CVE-2025-31970

HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability where the Content-Security-Policy does not define strict directives for object-src and base-uri, which could allow an attacker to exploit injection vectors such as Cross-Site Scripting XSS...

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by Information disclosure due to default passwords not being forced to be changed on post-installation

Summary The default password is used by IBM Operations Analytics - Log Analysis as part of the authentication to the Log Analysis User Interface. CVE-2026-7365. Vulnerability Details CVEID:CVE-2026-7365 DESCRIPTION: IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords...

Security Bulletin: Vulnerabilities exists in IBM Netezza Analytics for NPS

Summary Vulnerabilities exists in IBM Netezza Analytics for NPS addressed in 11.2.30. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, an...

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2561 more potentially affected by CVE-2026-42587 via io.netty:netty-codec-http2 (>=4.2.0.Alpha1 <=4.2.12.Final)

io.netty:netty-codec-http2 MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2026-42587 Source advisory: SNYK:JAVA-IONETTY-16438929...

CVE-2025-59851 HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability

HCL DFXAnalytics is affected by a Using Components with Known Vulnerabilities flaw where the application utilizes unpatched libraries or sub-components, which could allow an attacker to identify and exploit publicly known security vulnerabilities to gain unauthorized access or compromise the...

CVE-2026-43064

A flaw was found in the Linux kernel's dmaengine IDXD driver. The workqueue associated with a Data Streaming Accelerator DSA or In-Memory Analytics Accelerator IAA device is not properly released when the object is freed. This resource leak may lead to a denial of service...

HCL DFXAnalytics 安全漏洞

HCL DFXAnalytics is a software delivery and operations analytics platform developed by the Indian company HCL. HCL DFXAnalytics has a security vulnerability, which stems from the use of components with known vulnerabilities. The application also utilizes libraries or sub-components that are not...

Malicious code in ms.analytics-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8603a11b43db05d179ab55b635a517ed40832c05fc4365a1ba69d2ec1eb5092 The package ms.analytics-web was found to contain malicious code. Source: ossf-package-analysis...

Malicious Package

Overview @sbtgitverse/analytics-client is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

WordPress AWCA – The Great Analytics Insights for Your eStore plugin <= 3.12.0 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Advanced WC Analytics versions = 3.12.0...

WordPress GA4WP – Analytics Dashboard for the Website plugin <= 2.6.0 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin GA4WP: Google Analytics for WordPress versions = 2.6.0...

WordPress Independent Analytics plugin <= 2.9.7 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Independent Analytics - Google Analytics Alternative for WordPress versions = 2.9.7...

Integrating Log-Based Security Analytics in Agile Workflows: A Real-World Experience Report

Modern organizations increasingly rely on log data and monitoring signals to protect products against account takeovers and abuse, yet integrating security analytics into fast-moving Agile workflows remains challenging. While it is important to understand how security practices are developed and...

CVE-2026-7401 SourceCodester CET Automated Grading System with AI Predictive Analytics Registration index.php register cross site scripting

A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=register of the component Registration. The manipulation of the argument studentid/fullname/section/username results ...

SourceCodester CET Automated Grading System with AI Predictive Analytics 跨站脚本漏洞

SourceCodester CET Automated Grading System with AI Predictive Analytics is an open-source English language assessment system based on artificial intelligence predictive analytics, developed by SourceCodester. Version 1.0 of the SourceCodester CET Automated Grading System with AI Predictive...

Simplifying AWS defense with Microsoft Sentinel UEBA

In this article 1. Under the hood: The tables 2. Traditional vs. new approach 3. Real-world attack scenarios: Microsoft Sentinel UEBA in action 4. Practical implementation: Getting started 5. Limitations and constraints 6. From raw logs to behavioral context With the expansion of Microsoft Sentin...

Simplifying AWS defense with Microsoft Sentinel UEBA

In this article 1. Under the hood: The tables 2. Traditional vs. new approach 3. Real-world attack scenarios: Microsoft Sentinel UEBA in action 4. Practical implementation: Getting started 5. Limitations and constraints 6. From raw logs to behavioral context With the expansion of Microsoft Sentin...

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by Cross-site scripting (XSS) vulnerability due to Apache Solr

Summary Admin UI in Apache Solr is used by IBM Operations Analytics - Log Analysis as part of the Solr administrative web interface. CVE-2015-8797. Vulnerability Details CVEID:CVE-2015-8797 DESCRIPTION: Cross-site scripting XSS vulnerability in webapp/web/js/scripts/plugins.js in the stats page i...

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by denial of service and weaker than expected security vulnerabilities in WebSphere Application Server Liberty

Summary WebSphere Application Server Liberty is used by IBM Operations Analytics - Log Analysis as part of the application security stack and security utility. CVE-2025-14923 and CVE-2024-29371. Vulnerability Details CVEID:CVE-2025-14923 DESCRIPTION: IBM WebSphere Application Server - Liberty...

Malicious code in @sbt_gitverse/analytics-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2858d6765b337bc72b69faaa1a64e528931e8230756aa8a1d5ab4e58793357a The package @sbtgitverse/analytics-client was found to contain malicious code. Source: ghsa-malware...