and telemechanics systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the LockSmtpSettings method in the software for managing and monitoring remote devices in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the...

The vulnerability of the LockBufferingSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the LockBufferingSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability could allow an attacker to compromise th...

The vulnerability of the CloudKit component in iPadOS and macOS operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the CloudKit component in iPadOS and macOS is related to lack of access control. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the SAP KMC WPC knowledge management business application, related to deficiencies in the authentication process, allows unauthorized users to gain unauthorized access to protected information.

The vulnerability of the SAP KMC WPC knowledge management business application is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the UpdateTcmSettings method in the software for managing and monitoring removed objects in telemetering and telemechanics systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the UpdateTcmSettings method in the software for managing and monitoring removed objects in telemetering and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the...