12364 matches found
CVE-2025-13460
Summary: CVE-2025-13460 affects IBM Aspera Console versions 3.3.0–3.4.8 and enables an attacker to enumerate usernames due to an observable response discrepancy (information disclosure). Affected software: IBM Aspera Console (Web-based management/UI) within the 3.3.0–3.4.8 range. Impact: Informat...
CVE-2025-12454
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0...
CVE-2025-12453
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0...
CVE-2025-12453 Improper neutralization of input during web page generation vulnerability has been discovered in OpenText™ Vertica.
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0...
CVE-2025-12453
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0...
CVE-2025-12453
CVE-2025-12453 describes an improper neutralization of input during web page generation that enables a Reflected XSS in the OpenText Vertica management console. Affected software ranges across Vertica versions: 10.0–10.x, 11.0–11.x, 12.0–12.x, 23.0–23.x, 24.0–24.x, 25.1.0–25.1.x, 25.2.0–25.2.x, a...
CVE-2025-12454 Improper neutralization of input during web page generation vulnerability has been discovered in OpenText™ Vertica.
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0...
CVE-2025-12454
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0...
CVE-2025-12454
CVE-2025-12454 affects OpenText Vertica via an input handling flaw in the web page generation of the management console, causing a Reflected XSS vulnerability. Affected versions span Vertica 10.0–10.X, 11.0–11.X, 12.0–12.X, 23.0–23.X, 24.0–24.X, and 25.1.0–25.1.X. The published CVSS score is 5.1 ...
CVE-2025-12455 Username Enumeration Observable Response Discrepancy vulnerability has been discovered in OpenText™ Vertica.
Observable response discrepancy vulnerability in OpenText™ Vertica allows Password Brute Forcing. The vulnerability could lead to Password Brute Forcing in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X...
CVE-2025-12455
Observable response discrepancy vulnerability in OpenText™ Vertica allows Password Brute Forcing. The vulnerability could lead to Password Brute Forcing in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X...
CVE-2025-12455 Username Enumeration Observable Response Discrepancy vulnerability has been discovered in OpenText™ Vertica.
Observable response discrepancy vulnerability in OpenText™ Vertica allows Password Brute Forcing. The vulnerability could lead to Password Brute Forcing in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X...
PT-2026-25342
🚨 CVE-2025-12453 Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects...
PT-2026-25344
🚨 CVE-2025-12455 Observable response discrepancy vulnerability in OpenText™ Vertica allows Password Brute Forcing. The vulnerability could lead to Password Brute Forcing in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0...
PT-2026-25370
CVE-2025-13460 IBM Aspera Console 3.3.0 through 3.4.8 could allow an attacker to enumerate usernames due to an observable response discrepancy. https://t.co/sTiAd3lLOs...
PT-2026-25369
CVE-2025-13459 IBM Aspera Console 3.3.0 through 3.4.8 could allow a privileged user to cause a denial of service due to improper enforcement of behavioral workflow. https://t.co/W7lEJblKfL...
PT-2026-25343
🚨 CVE-2025-12454 Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects...
OPENSUSE-SU-2026:10367-1 ruby4.0-rubygem-web-console-4.2.1-1.9 on GA media
These are all security issues fixed in the ruby4.0-rubygem-web-console-4.2.1-1.9 package on the GA media of openSUSE Tumbleweed...
PT-2026-25368
CVE-2025-13212 IBM Aspera Console 3.3.0 through 3.4.8 could allow an authenticated user to cause a denial of service in the email service due to improper control of interaction freq… https://t.co/nwziIco8rT...
runc: container escape with malicious config due to /dev/console mount and related races
A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...