Mlflow <2.8.0 - Local File Inclusion

Mlflow before 2.8.0 is susceptible to local file inclusion due to path traversal in GitHub repository mlflow/mlflow. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2023-6977...

Mozilla Firefox Security Advisory (MFSA2025-87) - Linux

The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2025-87. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

EUVD-2018-14851

Malware in sbrugna...

EUVD-2019-12115

Malware in sbrugna...

EUVD-2017-1783

Malware in sbrugna...

EUVD-2020-22466

Malware in sbrugna...

EUVD-2021-16847

Malware in sbrugna...

EUVD-2017-1907

Malware in sbrugna...

EUVD-2018-14703

Malware in sbrugna...

EUVD-2021-16616

Malware in sbrugna...

EUVD-2025-11035

Malicious code in bioql PyPI...

Debian: Security Advisory (DLA-4246-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-4079-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-2911

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracl...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security weakness in Certifi python-certifi [CVE-2024-39689]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security weakness in Certifi python-certifi, caused by the use of GLOBALTRUST root certificate CVE-2024-39689. Certifi python-certifi is used by our Speech Service runtimes. This vulnerabilitiy has been...

Security Bulletin: IBM Maximo Application Suite - AI Broker Component component uses spring-webflux-6.1.13.jar which is vulnerable to this CVE-2024-38819

Summary Security Bulletin: IBM Maximo Application Suite - AI Broker Component component uses spring-webflux-6.1.13.jar which is vulnerable to this CVE-2024-38819. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-38819 DESCRIPTION...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to spring-webmvc-6.1.12.jar CVE-2024-38816

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to spring-webmvc-6.1.12.jar CVE-2024-38816. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-38816 DESCRIPTION: VMware Tanzu Spring Security could allow a remote...

Security Bulletin: Vulnerability in libxml2 (CVE-2024-25062) affects Power HMC.

Summary The libxml2 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-25062 DESCRIPTION: An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD...

Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to server-side request forgery CVE-2024-39573

Summary Apache HTTP Server is used by the IBM Datapower Operations Dashboard implementation of network operations Vulnerability Details CVEID:CVE-2024-39573 DESCRIPTION: Apache HTTP Server is vulnerable to server-side request forgery, caused by a flaw in the modrewrite. By sending a specially...

Security Bulletin: Vulnerability in BIND affects IBM Integrated Analytics System [CVE-2024-1737]

Summary Redhat provided BIND is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2024-1737 Vulnerability Details CVEID:CVE-2024-1737 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an error when content is being...