Security Bulletin: IBM i is affected by a privilege escalation in IBM i SQL services [CVE-2025-36367]

Summary IBM i is vulnerable to privilege escalation caused by an invalid IBM i SQL services authorization check CVE-2025-36367 as described in the vulnerability details section. Vulnerability Details CVEID:CVE-2025-36367 DESCRIPTION: IBM i is vulnerable to privilege escalation caused by an invali...

AIX is vulnerable to denial of service due to zlib and zlibNX

IBM SECURITY ADVISORY First Issued: Wed Sep 28 13:38:50 CDT 2022 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/zlibadvisory.asc https://aix.software.ibm.com/aix/efixes/security/zlibadvisory.asc...

Security Bulletin: Vulnerabilities in Apache Log4j affect IBM Spectrum Protect Operations Center (CVE-2021-45105, CVE-2021-45046)

Summary Vulnerabilities in Apache Log4j could result in a denial of service or remote code execution. These vulnerabilities may affect the Help system in IBM Spectrum Protect Operations Center. The below fix packages include Apache Log4j 2.17 Vulnerability Details CVEID: CVE-2021-45105 DESCRIPTIO...

Persistence – Application Shimming

Microsoft in order to resolve the problem with legacy applications that are no compatible with newer Windows operating systems released the application compatibility toolkit ACT. This software enables system administrators and developers to create fix packages for installed applications. The...

Updated cups packages fix security vulnerability

Updated cups packages fix security vulnerability: Jann Horn discovered that CUPS permitted HTTP requests with the Host header set to "localhost.localdomain" from the loopback interface. If a user were tricked in to opening a specially crafted website in their web browser, an attacker could...

Updated ruby-mail packages fix security vulnerability

The Mail library does not impose a length limit on email addresses, so an attacker can send a long spam message via a recipient address unless there is a limit on the application's side. The attacker-injected message in the recipient address is processed by the server. This type of vulnerability...

AIX cmdlvm vulnerability,VIOS cmdlvm vulnerability

IBM SECURITY ADVISORY First Issued: Tue Jan 13 12:44:56 AM CST 2015 Updated: Tue Jan 20 08:37:23 CST 2015 Update: Added Acknowledgment Updated: Fri Jan 30 09:02:40 CST 2015 Update: Updated iFixes |Updated: Tue Feb 17 14:15:48 CST 2015 |Update: Updated 6.1.8 and 7.1.2 SPs The most recent version o...

Updated mupdf packages fix a buffer overflow

Updated mupdf packages fix security vulnerability: A stack-based buffer overflow was found in mupdf's xpsparsecolor function. An attacker could create a specially crafted XPS file that, when opened, could cause mupdf or an application using mupdf to crash...

AIX printer commands vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 IBM SECURITY ADVISORY First Issued: Wed Sept 25 15:55:39 CDT 2013 | Updated: Wed Feb 26 12:48:22 CDT 2014 | Update: Modified APAR availability dates and corrected | some APAR SP levels. | Update: 1. Replaced ifixes to resolve a prerequisite issue. | 2...

mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/mozilla-thunderbird-17.0.2-i486-1slack14.0.txz: Upgraded. This release contains security fixes and improvements...

Mandriva Update for urpmi MDVA-2010:098 (urpmi)

Check for the Version of urpmi OpenVAS Vulnerability Test Mandriva Update for urpmi MDVA-2010:098 urpmi Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Security Update: [CSSA-2002-SCO.22] OpenServer 5.0.5 OpenServer 5.0.6 : scoadmin command creates temporary files insecurely

To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: OpenServer 5.0.5 OpenServer 5.0.6 : scoadmin command creates temporary files insecurely Advisory number: CSSA-2002-SCO.22 Issue date: 2002 May 28 Cross reference...