12864 matches found
CVE-2026-7365
IBM Operations Analytics - Log Analysis and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication...
UBUNTU-CVE-2026-45947
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpuacpienumeratexcc In amdgpuacpienumeratexcc, if amdgpuacpidevinit returns -ENOMEM, the function returns directly without releasing the allocated xccinfo, resulting in a memory leak. Fix this by...
CVE-2024-40684
IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4 IBM SmartCloud Analytics - Log Analysis does not require that users should have strong passwords by default, which makes it easi...
EUVD-2026-32505
IBM Operations Analytics - Log Analysis and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication...
CVE-2026-7365
IBM Operations Analytics - Log Analysis and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication...
CVE-2026-7365 IBM Operations Analytics - Log Analysis is affected by Information disclosure due to default passwords not being forced to be changed on post-installation
IBM Operations Analytics - Log Analysis and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication...
CVE-2026-7365
CVE-2026-7365 affects IBM Operations Analytics - Log Analysis (and IBM SmartCloud Analytics - Log Analysis) where default passwords from manufacturing are used during installation, enabling potential authentication bypass. The IBM advisory lists affected versions of IBM Operations Analytics - Log...
EUVD-2024-55600
IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4 IBM SmartCloud Analytics - Log Analysis does not require that users should have strong passwords by default, which makes it easi...
CVE-2024-40684 IBM Operations Analytics - Log Analysis is affected by Weak Password Policy and Inadequate Account Lockout Mechanism
IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4 IBM SmartCloud Analytics - Log Analysis does not require that users should have strong passwords by default, which makes it easi...
CVE-2024-40684
CVE-2024-40684 affects IBM Operations Analytics – Log Analysis (versions 1.3.5.0–1.3.8.4). The root cause is weaknesses in backend authentication and session management that allow weak password policy enforcement by default, facilitating potential account compromise. Impact is described as a lack...
CVE-2024-40684 IBM Operations Analytics - Log Analysis is affected by Weak Password Policy and Inadequate Account Lockout Mechanism
IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4 IBM SmartCloud Analytics - Log Analysis does not require that users should have strong passwords by default, which makes it easi...
PHANTOM_old
PHANTOM Autonomous Penetration Testing Framework Recon -...
Malicious code in editorial-code (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d7404afc131a113ef01d7eb896439a8719bb0f1b8d67e491d53321fdd5981e97 The OpenSSF Package Analysis project identified 'editorial-code' @ 99.0.1 npm as malicious. It is considered malicious because: - The package...
Malicious code in mse-authentication (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a953627a77037de50d82384daca1d98d101c4c09b315ab91fd597a43557fbd99 The OpenSSF Package Analysis project identified 'mse-authentication' @ 99.0.1 npm as malicious. It is considered malicious because: - The packag...
Malicious code in editorial-mse-authentication-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a97fd474e8661c575287f7cc9fddd0ee1ac95240c13653555ca2b416e895b99a The OpenSSF Package Analysis project identified 'editorial-mse-authentication-ui' @ 99.0.1 npm as malicious. It is considered malicious because:...
vulnhunt-agent
Vulnerability Hunting Agent An LLM agent that reads code,...
Malicious code in quatres (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0d720315dd49970cfc00c39f4e377485b2746a4fc24f42dec7e79d0749ab9a7d During import, the hidden code downloads and executes the second-stage code. After performing anti-analysis checks, it downloads a malicious executable and...
IBM Operations Analytics-Log Analysis 安全漏洞
IBM Operations Analytics-Log Analysis is a semi-structured data analysis solution provided by the American multinational company International Business Machines IBM. This product is primarily used for application log analysis and problem diagnosis. There is a security vulnerability in IBM...
Technical Report: Exploring the Emerging Threats of the Agent Skill Ecosystem
We analyzed 3,984 AI agent skills from major marketplaces and found 76 confirmed malicious payloads, including credential theft, backdoor installation, and data exfiltration. 13.4% of all skills contain at least one critical-level security issue and at least 8 manually confirmed malicious skills...
Joern 4.0.548
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...