Security Bulletin: IBM Operational Decision Manager for January 2026 - Multiple CVEs addressed

Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed Vulnerability Details CVEID:CVE-2025-13465...

MiracleLinux 4 : krb5-1.10.3-33.AXS4 (AXSA:2014-606:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-606:02 advisory. Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecu...

EUVD-2019-4602

Malware in sbrugna...

EUVD-2025-10826

Malicious code in bioql PyPI...

EUVD-2022-28626

Malicious code in bioql PyPI...

The vulnerability of the gpiolib-cdev.c component in the Linux operating system’s kernel allows a hacker to cause service interruptions as well as trigger system failures.

The vulnerability of the gpiolib-cdev.c component in the Linux operating system is related to errors during initialization of variables. Exploiting this vulnerability can allow an attacker to cause service failures...

CVE-2023-51454

A Out-of-bounds Write issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to overwrite a pointer in the process memory through a crafted payload triggering an unsafe memory write operation in the mytcpreceive function implemented in the...

CVE-2021-22339

There is a denial of service vulnerability in some versions of ManageOne. In specific scenarios, due to the insufficient verification of the parameter, an attacker may craft some specific parameter. Successful exploit may cause some services abnormal...

CVE-2020-1862

There is a double free vulnerability in some Huawei products. A local attacker with low privilege may perform some operations to exploit the vulnerability. Due to doubly freeing memory, successful exploit may cause some service abnormal. Affected product versions include:CampusInsight versions...

[SECURITY] [DSA 5898-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5898-1 [email protected] https://www.debian.org/security/ Andres Salomon April 09, 2025 https://www.debian.org/security/faq -...

The vulnerability of the microprogrammed software of Mitel series 6800, 6900, 6900w, and 6970 desktop telephones, related to the ability to bypass authentication, allows attackers to modify phone configuration parameters and trigger a service failure.

The vulnerability of the microprogramming software of Mitel series 6800, 6900, 6900w, and 6970 lies in its ability to bypass authentication. Exploiting this vulnerability allows an attacker to modify the phone’s configuration parameters and cause service failures...

CVE-2023-36268

DoS issues, or unexploitable crashes, are out of scope for vulnerabilities...

Important: samba

Issue Overview: When doing NTLM authentication, the client sends replies to cryptographic challenges back to the server. These replies have variable length. Winbind did not properly bounds-check the lan manager response length, which despite the lan manager version no longer being used is still...

Services and Virtual Servers show State: Unknown. / /var/crash filesystem full

State: Unknown. Services and Virtual Servers /shell $cat df-akin.out FilesystemSizeUsedAvail Capacity iused ifree %iusedMounted on /dev/md0429M415M5.6M99%13k44k23%/ devfs1.0k1.0k0B100%00100%/dev procfs4.0k4.0k0B100%10100%/proc /dev/ad0s1a1.6G160M1.3G11%286211k0%/flash...

CVE-2022-39012

Huawei Aslan Children's Watch has an improper input validation vulnerability. Successful exploitation may cause the watch's application service abnormal...

PT-2022-24668 · Huawei · Huawei Aslan Children'S Watch

Name of the Vulnerable Software and Affected Versions: Huawei Aslan Children's Watch affected versions not specified Description: The issue is related to improper input validation, which may cause the watch's application service to become abnormal upon successful exploitation. Recommendations: At...

The vulnerability of IDEMIA’s biometric identification systems’ microprogramming software lies in the lack of authentication mechanisms, which allows attackers to bypass the authentication process.

The vulnerability of IDEMIA’s biometric identification systems’ microprogramming software is related to the absence of authentication. Exploiting this vulnerability could allow a malicious actor to bypass authentication and cause service failures...

HDX Adaptive Transport Configuration for Gateway Service

If you have users that use Workspace app for Linux or Android to access virtual apps or desktops through Gateway Service, they may be unable to launch sessions after Enlightened Data Transport EDT is enabled in Gateway Service...

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: May 11, 2021 (KB5003435)

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: May 11, 2021 KB5003435 This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE:...

OPENSUSE-SU-2021:0079-1 Security update for ceph

This update for ceph fixes the following issues: Security issues fixed: - CVE-2020-27781: Fixed a privilege escalation via the cephvolumeclient Python interface bsc1179802 bsc1180155. Non-security issues fixed: - Fixes an issue when check in legacy collection reaches end. bsc1179139 - Fixes an...