Security Bulletin: IBM Cloud Pak for Data is vulnerable to Inefficient Regular Expression Complexity due to cross-spawn ( CVE-2024-21538 )

Summary Potential vulnerabilities in cross-spawn module CVE-2024-21538 has been identified that may affect IBM Cloud Pak for Data. Vulnerability Details CVEID:CVE-2024-21538 DESCRIPTION: Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to Regular...

Security Bulletin: IBM Robotic Process Automation is vulnerable to Clickjacking (CVE-2022-22503)

Summary IBM Robotic Process Automation could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks again...

Exploit for CVE-2025-29927

Next.js Middleware Bypass CVE-2025-29927 Proof of Concept T...

Security Bulletin: IBM Cloud Pak for Data is vulnerable to resource exhaustion attack due to github.com/Cloudflare/cfssl ( CVE-2023-39533 )

Summary github.com/Cloudflare/cfssl is used by IBM Cloud Pak for Data. CVE-2023-39533. Vulnerability Details CVEID:CVE-2023-39533 DESCRIPTION: libp2p go-libp2p is vulnerable to a denial of service, caused by a flaw during the signature verification. By sending a specially crafted request using...

Low: yajl

Issue Overview: No CVE associated with this advisory Affected Packages: yajl Issue Correction: Run dnf update yajl --releasever 2023.1.20230628 or dnf update --advisory ALAS2023-2023-214 --releasever 2023.1.20230628 to update your system. More information on how to update your system can be found...

Security Bulletin: IBM Content Navigator is vulnerable to missing authorization.

Summary IBM Content Navigator is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. Vulnerability Details CVEID:CVE-2022-43581 DESCRIPTION: IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9,...

skia/api_mock_gpu_canvas: Use-of-uninitialized-value in SkTHashTable<SkGlyph, SkPackedGlyphID, SkGlyph::HashTraits>::Hash

Project: https://skia.googlesource.com/skia.git Detailed report: https://oss-fuzz.com/testcase?key=5762384157736960 Project: skia Fuzzer: libFuzzerskiaapimockgpucanvas Fuzz target binary: apimockgpucanvas Job Type: libfuzzermsanskia Platform Id: linux Crash Type: Use-of-uninitialized-value Crash...

Fresh Email Script 1.0 Multiple Remote Vulnerabilities

No description provided by source. 1. +-----------------+-----------------+-----------------+ 2. +-----------------+Fresh Email Script+----------------+ 3. +-----------------versions: 1.0 to 1.11 - all 4. +-----------------exploits: file inclusion & cookie manipulation 5. +-----------------founde...

tcsh: unsafe tempfile in &lt;&lt; redirects

PROBLEM: /tmp echo 'hello world' rootfile /tmp chmod 600 rootfile /tmp ln -s rootfile sh$$ /tmp chown -h 666.666 sh$$ /tmp ls -l rootfile sh$$ -rw------- 1 root root 12 Oct 29 03:55 rootfile lrwxrwxrwx 1 666 666 8 Oct 29 03:56 sh12660 - rootfile /tmp cat BAR ? FOO ? BAR FOO o world /tmp ls -l...

glftpd.privpath.txt

Glftpd 1.18 till 1.21b8 current beta have a serious problem with the privpath directives.... It will probably be fixed in the comming 1.21b9 but i have included a quick fix in this one to prevent exploits of this bug. Thanx for Hoopy for the quick fix glftpd dev team. Problem: When you know the...

infradig_1225_5-3-00.txt

+++=== Written by Nemesystm, leader of the DHC ===== Visit us at dhc1.cjb.net You want 2 == Infradig 1.225 for Windows 95/98 downloaded from cnet.com Installed with the typical installation, no standard settings changed. This problem worked on: Windows 98 + IE5.0 The administration service runs o...

vintra.txt

From: Vytis Fedaravicius Subject: DOS in Vintra systems Mailserver software. Hello, There is a bug in a free MailServer software for Windows NT from Vintra systems http://www.vintra.com/mailsrvr.html . Any remote user can cause MTA to go nuts and make CPU ussage up to 99%, eat all available memor...