Security Bulletin: Vulnerabilities exists in IBM Netezza Analytics for NPS

Summary Vulnerabilities exists in IBM Netezza Analytics for NPS addressed in 11.2.30. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, an...

PT-2026-34472

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 11.2 through 18.9.5 GitLab CE/EE versions 18.10 through 18.10.3 GitLab CE/EE versions 18.11 through 18.11.0 Description An improper authorization check allows an authenticated user with project owner permissions to bypass...

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Vulnerabilities exist in Mattermost versions 11.2.2 and earlier of the 11.2.x series, as well as versions 10.11.10 and earlier of the 10.11.x series, 11.4.0 and earlier of the 11.4.x series, and 11.3...

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. There is a security vulnerability in Mattermost, which stems from the lack of verification of the size of extracted files during decompression. This vulnerability could allow authenticated users to b...

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.3.0 and earlier 11.3.x series, as well as 11.2.2 and earlier versions 11.2.x series, have security vulnerabilities. These vulnerabilities stem from the unauthorized...

Adobe Substance3D Painter 代码问题漏洞

Adobe Substance3D Painter is a 3D scene-building software developed by Adobe, a company based in America. Versions of Adobe Substance3D Painter 11.1.2 and earlier contained a code vulnerability caused by a null pointer dereferencing, which could lead to a denial-of-service attack...

CVE-2026-27072

CVE-2026-27072 affects the WordPress plugin PixelYourSite – Your smart PIXEL (TAG) Manager. The issue is a Stored Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization in web page generation, exploitable via the pysTrafficSource and pys_landing_page parameters. Affected...

CVE-2026-0999 Authentication bypass via userID login when email and username login are disabled

Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 fail to properly validate login method restrictions which allows an authenticated user to bypass SSO-only login requirements via userID-based authentication. Mattermost Advisory ID: MMSA-2025-00548...

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.1.2 and earlier 11.1.x series, 10.11.9 and earlier 10.11.x series, and 11.2.1 and earlier 11.2.x series have security vulnerabilities. These vulnerabilities stem fro...

Linux Distros Unpatched Vulnerability : CVE-2019-17561

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Apache NetBeans autoupdate system does not fully validate code signatures. An attacker could modify the downloaded nbm and include additional code. Apache...

CVE-2025-54190

Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

TONGDA Office Anywhere 授权问题漏洞

TONGDA Office Anywhere is a collaborative office OA system. An authorization issue vulnerability exists in TONGDA Office Anywhere versions 11.2 to 11.6, which arises from incorrect authorization...

CVE-2024-8148

There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.2 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks...

Projeqtor SQL注入漏洞

Projeqtor is an open source PHP-based project management software from the Projeqtor community. The software is used to organize various functions required for multiple projects and is suitable for IT projects. An SQL injection vulnerability exists in Projeqtor version 11.2.0 and earlier, which...

CVE-2023-39374

ForeScout NAC SecureConnector version 11.2 - CWE-427: Uncontrolled Search Path Element...

ForeScout SecureConnector Code Issue Vulnerability

Forescout ForeScout SecureConnector is a network security software from Forescout, Inc. that authenticates machines attempting to join a network. A code issue vulnerability exists in ForeScout SecureConnector version 11.2 that stems from the presence of uncontrolled search path elements...

Vulnerabilities fixed in IBM Cognos

IBM has fixed vulnerabilities in Cognos Analytics. A malicious party could exploit the vulnerabilities to cause a Denial-of-Service, or to launch a Cross-Site-Scripting XSS attack. Such an attack can lead to execution of arbitrary code in the context of the victim's browser, or access to sensitiv...

IBM Cognos Analytics 跨站脚本漏洞

IBM Cognos Analytics is a suite of business intelligence software from International Business Machines IBM. The software includes reports, dashboards, and scorecards, and can assist organizations in adjusting their decision-making by analyzing such things as key factors and key people. A security...

IBM Cognos Analytics 跨站脚本漏洞

IBM Cognos Analytics is a suite of business intelligence software from International Business Machines IBM. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A cross-site scripti...

GNU GCC 资源管理错误漏洞

Gcc is a collection of Gnu compilers. It is mainly used to compile the C and C++ languages. A security vulnerability exists in GNU GCC 11.2, which stems from a stack overflow in nm-new that can be triggered by an attacker via a crafted elf file...