Security Bulletin: IBM SPSS Modeler is vulnerabile to SSL private key exposure (CVE-2023-33842)

Summary An SSL private key exposure in IBM SPSS Modeler could allow a local user to decrypt and obtain sensitive information Vulnerability Details CVEID:CVE-2023-33842 DESCRIPTION: IBM SPSS Modeler on Windows requires the end user to have access to the server SSL key which could allow a local use...

SUSE-SU-2026:0769-1 Security update for postgresql18

This update for postgresql18 fixes the following issue: Update to version 18.3 bsc1258754. Regression fixes: - the substring function raises an error 'invalid byte sequence for encoding' on non-ASCII text values if the source of that value is a database column caused by CVE-2026-2006 fix. - a...

Microsoft GitHub Copilot and Visual Studio 命令注入漏洞

Microsoft GitHub Copilot and Visual Studio are generative AI tools developed by the American company Microsoft. There are command injection vulnerabilities in Microsoft GitHub Copilot and Visual Studio. Attackers can exploit these vulnerabilities to gain higher privileges. The following products...

CVE-2025-24089

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3. An app may be able to enumerate a user's installed apps...

CVE-2025-12653 Authentication Bypass by Spoofing in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that under specific conditions could have allowed an unauthenticated user to join arbitrary organizations by changing headers on some requests...

GitLab CE/EE 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab CE/EE versions 18.3 through 18.4.5 or earlie...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab EE versions 18.1 through 18.3 prior ...

BIT-GITLAB-2025-10868 Business Logic Errors in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 17.4 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1 where certain string conversion methods exhibit performance degradation with large inputs...

BIT-GITLAB-2025-3601 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 8.15 before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that could have could have allowed an authenticated user to cause a Denial of Service DoS condition by submitting URLs that generate excessively large responses...

Azure File Sync Agent v18.3 Release – August 2025 (KB5063613)

Security Update for Azure File Sync agent version 18.3.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v18.3 Release – August 2025 (KB5063613)

Security Update for Azure File Sync agent version 18.3.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v18.3 Release - August 2025 (Security-only update)

Azure File Sync Agent v18.3 Release - August 2025 Security-only update This article describes the improvements and issues that are fixed in the Azure File Sync Agent v18.3 release that is dated August 2025. Additionally, this article contains installation instructions for this release. Improvemen...

CVE-2025-24091

An app could impersonate system notifications. Sensitive notifications now require restricted entitlements. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.3. An app may be able to cause a denial-of-service...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 18.3 and iPadOS version 18.3, which stems from parsing files that cou...

PT-2022-1478 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions 17.3R3-S9 through 17.3R3-S12 Juniper Networks Junos OS versions 17.4R3-S3 through 17.4R3-S5 Juniper Networks Junos OS versions 18.1R3-S11 through 18.1R3-S13 Juniper Networks Junos OS versions 18.2R3-S6 and...

WordPress Frontend File Manager plugin <= 18.2 - Unauthenticated Arbitrary Post Deletion vulnerability

Unauthenticated Arbitrary Post Deletion vulnerability discovered by Jerome Bruandet NinTechNet in WordPress Frontend File Manager plugin versions = 18.2. Solution Update the WordPress Frontend File Manager plugin to the latest available version at least 18.3...

Juniper Junos OS Vulnerability (JSA11129)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11129 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable Network Security, Inc...

CVE-2020-1664 Junos OS: Buffer overflow vulnerability in device control daemon

A stack buffer overflow vulnerability in the device control daemon DCD on Juniper Networks Junos OS allows a low privilege local user to create a Denial of Service DoS against the daemon or execute arbitrary code in the system with root privilege. This issue affects Juniper Networks Junos OS: 17....

Microsoft SQL Server Management Studio Information Disclosure Vulnerability (CNVD-2020-13542)

Microsoft SQL Server Management Studio is an integrated environment for managing multiple SQL infrastructures from Microsoft. The product is mainly used for setting up, monitoring and managing SQL programs. An information disclosure vulnerability exists in Microsoft SQL Server Management Studio...