CVE-2025-0985 IBM MQ information disclosure

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD stores potentially sensitive information in environment variables that could be obtained by a local user...

CVE-2025-0985

Summary (CVE-2025-0985): IBM MQ 9.3 LTS/9.3 CD and 9.4 LTS/9.4 CD may store potentially sensitive information in environment variables that could be obtained by a local user. The CVSSv3.1 base score is 6.5 (Medium), with impact on confidentiality only. No exploitation details are provided in the ...

CVE-2025-0985 IBM MQ information disclosure

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD stores potentially sensitive information in environment variables that could be obtained by a local user...

PT-2025-9114 · Ibm · Ibm Mq

Name of the Vulnerable Software and Affected Versions: IBM MQ versions 9.3 LTS through 9.4 CD Description: The issue concerns the storage of potentially sensitive information in environment variables, which could be accessed by a local user. Recommendations: For IBM MQ versions 9.3 LTS through 9....

IBM MQ 安全漏洞

IBM MQ is a messaging middleware product from International Business Machines IBM. The product focuses on providing a reliable and validated messaging backbone for Service Oriented Architecture SOA. A security vulnerability exists in IBM MQ that stems from storing sensitive information in...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the firmware: qcom: scm module not cleaning up global variables when probing fails...

CVE-2025-27336

Cross-Site Request Forgery CSRF vulnerability in Alex Prokopenko / JustCoded Just Variables just-wp-variables allows Cross Site Request Forgery.This issue affects Just Variables: from n/a through = 1.2.3...

CVE-2022-49638

In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl. While reading icmp sysctl variables, they can be changed concurrently. So, we need to add READONCE to avoid data-races...

CVE-2022-49639

CVE-2022-49639 refers to a Linux kernel issue in the cipso subsystem where sysctl read operations could race with concurrent writes. The root cause is missing synchronization while reading cipso sysctl variables, and the fix is to add READ_ONCE() to prevent data races. Public documents in the con...

CVE-2022-49638 icmp: Fix data-races around sysctl.

In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl. While reading icmp sysctl variables, they can be changed concurrently. So, we need to add READONCE to avoid data-races...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a page error in Apple firmware code when reading db and dbx efi variables on Apple T2 Macs...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from uninitialized variables in usbread8 and related functions in the staging rtl8712 driver...

Important: postgresql

Issue Overview: Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables e.g. PATH. That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system...

Important: postgresql

Issue Overview: Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables e.g. PATH. That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system...

CVE-2025-27336

Cross-Site Request Forgery CSRF vulnerability in Alex Prokopenko / JustCoded Just Variables just-wp-variables allows Cross Site Request Forgery.This issue affects Just Variables: from n/a through = 1.2.3...

WordPress Just Variables Plugin <= 1.2.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Just Variables versions = 1.2.3...

CVE-2025-27336 WordPress Just Variables Plugin <= 1.2.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Alex Prokopenko / JustCoded Just Variables just-wp-variables allows Cross Site Request Forgery.This issue affects Just Variables: from n/a through = 1.2.3...

CVE-2025-27336 WordPress Just Variables Plugin <= 1.2.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Alex Prokopenko / JustCoded Just Variables just-wp-variables allows Cross Site Request Forgery.This issue affects Just Variables: from n/a through = 1.2.3...

CVE-2025-27336

CVE-2025-27336 is a Cross-Site Request Forgery (CSRF) vulnerability reported for WordPress plugin Just Variables (JustCoded) affecting versions up to 1.2.3. The provided metrics indicate a CVSS v3.1 base score of 4.3 (Medium) with network attack vector, requiring user interaction, and partial imp...

Advisory ROSA-SA-2025-2719

Software: sudo 1.9.5p2 OS: ROSA Virtualization 3.0 packageevrstring: sudo-1.9.5p2-1 CVE-ID: CVE-2021-3156 BDU-ID: 2021-00364 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the parseargs function of the Sudo system administration program is related to a buffer overflow in dynamic memory. Exploitatio...