Lucene search
K

367 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/07/11 9:42 p.m.4 views

Security Bulletin: Db2 Query Management Facility is vulnerable to IBM SDK, Java Technology Edition Quarterly CPU - Apr 2025 - Includes Oracle April 2024 CPU plus CVE-2025-4447

Summary Db2 Query Management Facility is vulnerable to IBM SDK, Java Technology Edition Quarterly CPU - Apr 2025 - Includes Oracle April 2024 CPU plus CVE-2025-4447 Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component...

7.8CVSS7AI score0.00688EPSS
Exploits0Affected Software2
CNNVD
CNNVD
added 2025/05/26 12:0 a.m.3 views

Tcman Gim 安全漏洞

Tcman Gim is a facility management software from the Spanish company Tcman designed for use on mobile devices. A security vulnerability exists in Tcman Gim version v11, which stems from a lack of authorization and could lead to unauthorized access...

8.7CVSS6.6AI score0.00228EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/26 12:0 a.m.4 views

Tcman Gim 访问控制错误漏洞

Tcman Gim is a facility management software from Tcman Spain designed for use on mobile devices. An access control error vulnerability exists in Tcman Gim version v11 that stems from a lack of authentication and could lead to unauthorized access...

9.3CVSS6.8AI score0.00486EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:57 a.m.6 views

CVE-2024-27223

In EUTRANLCSDecodeFacilityInformationElement of LPPLcsManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure after authenticating the cell connection with no additional execution privileges needed. User interaction is n...

5.1CVSS6.5AI score0.0012EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:45 p.m.7 views

CVE-2022-29304

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /classes/master.php?f=delete Facility...

8.8CVSS8.1AI score0.0075EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:41 p.m.6 views

CVE-2022-28713

Improper authentication vulnerability in Scheduler of Cybozu Garoon 4.10.0 to 5.5.1 allows a remote attacker to obtain some data of Facility Information without logging in to the product...

5.3CVSS7AI score0.00996EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:22 p.m.4 views

CVE-2022-29994

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=facilities/managefacility=...

9.8CVSS8.1AI score0.01068EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:41 p.m.10 views

CVE-2010-3739

The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection aka CONNECT and AUTHENTICATION events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers...

6.4CVSS6.8AI score0.01102EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:21 a.m.8 views

CVE-2010-2151

Cross-site request forgery CSRF vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20, L30, and L40 allows remote attackers to hijack the authentication of users for requests that modify "facility reservation data" via unknown vectors...

2.6CVSS7.5AI score0.00847EPSS
Exploits0References1
OSV
OSV
added 2025/05/20 4:15 p.m.7 views

DEBIAN-CVE-2025-37940

In the Linux kernel, the following vulnerability has been resolved: ftrace: Add condresched to ftracegraphsethash When the kernel contains a large number of functions that can be traced, the loop in ftracegraphsethash may take a lot of time to execute. This may trigger the softlockup watchdog. Ad...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/19 12:0 a.m.5 views

Tiiwee X1 Alarm System 安全漏洞

Tiiwee X1 Alarm System is a home alarm system with motion detectors from Tiiwee. A security vulnerability exists in the Tiiwee X1 Alarm System that stems from an authentication bypass that could result in physical access to a protected facility without triggering an alarm...

7.6CVSS6.4AI score0.00555EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/05/06 12:0 a.m.3 views

Tcman Gim 代码问题漏洞

Tcman Gim is a facility management software from Tcman Spain designed for use on mobile devices. A code issue vulnerability exists in Tcman Gim version v11, which stems from an insufficient file upload limit and could lead to remote code execution...

9.8CVSS7.9AI score0.00588EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/06 12:0 a.m.4 views

Tcman Gim SQL注入漏洞

Tcman Gim is a facility management software from Tcman Spain designed for use on mobile devices. A SQL injection vulnerability exists in Tcman Gim version v11. The vulnerability stems from unvalidated input leading to a SQL injection attack that could obtain, update, and delete database informati...

9.8CVSS7.7AI score0.00361EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/29 3:40 p.m.20 views

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect z/Transaction Processing Facility

Summary There are multiple vulnerabilities in IBM® Semeru Runtime Certified Edition 11 that is used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21217 DESCRIPTION: Vulnerability in Java SE component: Serialization. Difficult to exploit...

5.3CVSS6.1AI score0.01157EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/19 4:0 p.m.24 views

Security Bulletin: z/Transaction Processing Facility is affected by a vulnerability in the Apache Mina SSHD package (CVE-2023-48795)

Summary The Apache Mina SSHD package is used by the z/TPF system as part of the z/TPF secure file transfer support. Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...

5.9CVSS7.5AI score0.9378EPSS
Exploits4Affected Software1
Cvelist
Cvelist
added 2025/01/30 4:49 a.m.16 views

CVE-2025-0662 Uninitialized kernel memory disclosure via ktrace(2)

In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14 uninitialized bytes of...

0.00348EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/30 4:49 a.m.5 views

CVE-2025-0662 Uninitialized kernel memory disclosure via ktrace(2)

In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14 uninitialized bytes of...

4.8AI score0.00348EPSS
Exploits0References1
CVE
CVE
added 2025/01/30 4:49 a.m.62 views

CVE-2025-0662

CVE-2025-0662 affects FreeBSD ktrace(2): the facility can log kernel structures to userspace and, in one case, dump a variable-sized sockaddr, copying the full sockaddr even when shorter, leaking up to 14 uninitialized bytes of kernel memory from a heap allocation to userspace. The issue is explo...

4.9CVSS6.2AI score0.00348EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/30 12:0 a.m.4 views

FreeBSD ktrace 安全漏洞

FreeBSD ktrace is a tool from the FreeBSD Foundation for tracing system calls. An information disclosure vulnerability exists in FreeBSD ktrace due to a flaw in the ktrace facility. An attacker can exploit the vulnerability to obtain the contents of kernel structure information...

4.9CVSS6AI score0.00348EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/15 10:53 p.m.31 views

Security Bulletin: Db2 Query Management Facility is vulnerable to IBM Semeru Runtime Quarterly CPU - Jan 2024 - Includes OpenJDK Jan 2024 CPU plus CVE-2024-22361

Summary Db2 Query Management Facility is vulnerable to IBM Semeru Runtime Quarterly CPU - Jan 2024 - Includes OpenJDK Jan 2024 CPU plus CVE-2024-22361 Vulnerability Details CVEID:CVE-2024-20932 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow a...

7.5CVSS6.2AI score0.01026EPSS
Exploits0Affected Software4
Rows per page
Query Builder