Security Bulletin: IBM InfoSphere Information Server is vulnerable to HTTP header injection (CVE-2025-14807)

Summary A HTTP header injection vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-14807 DESCRIPTION: IBM InfoSphere Information Server is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This coul...

Security Bulletin: IBM InfoSphere Information Server is vulnerable due to disclosure of sensitive information (CVE-2026-1014)

Summary A sensitive information disclosure vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2026-1014 DESCRIPTION: IBM InfoSphere Information Server is vulnerable to exposure of sensitive information via JSON server response manipulation...

CVE-2026-2844

Missing Authentication for Critical Function vulnerability in Microchip TimePictra allows Configuration/Environment Manipulation.This issue affects TimePictra: from 11.0 through 11.3 SP2...

Microchip TimePictra 安全漏洞

Microchip TimePictra is a synchronization network management software developed by the American company Microchip. Versions of Microchip TimePictra 11.3 SP2 and earlier contained security vulnerabilities. These vulnerabilities were due to improper input during web page generation, which could lea...

Microchip TimePictra 安全漏洞

Microchip TimePictra is a synchronization network management software developed by the American company Microchip. Versions of Microchip TimePictra 11.3 SP2 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the lack of authentication for critical functions, which...

PT-2026-7258

Name of the Vulnerable Software and Affected Versions SINEC NMS versions prior to 4.0 SP2 Description The application allows unauthorized modification of a configuration file by a user with limited privileges. This could enable an attacker to load malicious DLLs, potentially resulting in arbitrar...

CVE-2025-56424

An issue in Insiders Technologies GmbH e-invoice pro before release 1 Service Pack 2 allows a remote attacker to cause a denial of service via a crafted script...

CVE-2025-56424

An issue in Insiders Technologies GmbH e-invoice pro before release 1 Service Pack 2 allows a remote attacker to cause a denial of service via a crafted script...

CVE-2025-56424

An issue in Insiders Technologies GmbH e-invoice pro before release 1 Service Pack 2 allows a remote attacker to cause a denial of service via a crafted script...

PT-2026-1818

Name of the Vulnerable Software and Affected Versions Insiders Technologies GmbH e-invoice pro versions prior to release 1 Service Pack 2 Description A flaw exists in Insiders Technologies GmbH e-invoice pro that could allow a remote attacker to cause a denial of service by using a specially...

2025-10 Security and Quality Rollup for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 for x64 (KB5066742)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

PT-2025-32386 · Mitel · Micollab +1

Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions through 9.8 SP2 9.8.2.12 Description: A vulnerability exists in the NuPoint Unified Messaging NPM component that could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input...

CVE-2006-6659

The Microsoft Office Outlook Recipient ActiveX control ole32.dll in Windows XP SP2 allows remote attackers to cause a denial of service Internet Explorer 7 hang via crafted HTML...

Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024191 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47600: dm btree remove: fix use afte...

Mitel MiCollab 访问控制错误漏洞

Mitel MiCollab is a mobile application that provides voice, video, messaging, audio conferencing, and team collaboration for employees from Mitel Canada. A security vulnerability exists in Mitel MiCollab version 9.8 SP1 FP2 9.8.1.201 and prior versions, which stems from a missing authentication...

CVE-2023-38533

A vulnerability has been identified in TIA Administrator All versions V3 SP2. The affected component creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update process...

NetIQ Identity Console 安全漏洞

NetIQ Identity Console is an identity management platform from NetIQ, Inc. A security vulnerability exists in NetIQ Identity Console versions prior to 1.7 Service Pack 2 that stems from the detection of an incorrect authorization level in the login panel, which could lead to unauthenticated...

Microsoft Windows RDP Security Vulnerability

Microsoft Remote Desktop Protocol Client is a client software application for connecting to remote desktops from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows RDP. An attacker could exploit this vulnerability to gain elevated privileges. Windows Server 2008 for...

CVE-2023-32748

The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 22.24.1500.0 could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control...

PT-2025-1449 · Ashlar Vellum · Ashlar-Vellum Cobalt

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Cobalt versions prior to v12 SP2 Build 1204.200 Description: The affected application lacks proper validation of user-supplied data when parsing CO files, which could lead to a heap-based buffer overflow. An attacker could...