12 matches found
CVE-2026-15702
A security vulnerability has been detected in tamagui up to 2.3.0. This affects the function updateConfig of the file code/core/web/src/config.ts. Such manipulation leads to improperly controlled modification of object prototype attributes. The attack may be performed from remote. Upgrading to...
Security Bulletin: Watsonx.data Input Interpretation Vulnerability Could Enable Improper External Service Access
Summary Watonx.data could allow an authenticated user to interact with external services improperly due to interpretation conflicts of user supplied input. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2025-36141 DESCRIPTION: IBM Lakehouse could allow an authenticated user to...
Security Bulletin: runc File Descriptor Leak Leads to Container Escape Vulnerability (Fixed in 1.1.12), affects watsonx.data
Summary runc ≤ 1.1.11 contains a file descriptor leak vulnerability that can allow container processes to access the host filesystem, leading to potential container escape and host compromise. Fixed in version 1.1.12. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2024-21626...
Security Bulletin: Memory Safety Vulnerabilities in SSH Agents and Servers: Out-of-Bounds Read and Unbounded Memory Consumption, affects watsonx.data
Summary SSH Agent servers are vulnerable to out-of-bounds reads when processing malformed new identity requests, which can cause the agent to panic. Additionally, SSH servers handling GSSAPI authentication requests do not validate the number of mechanisms specified, potentially allowing attackers...
CVE-2025-59843
Flag Forge is a Capture The Flag CTF platform. From versions 2.0.0 to before 2.3.2, the public endpoint /api/user/username returns user email addresses in its JSON response. The fix, intended for release in 2.3.1 but only available starting in version 2.3.2, removes email addresses from public AP...
PT-2024-12003 · Brainstorm Force · Spectra
Name of the Vulnerable Software and Affected Versions: Brainstorm Force Spectra versions through 2.3.0 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions through...
PT-2024-28096 · Qumagie · Qumagie
Name of the Vulnerable Software and Affected Versions: QuMagie versions prior to 2.3.1 Description: An improper certificate validation issue affects QuMagie, potentially allowing local network users to compromise system security via unspecified vectors. Recommendations: For versions prior to 2.3....
PT-2024-23170 · Brocade · Brocade Sannav
Name of the Vulnerable Software and Affected Versions: Brocade SANnav versions prior to 2.3.1 Brocade SANnav version 2.3.0a Description: The issue allows a Brocade SANnav service to send ping commands in the background at regular intervals to gridgain.com to check if updates are available for the...
PT-2024-23165 · Brocade · Brocade Sannav
Name of the Vulnerable Software and Affected Versions: Brocade SANnav versions prior to 2.3.1 Brocade SANnav version 2.3.0a Description: The issue concerns the use of the SHA-1 hash in internal SSH ports. These ports are not open to remote connection. Recommendations: For Brocade SANnav versions...
PT-2024-4304 · Brocade · Brocade Sannav
Name of the Vulnerable Software and Affected Versions: Brocade SANnav versions prior to 2.3.1 Brocade SANnav version 2.3.0a Description: The issue is related to insufficient protection of registration data, which could allow a remote attacker to gain unauthorized access to protected information. ...
PT-2024-1786 · Intel · Intel Battery Life Diagnostic Tool
Name of the Vulnerable Software and Affected Versions: Intel Battery Life Diagnostic Tool versions prior to 2.3.1 Description: The issue is related to an uncontrolled search path element in the Intel Battery Life Diagnostic Tool software. Exploitation of this issue may allow an attacker to escala...
PT-2023-15449 · WordPress · Portfolio For Elementor
Name of the Vulnerable Software and Affected Versions: The Portfolio for Elementor WordPress plugin versions prior to 2.3.1 Description: The issue concerns a lack of validation and escaping of certain shortcode attributes, which can lead to Stored Cross-Site Scripting attacks. Users with a role a...