USN-8341-1 openjdk-26 vulnerabilities

Thomas Beckers discovered that the JAXP component of OpenJDK 26 did not correctly authenticate certain APIs. A remote unauthenticated attacker could possibly use this issue to gain unauthorized access to sensitive information. CVE-2026-22016 It was discovered that the Networking component of...

Mesalvo Meona Client Launcher Component和Mesalvo Meona Server Component 安全漏洞

The Mesalvo Meona Client Launcher Component and the Mesalvo Meona Server Component are both products of the Mesalvo company. The Mesalvo Meona Client Launcher Component is a component designed for launching clients of medical information systems and facilitating application access. The Mesalvo...

EUVD-2019-6403

Malware in sbrugna...

EUVD-2010-2851

Malware in sbrugna...

EUVD-2023-35743

Malicious code in bioql PyPI...

Security Bulletin: IBM QRadar Use Case Manager app is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. The update addresses these issues. Vulnerability Details CVEID:CVE-2024-45590 DESCRIPTION: expressjs body-parser is vulnerable to a denial of service, caused by ...

ROS-20241024-02

Vulnerability in the drm component of the Linux operating system kernel is related to use-after-use errors in the drmgemprimemmap release in the drmgemprimemmap function in drivers/gpu/drm/drmprime.c. Exploitation of the vulnerability could allow an attacker to escalate privileges on the system...

Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows attackers to gain access to read, modify, or delete data.

Vulnerability of the MySQL Cluster component: General database management system vulnerabilities related to MySQL Cluster are associated with insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain read, modify, or delete access to data using the MySQL...

Security Bulletin: IBM Security SOAR is using a component with multiple known vulnerabilities

Summary IBM Security SOAR uses an older version of Java that may be identified and exploited. An update has been released which addresses these issues. It is recommended upgrading to Version 50.2 or later of IBM Security SOAR. AppHost users should upgrade to version 1.15.1.1 of AppHost...

Security Bulletin: IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. This update addresses these CVEs. Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused...

Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows attackers to gain privileged access

Vulnerability of the MySQL Cluster component: General database management system vulnerabilities in MySQL Cluster exist due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to gain privileged access remotely...

Security Bulletin: IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2019-13990 DESCRIPTION: Terracotta could allow a remote attacker to obtain sensitive information, caused by improper handling of...

Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2018-18074 DESCRIPTION: The Requests package for Python could allow a remote attacker to obtain sensitive information, caused by...

毎日の耳かき - Dangerous filesystem permissions, Dynamic Code Loading, Exported components vulnerabilities

HackApp vulnerability scanner discovered that application 毎日の耳かき published at the 'play' market has multiple vulnerabilities...

Indiegogo - Customized SSL, Dynamic Code Loading, Exported components vulnerabilities

HackApp vulnerability scanner discovered that application Indiegogo published at the 'play' market has multiple vulnerabilities...

Important: java-1.8.0-openjdk

Issue Overview: Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. CVE-2015-4835, CVE-2015-4881, CVE-2015-4843, CVE-2015-4883,...

ESA-2014-016: EMC VPLEX Multiple Vulnerabilities

ESA-2014-016.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-016: EMC VPLEX Multiple Vulnerabilities EMC Identifier: ESA-2014-016 CVE Identifier: See below for individual CVEs Severity Rating: CVSS v2 Base Score: See below for individual CVSS scores Affected products: All versions from...