Security Bulletin: Vulnerabilities in Netty affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Netty has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-25193 DESCRIPTION: Netty, an...

EUVD-2016-3566

Malware in sbrugna...

EUVD-2018-13596

Malware in sbrugna...

EUVD-2016-2712

Malware in sbrugna...

EUVD-2002-1827

Malware in sbrugna...

EUVD-2019-9084

Malware in sbrugna...

EUVD-2024-28242

Malicious code in bioql PyPI...

PT-2025-23404 · Nucom · Nucom Nc-Wr744G

Name of the Vulnerable Software and Affected Versions: NuCom NC-WR744G version 8.5.5 Build 20200530.307 Description: A critical vulnerability was found in the Console Application component of the affected software. The issue involves the manipulation of the CMCCAdmin/useradmin/CUAdmin argument,...

K000151542: OpenSSL vulnerability CVE-2025-4575

Security Advisory Description Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as truste...

CVE-2023-32568

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2.800 and 8.x before 8.0.410. The VIOM web application does not validate user-supplied data and appends it to OS commands and internal binaries used by the application. An attacker with root/administrator level...

CVE-2020-27413

An issue was discovered in Mahavitaran android application 7.50 and below, allows local attackers to read cleartext username and password while the user is logged into the application...

CVE-2025-4575

Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste...

CVE-2019-12171

Dropbox.exe and QtWebEngineProcess.exe in the Web Helper in the Dropbox desktop application 71.4.108.0 store cleartext credentials in memory upon successful login or new account creation. These are not securely freed in the running process...

CVE-2019-15365

The Lava Z92 Android device with a build fingerprint of LAVA/Z92/Z92:8.1.0/O11019/1535088037:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a system property...

CVE-2005-2512

Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an HTML message, loads remote images even when the user's preferences state otherwise, which could result in a privacy leak...

CVE-2025-32882

CVE-2025-32882 affects goTenna V1 devices: application 5.5.3 and firmware 0.25.5 use a custom encryption implementation without integrity checking, making messages malleable. This vulnerability is described across multiple sources (NVD, Red Hat, PT Security) with no confirmed exploitation details...

CVE-2025-22624

FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry and Carousel 2.4.29 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/extensions/albums/admin/class-meta boxes.php...

App Layering | The digital signature on wfica32.exe is invalid

When opening a Citrix application from the store, the .ica is downloaded to the computer. When that .ica file is opened, an error message appears: "The digital signature on wfica32.exe is invalid."...

AlmaLinux 8 : zlib (ALSA-2022:7106)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:7106 advisory. - zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications tha...

CVE-2020-20095

iMessage Messages app iOS 12.4 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages...