7649 matches found
CVE-2025-36126
IBM Cognos Analytics 11.2.0, 12.0, and 12.1.0 and IBM Cognos Transformer 12.0, 11.2.4, and 12.1.0 is vulnerable to stored cross-site scripting XSS in Cognos Adminstration. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended...
CVE-2026-8835 IBM HTTP Server is affected by multiple vulnerabilities
IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service...
EUVD-2026-31918
IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service...
CVE-2026-8834
IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service...
CVE-2026-8834
CVE-2026-8834 affects IBM HTTP Server versions 8.5 and 9.0. The issue is a buffer overflow in the server, which could be exploited by a privileged user authenticated to the Administration Server to execute remote code or cause a denial of service. The CVSS metrics indicate an adjacent attack vect...
CVE-2025-36126
IBM Cognos Analytics (versions 11.2.0, 12.0, 12.1.0) and IBM Cognos Transformer (12.0, 11.2.4, 12.1.0) are affected by a stored cross-site scripting (XSS) vulnerability in Cognos Administration. The issue allows a privileged user to embed arbitrary JavaScript in the Web UI, potentially altering f...
CVE-2025-36126 IBM Cognos Analytics is affected by Cross-site scripting.
IBM Cognos Analytics 11.2.0, 12.0, and 12.1.0 and IBM Cognos Transformer 12.0, 11.2.4, and 12.1.0 is vulnerable to stored cross-site scripting XSS in Cognos Adminstration. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended...
PT-2026-43366
Name of the Vulnerable Software and Affected Versions IBM HTTP Server version 8.5 IBM HTTP Server version 9.0 Description An invalid pointer dereference occurs in the Administration Server. A privileged, authenticated user can exploit this issue to cause a denial of service or expose sensitive...
PuTTY 安全漏洞
PuTTY is a suite of free Telnet, Rlogin and SSH client software from the individual developer Simon Tatham. The software is primarily used for remote administration of Linux systems. A security vulnerability exists in PuTTY versions prior to 0.84, which stems from an assertion failure in ECDSA...
[SECURITY] Fedora 44 Update: cockpit-362-1.fc44
The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...
cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
An update is available for cockpit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. It...
[SECURITY] Fedora 44 Update: pgadmin4-9.15-1.fc44
pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: requires CAPNETADMIN to attach NGSM0710 ldisc. Any unprivileged user can attach to NGSM0710 ldisc, but it still requires CAPNETADMIN to create a GSM network. Additionally, it requires the initial namespace setting of...
CVE-2026-9056
A stored cross-site scripting vulnerability has been found in the Talend Administration Center. An attacker with permission to manage servers can store a XSS payload that can be triggered by a different user...
CVE-2026-9057
A broken access control issue has been identified in the Talend Administration Center, that allows a user with “View” permission to modify the Talend Studio update URL. This issue was resolved in a patch, which is already available...
CVE-2026-9057
A broken access control issue has been identified in the Talend Administration Center, that allows a user with “View” permission to modify the Talend Studio update URL. This issue was resolved in a patch, which is already available...
CVE-2026-9057 Security fix for Qlik Talend Administration Center URL access control vulnerability
A broken access control issue has been identified in the Talend Administration Center, that allows a user with “View” permission to modify the Talend Studio update URL. This issue was resolved in a patch, which is already available...
CVE-2026-9057
The vulnerability CVE-2026-9057 affects Talend Administration Center and is a broken access control issue that allows a user with View permission to modify the Talend Studio update URL. Reported impact is high (CVSS 3.1: 8.2, Confidentiality/Integrity High, Availability None) with network attack ...
CVE-2026-9057 Security fix for Qlik Talend Administration Center URL access control vulnerability
A broken access control issue has been identified in the Talend Administration Center, that allows a user with “View” permission to modify the Talend Studio update URL. This issue was resolved in a patch, which is already available...
EUVD-2026-31061
A broken access control issue has been identified in the Talend Administration Center, that allows a user with “View” permission to modify the Talend Studio update URL. This issue was resolved in a patch, which is already available...