7 matches found
Security Bulletin: Vulnerability in Lodash affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
Summary Potential vulnerability in Lodash has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...
CVE-2026-47846
Bitnami Cassandra container images are affected by a retained default superuser vulnerability. When a custom administrator account is configured via the CASSANDRAUSER environment variable, the container initialization script creates the new superuser account but fails to drop the built-in cassand...
CVE-2026-42782 Apache Syncope: Post-auth RCE via Groovy static
Improper Isolation or Compartmentalization vulnerability in Apache Syncope. An administrator with adequate entitlements for Implementations can create a malicious Groovy class containing untrusted code reaching a non-sandboxed execution path via the class static initializer. This issue affects...
CVE-2026-29067
ZITADEL (open source identity platform) has a CVE-2026-29067 vulnerability affecting the login V2 password reset flow in versions 4.0.0-rc.1 through 4.7.0. The issue arises from constructing the password reset URL using the Forwarded or X-Forwarded-Host header, which can enable an attacker to inf...
Linux Distros Unpatched Vulnerability : CVE-2023-41038
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firebird is a relational database. Versions 4.0.0 through 4.0.3 and version 5.0 beta1 are vulnerable to a server crash when a user uses a specific form of SET...
com.instaclustr:cassandra-4 (=1.0), com.instaclustr:cassandra-kerberos-4 (=1.0.0) +24 more potentially affected by CVE-2025-23015 via org.apache.cassandra:cassandra-all (>=4.0-alpha3 <=4.0.13)
org.apache.cassandra:cassandra-all MAVEN version =4.0-alpha3, =1.0.2, =1.1, =1.0.0, =1.0.0, =4.4.0.0, =4.4.0.1 and more Source cves: CVE-2025-23015 Source advisory: OSV:GHSA-WMCC-9VCH-JMX4...
Contao Information Disclosure Vulnerability
Contao is an open source content management system CMS developed using PHP. The system supports search engine , rights management and CSS framework . An information disclosure vulnerability exists in Contao versions 4.0 to 4.8.5. The vulnerability arises from errors in configuration and other...