988 matches found
CVE-2026-9492
The MBStorage DRAM lighting control module within Gigabyte Control Center GCC developed by GIGABYTE Technology has an Improper Access Control vulnerability. Authenticated local attackers can send specific IOCTL commands through the driver MyPortIOx64.sys bundled with the module, thereby arbitrari...
CVE-2026-9492
CVE-2026-9492 affects Gigabyte Control Center (GCC) MBStorage DRAM lighting control module. The vulnerability resides in the MyPortIO_x64.sys driver, where improper access control allows authenticated local attackers to issue IOCTL commands that can read and write physical memory, leading to kern...
Security Bulletin: IBM Sterling Control Center is affected by a vulnerability in jetty-ee10-jaspi (CVE-2026-5795)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-5795 reported for jetty-ee10-jaspi-12.0.25.jar . Vulnerability Details CVEID:CVE-2026-5795 DESCRIPTION: In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variabl...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in activemq-all (CVE-2026-40466 and CVE-2026-41044)
Summary IBM Sterling Control Center is affected by vulnerabilities CVE-2026-40466 and CVE-2026-41044 reported for activemq-all-5.19.0.jar. Vulnerability Details CVEID:CVE-2026-40466 DESCRIPTION: Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in spring-boot (CVE-2026-40973, CVE-2026-40975, CVE-2026-40977)
Summary IBM Sterling Control Center is affected by vulnerabilities CVE-2026-40973, CVE-2026-40975, CVE-2026-40977 reported for spring-boot-3.4.11.jar. Vulnerability Details CVEID:CVE-2026-40973 DESCRIPTION: A local attacker on the same host as the application may be able to take control of the...
Security Bulletin: IBM Sterling Control Center is affected by a vulnerability in spring-boot-autoconfigure (CVE-2026-40974)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-40974 reported for spring-boot-autoconfigure-3.4.11.jar. Vulnerability Details CVEID:CVE-2026-40974 DESCRIPTION: Spring Boot's Cassandra auto-configuration does not perform hostname verification when establishing an SSL...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in IBM Semeru Runtime Quarterly CPU - Apr 2026
Summary IBM Sterling Control Center is affected by vulnerabilities CVE-2026-34282, CVE-2026-22016, CVE-2026-23865, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-22008, CVE-2026-34268, CVE-2026-22007, CVE-2026-6918 reported for IBM Semeru Runtime Quarterly CPU - Apr 2026 - Includes...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in Bouncy Castle bcprov-jdk (CVE-2025-14813, CVE-2026-5598)
Summary IBM Sterling Control Center is affected by vulnerabilities CVE-2025-14813, CVE-2026-5598 reported for bcprov-jdk18on-1.81.jar. Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JA...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in spring-security-web (CVE-2026-22732)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-22732 reported for spring-security-web-6.4.12.jar. Vulnerability Details CVEID:CVE-2026-22732 DESCRIPTION: When applications specify HTTP response headers for servlet applications using Spring Security, there is the...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jasperreports (CVE-2025-10492)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-10492 reported for jasperreports-7.0.2.jar. Vulnerability Details CVEID:CVE-2025-10492 DESCRIPTION: A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in activemq-all (CVE-2025-66168)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-66168 reported for activemq-all-5.19.0.jar. Vulnerability Details CVEID:CVE-2025-66168 DESCRIPTION: WARNING: Users of 6.x should upgrade to 6.2.4 or later as the fix was missed in previous 6.x releases. See the following...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jetty-http (CVE-2026-2332)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-2332 reported for jetty-http-12.0.25.jar. Vulnerability Details CVEID:CVE-2026-2332 DESCRIPTION: In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "fun...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jetty-server (CVE-2026-1605)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-1605 reported for jetty-server-12.0.25.jar. Vulnerability Details CVEID:CVE-2026-1605 DESCRIPTION: In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in activemq-all (CVE-2026-34197)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-34197 reported for activemq-all-5.19.0.jar. Vulnerability Details CVEID:CVE-2026-34197 DESCRIPTION: Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broke...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in activemq-all (CVE-2026-39304)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-39304 reported for activemq-all-5.19.0.jar. Vulnerability Details CVEID:CVE-2026-39304 DESCRIPTION: Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jetty-http (CVE-2025-11143)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-11143 reported for jetty-http-12.0.25.jar. Vulnerability Details CVEID:CVE-2025-11143 DESCRIPTION: The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differentia...
Exploit for Incorrect Authorization in Polkit_Project Polkit
CVE-2021-3560-Polkit-Privilege-Esclation PoC Original rese...
CVE-2026-35207
dde-control-center is the control panel of DDE, the Deepin Desktop Environment. plugin-deepinid is a plugin in dde-control-center, which provides the deepinid cloud service. Prior to 6.1.80, plugin-deepinid is configured to skip TLS certificate verification when fetching the user's avatar from...
EUVD-2026-20991
dde-control-center is the control panel of DDE, the Deepin Desktop Environment. plugin-deepinid is a plugin in dde-control-center, which provides the deepinid cloud service. Prior to 6.1.80, plugin-deepinid is configured to skip TLS certificate verification when fetching the user's avatar from...
CVE-2026-35207 deepinid plugin in dde-control-center is configured to skip TLS certificate verification when downloading avatar from remote server
dde-control-center is the control panel of DDE, the Deepin Desktop Environment. plugin-deepinid is a plugin in dde-control-center, which provides the deepinid cloud service. Prior to 6.1.80, plugin-deepinid is configured to skip TLS certificate verification when fetching the user's avatar from...