Security Bulletin: IBM MQ Appliance is affected by a denial of service vulnerability (CVE-2026-21945)

Summary IBM MQ Appliance has addressed a denial of service vulnerability. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that allows an remote attacker to cause a hang or repeatable crash of...

CVE-2025-14456

IBM MQ Appliance 9.4 CD through 9.4.4.0 to 9.4.4.1...

CVE-2025-14456

IBM MQ Appliance 9.4 CD through 9.4.4.0 to 9.4.4.1...

CVE-2025-14456 IBM MQ Appliance uses weaker than expected cryptographic algorithms

IBM MQ Appliance 9.4 CD through 9.4.4.0 to 9.4.4.1...

CVE-2024-2624

A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui application, specifically within the @router.get"/switchpersonalpath" endpoint in ./lollms-webui/lollmscore/lollms/server/endpoints/lollmsuser.py. The vulnerability arises due to insufficient sanitization...

CVE-2025-53044

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

EUVD-2020-21410

Malware in sbrugna...

EUVD-2017-11911

Malware in sbrugna...

CVE-2024-52896

IBM MQ 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned...

CVE-2017-17698

Zoho ManageEngine Password Manager Pro 9 before 9.4 9400 has reflected XSS in SearchResult.ec and BulkAccessControlView.ec...

IBM MQ 9.3 < 9.3.0.26 LTS / 9.3 < 9.4 CD / 9.4 < 9.4.0.7 LTS (7178243)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7178243 advisory. - IBM MQ Appliance 9.3 LTS, 9.3 CD, and 9.4 LTS web console could allow an authenticated user to cause a denial-of-service when trace is enabled due to information being...

SAS Studio 安全漏洞

SAS Studio is a Web browser-based programming environment from SAS. A security vulnerability exists in SAS Studio version 9.4 that originates from allowing a remote attacker to upload malicious files...

PT-2024-33195 · Sas · Sas Studio

Name of the Vulnerable Software and Affected Versions: SAS Studio version 9.4 Description: The issue allows a remote attacker to access internal files by manipulating the default path during file download through the /SASStudio/sasexec/sessions/sessionID/workspace/InternalPath endpoint, using...

Security Bulletin: IBM MQ is affected by multiple vulnerabilities in the IBM Runtime Environment, Java Technology Edition

Summary Multiple issues were identified with IBM Runtime Environment, Java Technology Edition, version 8 which is shipped with IBM MQ. Vulnerability Details CVEID:CVE-2024-21147 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause...

IBM MQ 9.1 < 9.1.0.23 LTS / 9.2 < 9.2.0.27 LTS / 9.3 < 9.3.0.21 LTS / 9.3 < 9.4 CD / 9.4 < 9.4.0.5 LTS (7167208)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7167208 advisory. - IBM MQ could allow an authenticated user in a specifically defined role, to bypass security restrictions and execute actions against the queue manager. CVE-2024-40681 No...

Security Bulletin: IBM MQ Appliance vulnerable to bypassing security restrictions (CVE-2024-40681)

Summary IBM MQ Appliance has addressed a security bypass vulnerablity. Vulnerability Details CVEID:CVE-2024-40681 DESCRIPTION: IBM MQ could allow an authenticated user in a specifically defined role, to bypass security restrictions and execute actions against the queue manager. CVSS Base score: 7...

Security Bulletin: IBM MQ Appliance is vulnerable to exposure of sensitive information (CVE-2023-5981 and CVE-2024-0533)

Summary IBM MQ Appliance has addressed GNU GnuTLS exposure of sensitive information vulnerabilities. Vulnerability Details CVEID:CVE-2023-5981 DESCRIPTION: GNU GnuTLS could allow a remote attacker to obtain sensitive information, caused by a timing sidechannel issue during RSA-PSK key exchange. B...

WordPress WP Cerber Security Plugin <= 9.4 is vulnerable to Bypass Vulnerability

Software WP Cerber Security Type Plugin Vulnerable versions = 9.4 Fixed in 9.5 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2022-4100 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e81948cda6a5 Credits chihyu Required privilege...

CVE-2022-4100

The WP Cerber Security plugin for WordPress is vulnerable to IP Protection bypass in versions up to, and including 9.4 due to the plugin improperly checking for a visitor's IP address. This makes it possible for an attacker whose IP address has been blocked to bypass this control by setting the...

PT-2024-11638 · WordPress · Wp Cerber Security

Name of the Vulnerable Software and Affected Versions: WP Cerber Security plugin for WordPress versions up to, and including 9.4 Description: The WP Cerber Security plugin for WordPress is vulnerable to IP Protection bypass due to the plugin improperly checking for a visitor's IP address. This...