SUSE CVE-2012-0417

Integer overflow in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors...

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Commons Lang (CVE-2025-48924)

Summary A vulnerability in Apache Commons Lang that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

CVE-2025-67822

A vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE 7.3 7.3.0.0.50 through 7.8 SP1 7.8.1.0.14 could allow an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication mechanisms. A successful exploit could allow an attacker to gai...

Mitel MiVoice MX-ONE security vulnerabilities

Mitel MiVoice MX-ONE is a comprehensive communication solution provided by the Canadian company Mitel. Versions 7.3 to 7.8 SP1 of Mitel MiVoice MX-ONE contain security vulnerabilities. These vulnerabilities stem from improper authentication mechanisms, which may allow for bypasses during...

Security Bulletin: IBM InfoSphere Information Server is affected by a server-side request forgery (CVE-2025-12832)

Summary A server-side request forgery vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-12832 DESCRIPTION: IBM InfoSphere Information Server is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send...

CVE-2021-4461 Seeyon Zhiyuan OA Web Application System < 7.0 SP1 Authentication Bypass

Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and parse the enc parameter in thirdpartyController.do. The decoded map values can influence session attributes without sufficient authentication/authorization checks, enabling attackers to assign a...

EUVD-2025-24009

Malicious code in bioql PyPI...

IBM InfoSphere 11.7.0.x < 11.7.1.6 SP1 Command Injection (7246170)

The version of IBM InfoSphere Information Server installed on the remote host is 11.7.0 prior to 11.7.1.6 SP1. It is, therefore, affected by a command injection vulnerability, as referenced in the 7246170 advisory. - IBM InfoSphere 11.7.0.0 through 11.7.1.6 Information Server could allow an...

Security Bulletin: Multiple Vulnerabilities discovered in Cloudera Data Platform Private Cloud Base with IBM 7.1.7 SP2

Summary Multiple Vulnerabilities discovered in Cloudera Data Platform Private Cloud Base with IBM 7.1.7 SP2 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- Cloudera Data Platform Priva...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP1 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.62 Service Pack 1 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Microsoft Windows Routing and Remote Access Service 缓冲区错误漏洞

Microsoft Windows Routing and Remote Access Service is a network service from Microsoft Corporation USA that is used to implement features such as network routing, virtual private networks VPNs, and dial-up connections. A buffer error vulnerability exists in Microsoft Windows Routing and Remote...

Thermo Fisher Scientific Xcalibur 安全漏洞

Thermo Fisher Scientific Xcalibur is a data acquisition and interpretation software from Thermo Fisher Scientific USA. A security vulnerability exists in Thermo Fisher Scientific Xcalibur versions prior to 4.7 SP1 and Thermo Foundation Instrument Control Software ICSW versions prior to 3.1 SP10,...

Dell RecoverPoint for Virtual Machines 安全漏洞

Dell RecoverPoint for Virtual Machines is a simple, efficient operations and disaster recovery solution from Dell, Inc. For virtualized applications in VMware environments. A security vulnerability exists in Dell RecoverPoint for Virtual Machines version 6.0 SP1 and version 6.0 SP1 P1, which stem...

CVE-2024-39873

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application does not properly implement brute force protection against user credentials in its web API. This could allow an attacker to learn user credentials that are vulnerable to brute force...

CVE-2024-39874

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application does not properly implement brute force protection against user credentials in its Client Communication component. This could allow an attacker to learn user credentials that are...

PT-2024-8747 · Siemens · Sinema Remote Connect Server

Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.2 SP1 Description: A vulnerability has been identified in the SINEMA Remote Connect Server, where the affected application does not properly assign rights to temporary files created during its...

PT-2024-5084 · Siemens · Sinema Remote Connect Server

Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.2 SP1 Description: A vulnerability has been identified in the SINEMA Remote Connect Server that allows users to upload encrypted backup files without correctly checking the path of the restore...

Vulnerabilities fixed in Trend Micro Apex One

Trend Micro has fixed vulnerabilities in Apex One. A local, authenticated malicious person could exploit the vulnerabilities to grant themselves elevated privileges and execute arbitrary code execute arbitrary code, possibly as SYSTEM. Trend Micro has released updates to fix the vulnerabilities...

Vulnerabilities fixed in Trend Micro Apex One

Trend Micro has fixed vulnerabilities in Apex One. A local, authenticated malicious party could exploit the vulnerabilities to grant themselves elevated privileges and potentially access gain access to data for which the malicious party is not initially authorized. Trend Micro has released update...

Microsoft Windows RDP Security Vulnerability

Microsoft Remote Desktop Protocol Client is a client software application for connecting to remote desktops from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows RDP. An attacker could exploit this vulnerability to gain elevated privileges. Windows Server 2008 for...