Security Bulletin: IBM InfoSphere Information Server is vulnerable due to information exposure (CVE-2026-2484)

Summary An information exposure vulnerability was addressed in IBM InfoSphere Information Server. Vulnerability Details CVEID:CVE-2026-2484 DESCRIPTION: InfoSphere Information Server is affected by an information exposure vulnerability caused by overly verbose error messages. CWE:CWE-209:...

CVE-2026-3010

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimePictra allows Query System for Information.This issue affects TimePictra: from 11.0 through 11.3 SP2...

CVE-2025-56424

An issue in Insiders Technologies GmbH e-invoice pro before release 1 Service Pack 2 allows a remote attacker to cause a denial of service via a crafted script...

Microsoft Windows Routing and Remote Access Service 安全漏洞

Microsoft Windows Routing and Remote Access Service is a network service from Microsoft Corporation USA that is used to perform functions such as network routing, virtual private networks VPNs, and dial-up connections. A security vulnerability exists in Microsoft Windows Routing and Remote Access...

RHSA-2018:0466 Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 2 security update

Bulletin has no description...

Security Bulletin: IBM InfoSphere Information Server is affected by OpenSSL Vulnerability (CVE-2023-0464)

Summary A vulnerability in OpenSSL used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2023-0464 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error related to the verification of X.509 certificate chains that include policy constraints...

Solar FTP Server 2.1.1 Denial Of Service

!/usr/bin/python Exploit Title: Solar FTP Server 2.1.1 PASV Command - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 31 january 2024 Vendor Homepage: N/A Download to demo: Notification vendor: No reported Tested Version: Solar FTP Server 2.1.1 Tested on: Window XP Profession...

ProSysInfo TFTP Server TFTPDWIN 0.4.2 Denial Of Service

!/usr/bin/perl use IO::Socket::INET; Exploit Title: ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 20 january 2024 Vendor Homepage: N/A Download to demo: https://drive.google.com/file/d/1MLqBkCyu0dA-cNgYxCAO8xbsVcof060Z/view?usp=sharin...

Xitami 2.5 Denial Of Service

!/usr/bin/perl use IO::Socket::INET; Exploit Title: Xitami 2.5 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 14 january 2024 Vendor Homepage: https://imatix-legacy.github.io/xitami.com/ Download to demo:...

FTPDMIN 0.96 Denial Of Service

!/usr/bin/perl use Net::FTP; Exploit Title: FTPDMIN 0.96 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 2024-01-01 Vendor Homepage: https://www.sentex.ca/mwandel/ftpdmin/ Download to demo: https://drive.google.com/file/d/1CpfvaJbJVxR3HPWvcxIVipTaTj7RAaLd/view?usp=sharing...

Security Bulletin: IBM InfoSphere Information Server is affected by urllib3 vulnerability (CVE-2023-43804)

Summary A vulnerability in urllib3 used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw with cookie request header not stripped during...

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in snappy-java (CVE-2023-43642)

Summary A vulnerability in snappy-java used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-43642 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by missing upper bound check on chunk length. By sending a specially crafted request, a...

Microsoft .NET Framework Security Vulnerabilities

Microsoft .NET Framework is a comprehensive and consistent programming model from Microsoft Corporation USA and a development platform. The platform includes the C and Visual Basic programming languages, a public language runtime library, and an extensive class library. A security vulnerability...

Microsoft Windows Installer 安全漏洞

Microsoft Windows Installer is a component of the Windows operating system from Microsoft. It provides a standard basis for installing and uninstalling software. A security vulnerability exists in Microsoft Windows Installer. Windows Server 2008 for x64-based Systems Service Pack 2,Windows Server...

On the 20th Safer Internet Day, what was security like back in 2004?

Today is the 20th Safer Internet Day. Since 2004, there's been an annual event designed to "Promote safer and more responsible use of online technology and mobile phones, especially amongst children and young people across the world." 2004 was a key year for several safety activities, encompassin...

AVEVA Edge 安全漏洞

AVEVA Edge is a highly scalable and flexible HMI/SCADA software from AVEVA Software UK. A security vulnerability exists in AVEVA Edge version 20.0 Build: 4201.2111.1802.0000 Service Pack 2. An attacker could exploit this vulnerability to force a victim to visit a malicious page or open a maliciou...

PT-2022-4345 · Aveva · Aveva Edge

Name of the Vulnerable Software and Affected Versions: AVEVA Edge 2020 SP2 Patch 04201.2111.1802.0000 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious...

March 8, 2022—KB5011525 (Security-only update)

March 8, 2022—KB5011525 Security-only update Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. IMPORTANT Windows Server 2008 Service Pack 2 SP2 has reached the end of mainstream support and are now in extended support...

KB5010799: Out-of-band update for Windows Server 2008 SP2: January 17, 2022

KB5010799: Out-of-band update for Windows Server 2008 SP2: January 17, 2022 Summary This update resolves the following issues: Active Directory attributes are not written correctly during a Lightweight Directory Access Protocol LDAP modify operation with multiple specific attribute changes. Windo...

Security Bulletin: Vulnerabilities in java affect Power Hardware Management Console (CVE-2016-0448)

Summary Java is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0448 DESCRIPTION: An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the JMX component could allow a remote attacker to obtain...