1627 matches found
CVE-2026-13449 XXE attack in IBM Business Automation Manager Open Editions
IBM Business Automation Manager Open Editions 9.0.0 through 9.4.2 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...
EUVD-2026-40389
IBM Business Automation Manager Open Editions 9.0.0 through 9.4.2 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...
Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed in IBM Business Automation Manager Open Editions 9.5.0 Vulnerability Details CVEID:CVE-2026-13449 DESCRIPTION: IBM Business Automation Manager Open Editions is vulnerable t...
Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed in IBM Business Automation Manager Open Editions 9.5.0 Vulnerability Details CVEID:CVE-2026-33871 DESCRIPTION: Netty is an asynchronous, event-driven network application...
PT-2026-53970
Name of the Vulnerable Software and Affected Versions IBM Business Automation Manager Open Editions versions 9.0.0 through 9.4.2 Description An XML external entity injection XXE occurs when processing XML data. This allows a remote attacker to expose sensitive information or consume memory...
Microsoft Windows RDP 缓冲区错误漏洞
Microsoft Windows is an operating system used by personal devices by the American company Microsoft. Microsoft Windows has a buffer error vulnerability. Attackers can exploit this vulnerability to obtain sensitive information. The following products and versions are affected: Windows App Client f...
Microsoft Windows Performance Monitor 数字错误漏洞
Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a vulnerability in input validation of Microsoft Windows. Attackers can exploit this vulnerability to execute code remotely. The following products and versions are affected: Windows 11...
Microsoft Windows Cryptographic Services 授权问题漏洞
Microsoft Windows Cryptographic Services are encryption services provided by Microsoft Corporation. There is an authorization issue vulnerability in Microsoft Windows Cryptographic Services. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions ar...
Microsoft Windows Media Center 缓冲区错误漏洞
Microsoft Windows Media is a series of media playback and management software developed by the American company Microsoft. There are security vulnerabilities in Microsoft Windows Media. Attackers can exploit these vulnerabilities to execute code. The following products and versions are affected:...
Microsoft Windows Application Identity (AppID) Subsystem 日志信息泄露漏洞
Microsoft Windows is an operating system used by personal devices by the American company Microsoft. Microsoft Windows has information leakage vulnerabilities. Attackers can exploit these vulnerabilities to obtain sensitive information. The following products and versions are affected: Windows...
Microsoft Windows NT OS Kernel 缓冲区错误漏洞
The Microsoft Windows NT OS Kernel is the core of the Windows operating system developed by Microsoft Corporation. It is responsible for managing system resources, providing hardware abstraction, and ensuring system security and stability. There are security vulnerabilities in the Microsoft Windo...
Microsoft Remote Desktop Client 竞争条件问题漏洞
Microsoft Remote Desktop Client is a remote desktop client developed by Microsoft Corporation. The Microsoft Remote Desktop Client has vulnerabilities related to race conditions. The following products and versions are affected: Windows 10 Version 1809 for 32-bit systems, Windows 10 Version 1809...
Microsoft Kinect 权限许可和访问控制问题漏洞
The Microsoft Kinect is a motion input device developed by Microsoft Corporation. The Microsoft Kinect has an access control vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected: Windows Server 2025, Windows 10 Version...
Microsoft UxTheme 缓冲区错误漏洞
Microsoft UxTheme is a core system component built into the Windows operating system by Microsoft, used to render system windows, controls, and various graphical interface themes. There is a buffer overflow vulnerability in Microsoft UxTheme. Attackers can exploit this vulnerability to cause a...
Microsoft Windows UEFI 处理逻辑错误漏洞
Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There are security vulnerabilities in Microsoft Windows UEFI. Attackers can exploit these vulnerabilities to bypass certain features. The following products and versions are affected: Windows 11...
CVE-2026-3676
IBM Cloud APM, Base Private 8.1.4 and IBM Cloud APM, Advanced Private 8.1.4 IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of the Fenced...
CVE-2026-8716
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.7 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to access CI data from a different ref type than intended...
CVE-2026-8280 Allocation of Resources Without Limits or Throttling in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to cause denial of service through excessive memory consumption due to improper input validation...
CVE-2026-8280
Removed by vendor...
Microsoft Windows 访问控制错误漏洞
Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a vulnerability in access control of Microsoft Windows. Attackers can exploit this vulnerability to bypass certain functions. The following products and versions are affected: Windows 10...