Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities

Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that allows an remote attacker to cause a hang or...

OneUptime 访问控制错误漏洞

OneUptime is a comprehensive solution developed by OneUptime OpenSource. It is used to monitor and manage your online services. Versions of OneUptime prior to 10.0.42 contained a access control vulnerability, which stems from the lack of authentication at the workflow execution endpoint. This...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and WebSphere Application Server Liberty due to the January 2026 CPU

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVEs listed in this document might affect some configurations of IBM WebSphere Application Server traditiona...

EUVD-2020-12015

Malware in sbrugna...

EUVD-2012-5075

Malware in sbrugna...

EUVD-2021-30334

Malicious code in bioql PyPI...

CVE-2025-32960 CUBA Generic REST API Vulnerable to Cross-Site Scripting (XSS) in the /files Endpoint

The CUBA REST API add-on performs operations on data and entities. Prior to version 7.2.7, the input parameter, which consists of a file path and name, can be manipulated to return the Content-Type header with text/html if the name part ends with .html. This could allow malicious JavaScript code ...

PT-2025-8934 · Ciges · Ciges

Name of the Vulnerable Software and Affected Versions: Ciges version 2.15.5 Description: A SQL Injection vulnerability has been found in Ciges, allowing an attacker to retrieve, create, update, and delete database entries via the $idServicio parameter in the /modules/ajaxBloqueaCita.php endpoint...

Oracle Fusion Middleware Security Vulnerability

Oracle Fusion Middleware Oracle Fusion Middleware and Oracle WebLogic Server are both products of Oracle Corporation.Oracle Fusion Middleware is a business innovation platform for enterprise and cloud environments. The platform provides middleware, software collections, and more.Oracle WebLogic...

Syska SW100 Security Vulnerability

Syska SW100 is a smartwatch from Syska. A security vulnerability exists in the Syska SW100 version V2 that stems from a misconfiguration and could allow an attacker to perform firmware updates, device reboots, or data operations on the target device...

OpenSearch Project Security Vulnerability

OpenSearch Project is OpenSearch Project open source a community-driven, Apache 2.0 licensed open source search and analytics suite. Making it easy to access, search, visualize and analyze data. A security vulnerability exists in OpenSearch. An attacker exploiting this vulnerability could perform...

Playing Doom on a John Deere tractor with Sick Codes: Lock and Code S03E18

In 1993, the video game developers at id Software released Doom, a first-person shooter that placed a nameless protagonist into the fiery depths of hell, equipped with an arsenal of weapons to mow down imps, demons, lost souls, and the intimidating "Barons of Hell." In 2022, the hacker Sick Codes...

CVE-2021-43399

The Yubico YubiHSM YubiHSM2 library 2021.08, included in the yubihsm-shell project, does not properly validate the length of some operations including SSH signing requests, and some data operations received from a YubiHSM 2 device...

CVE-2021-43399

The Yubico YubiHSM YubiHSM2 library 2021.08, included in the yubihsm-shell project, does not properly validate the length of some operations including SSH signing requests, and some data operations received from a YubiHSM 2 device...

CVE-2021-43399

Summary of CVE-2021-43399 (YubiHSM/YubiHSM2 in yubihsm-shell) A boundary/length validation vulnerability exists in the YubiHSM2 library version 2021.08 as included in yubihsm-shell, affecting operations such as SSH signing requests and certain data operations from a YubiHSM 2 device. Multiple sou...

Hackers, tractors, and a few delayed actors. How hacker Sick Codes learned too much about John Deere: Lock and Code S02E16

No one ever wants a group of hackers to say about their company: "We had the keys to the kingdom." But thats exactly what the hacker Sick Codes said on this weeks episode of Lock and Code, in speaking with host David Ruiz, when talking about his and fellow hackers efforts to peer into John Deeres...

Security Advisory YSA-2021-04 | Yubico

The YubiHSM library that is included in the yubihsm-shell project, does not properly validate the length of some operations including SSH signing requests and some data operations received from the YubiHSM 2...

CVE-2020-1130

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially...

CVE-2020-1130

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially...

Privilege escalation

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially...